Okta, NCC Group partner for enhanced CIAM & cyber security
The partnership brings together NCC Group's experience in cybersecurity services with Okta's solutions in CIAM, enterprise identity and access management (IAM), and adaptive multi-factor authentication (MFA).
Comprehensive security offering
By combining the respective strengths of both companies, the partnership provides businesses with end-to-end IAM services. These include threat intelligence insights, continuous monitoring, protection mechanisms, and compliance with regulatory requirements.
NCC Group will deliver CIAM services through advisory, implementation, and managed offerings. The approach expands NCC Group's IAM capabilities with particular focus on customer identity, using Okta's platform along with NCC Group's professional services, Identity Insights solution, and online exposure monitoring. These services also aim to secure supply chain ecosystems by mapping attack paths and integrating risk mitigation and compliance management features.
Mitigating identity attack risks
NCC Group's expertise in CIAM targets specific security vulnerabilities exploited by malicious actors. Techniques such as brute-force attacks, credential stuffing, and session hijacking are addressed with proactive identification and mitigation strategies. The deployment of identity proofing and verification ensures that only legitimate users access systems, while blocking malicious traffic from bots helps reduce the impact of automated attacks. This collaboration aims to bolster the security of both customer and business data, including financial information, and to defend against vulnerabilities in the supply chain.
Securing platforms and data services
Beyond CIAM, the partnership encompasses measures to secure platforms and services that host customer-facing solutions and data. This includes assessment services for both on-premise and cloud environments, using Okta's identity security posture management (ISPM) to generate insights into potential cloud risks. NCC Group's identity security insights solution also highlights on-premise risks and addresses process failures across both human and non-human accounts.
By leveraging Okta's ISPM, NCC Group can quickly identify, remediate, and manage identity risks, adopting a data-driven approach tailored to the digital identity risks facing each client and focusing on controlling identity sprawl. "Since launching our Digital Identity security service in September 2024, we have focused significant efforts on ensuring our leading CIAM services leverage our full portfolio of capabilities. By combining our online exposure monitoring capabilities and visibility of credentials exposed on the deep and dark web with Okta's technology, we can deliver CIAM solutions that offer a greater depth of insight to mitigate the attack vectors being used by malicious actors today. Offering clients the convenience of CIAM as a service through our established and mature Global Managed Services enables clients to focus on their core business operations with assurance that their CIAM needs are securely managed. Partnering with Okta provides us with exceptional customer identity and access management solutions. Together with our people-powered cyber resilience experience, we are creating a class-defining offering in customer identity management," Derek Gordon, Digital Identity Practise Lead at NCC Group, commented.
Industry perspectives "Identity is the foundation of trust in digital business. We believe that there's a massive opportunity for partners to help customers leverage identity to innovate, mitigate the growing threat landscape, and most importantly, protect their customer data. The partnership with NCC Group reinforces our commitment to being partner first. It will allow businesses across Europe to really embrace the power of identity and utilise solutions such as CIAM, enterprise IAM, and adaptive MFA to create a robust security suite. We're only just getting started and excited for a future with NCC and partners at the core of our business," Jorgen Espelund, interim EMEA Partner Lead at Okta, comments.
NCC Group has directed sustained investment towards CIAM in recent years, placing customer data protection and risk reduction at the forefront of its security offerings using both technology and threat intelligence. Okta's involvement enhances the focus on compliance and governance, while also providing clients with adaptive and scalable security solutions in a period of rising digital threats.
Follow us on:
Share on:
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Techday NZ
2 days ago
- Techday NZ
Global ransomware attacks drop 43% but threats evolve quickly
Ransomware attacks worldwide declined by 43% in the second quarter, yet threats continue to adapt and evolve according to a new report from NCC Group. The report found a notable decrease in global ransomware activity, with incidents dropping by six percent month-on-month in June, amounting to 371 cases. Over the quarter, attacks fell by 1180 cases compared with the previous quarter. Experts attribute the reduction to seasonal slowdowns, including holiday observances such as Easter and Ramadan, as well as increased law enforcement interventions disrupting key ransomware operators. Analysis suggested the downturn may be temporary, with warnings that cybercriminals are likely to use this time to regroup and adopt more sophisticated social engineering strategies. Key disruptions in the ransomware ecosystem have opened opportunities for emerging groups to exploit gaps and continue targeting organisations. Sectors under attack The industrial sector remained the most targeted, experiencing 27% of all recorded attacks in June. Across the entire quarter, industrials represented nearly 30% of ransomware incidents, reaffirming the sector's prominence as a target for cybercriminals. Attacks on the consumer discretionary sector, which includes retail, dropped notably from 102 incidents in May to 76 in June, coinciding with reduced activity from the Scattered Spider group. Previously, Scattered Spider had claimed responsibility for prominent attacks on major retailers such as Marks & Spencer and the Co-op in May. Healthcare was the third most targeted sector, recording 42 attacks in June, almost double the figures reported in May. The information technology sector followed, with 33 attacks during June. Threat groups' activities In June, the ransomware group Qilin was named the most active, responsible for 16% of all attacks - rising from third place in May - and increasing its activity from 95 incidents in the first quarter to 151 in the second quarter. Qilin has increasingly targeted both industrial and IT sectors and now offers legal assistance to its affiliates, helping them navigate law enforcement risks and improve their ability to pressure victims into paying ransoms. This is seen as indicative of the more structured, business-oriented approach developing within ransomware-as-a-service models. Akira was the second most active group in June with 31 recorded attacks, rising from its fourth-place ranking in May, while the Play group fell to third with 29 incidents. The SafePay group followed, dropping to fourth place with 27 attacks after suspicions of a recent rebranding. Geographical impact North America experienced the highest proportion of ransomware attacks, accounting for 58% of incidents in June and 52% across the entire second quarter. Europe saw a decrease in attacks by 8% to make up 21% of global cases, fewer than half the number reported in North America. Asia was the origin of 12% of attacks, with South America recording the smallest regional share at four percent. Cyber warfare and political motives The report observed that ransomware is increasingly being used as part of political and cyber warfare tactics. In June, the Handala group - a pro-Palestine entity - claimed responsibility for targeting 17 Israeli organisations in the aftermath of significant regional conflict between Iran and Israel. The timing of the attacks, which began immediately following Israeli strikes on Iran, indicated a likely retaliatory motivation and suggested that ransomware could become further entrenched as a political tool. The UK Government's recent Industrial Strategy has highlighted the importance of cybersecurity in protecting vital national interests. Increased cyber warfare activity is leading to more robust state-level responses and driving the adoption of cybersecurity-focused policies globally. "The volume of victims being exposed on Ransomware leak sites might be declining but this doesn't mean threats are reduced. Law enforcement crackdowns and leaked ransomware source code is possibly a contributing factor as to a drop in activity, but ransomware groups are using this opportunity to evolve through rebranding and the use of advanced social engineering tactics. We've already tracked 86 new and existing active attack groups this year, and we're on course to surpass 2024's record. The increased number of attackers means a broader range of attack methods that businesses need to be prepared for. Both organisations and nations should take this as a sign to remain vigilant. Investing in cyber security and intelligence-led defences is the key to staying ahead of increasingly agile threat actors." These comments from Matt Hull, Global Head of Threat Intelligence at NCC Group, reflect ongoing concerns that while raw attack numbers may have declined, the risk from ransomware remains significant due to the continued evolution of both criminal tactics and the number of threat actors.
Techday NZ
17-07-2025
- Techday NZ
Okta, NCC Group partner for enhanced CIAM & cyber security
Okta has partnered with NCC Group to deliver enhanced customer identity and access management (CIAM) services for organisations worldwide. The partnership brings together NCC Group's experience in cybersecurity services with Okta's solutions in CIAM, enterprise identity and access management (IAM), and adaptive multi-factor authentication (MFA). Comprehensive security offering By combining the respective strengths of both companies, the partnership provides businesses with end-to-end IAM services. These include threat intelligence insights, continuous monitoring, protection mechanisms, and compliance with regulatory requirements. NCC Group will deliver CIAM services through advisory, implementation, and managed offerings. The approach expands NCC Group's IAM capabilities with particular focus on customer identity, using Okta's platform along with NCC Group's professional services, Identity Insights solution, and online exposure monitoring. These services also aim to secure supply chain ecosystems by mapping attack paths and integrating risk mitigation and compliance management features. Mitigating identity attack risks NCC Group's expertise in CIAM targets specific security vulnerabilities exploited by malicious actors. Techniques such as brute-force attacks, credential stuffing, and session hijacking are addressed with proactive identification and mitigation strategies. The deployment of identity proofing and verification ensures that only legitimate users access systems, while blocking malicious traffic from bots helps reduce the impact of automated attacks. This collaboration aims to bolster the security of both customer and business data, including financial information, and to defend against vulnerabilities in the supply chain. Securing platforms and data services Beyond CIAM, the partnership encompasses measures to secure platforms and services that host customer-facing solutions and data. This includes assessment services for both on-premise and cloud environments, using Okta's identity security posture management (ISPM) to generate insights into potential cloud risks. NCC Group's identity security insights solution also highlights on-premise risks and addresses process failures across both human and non-human accounts. By leveraging Okta's ISPM, NCC Group can quickly identify, remediate, and manage identity risks, adopting a data-driven approach tailored to the digital identity risks facing each client and focusing on controlling identity sprawl. "Since launching our Digital Identity security service in September 2024, we have focused significant efforts on ensuring our leading CIAM services leverage our full portfolio of capabilities. By combining our online exposure monitoring capabilities and visibility of credentials exposed on the deep and dark web with Okta's technology, we can deliver CIAM solutions that offer a greater depth of insight to mitigate the attack vectors being used by malicious actors today. Offering clients the convenience of CIAM as a service through our established and mature Global Managed Services enables clients to focus on their core business operations with assurance that their CIAM needs are securely managed. Partnering with Okta provides us with exceptional customer identity and access management solutions. Together with our people-powered cyber resilience experience, we are creating a class-defining offering in customer identity management," Derek Gordon, Digital Identity Practise Lead at NCC Group, commented. Industry perspectives "Identity is the foundation of trust in digital business. We believe that there's a massive opportunity for partners to help customers leverage identity to innovate, mitigate the growing threat landscape, and most importantly, protect their customer data. The partnership with NCC Group reinforces our commitment to being partner first. It will allow businesses across Europe to really embrace the power of identity and utilise solutions such as CIAM, enterprise IAM, and adaptive MFA to create a robust security suite. We're only just getting started and excited for a future with NCC and partners at the core of our business," Jorgen Espelund, interim EMEA Partner Lead at Okta, comments. NCC Group has directed sustained investment towards CIAM in recent years, placing customer data protection and risk reduction at the forefront of its security offerings using both technology and threat intelligence. Okta's involvement enhances the focus on compliance and governance, while also providing clients with adaptive and scalable security solutions in a period of rising digital threats. Follow us on: Share on:
Techday NZ
17-07-2025
- Techday NZ
AWS unveils AgentCore suite & invests USD $100 million in AI agents
AWS has introduced new tools and investments aimed at supporting organisations to build and deploy AI agents securely and at scale. Central to these developments is Amazon Bedrock AgentCore, a suite of seven core services that enable companies to develop, deploy and manage enterprise-grade AI agents. The announcement also includes an expanded AWS Marketplace for AI tools and agents, and an investment of USD $100 million in the AWS Generative AI Innovation Centre to accelerate agentic AI development. AgentCore features Amazon Bedrock AgentCore provides a framework-agnostic set of services designed to support the transition from AI experimentation to enterprise deployment. The suite covers runtime, memory, identity, tool integration, code interpretation, web browsing, and observability, aiming to address key technical and governance needs for production-ready AI agents. Swami Sivasubramanian, AWS Vice President for Agentic AI, outlined the company's strategy. He emphasised that AI agents - autonomous software systems that reason, plan, and adapt - could significantly accelerate productivity and outcomes in multiple industries. He said: "It's a tectonic change in a few dimensions. It upends the way software is built. It also introduces a host of new challenges to deploying and operating it, and potentially most impactfully, it changes how software interacts with the world - and how we interact with software." AgentCore's seven core services are designed to meet different operational aspects of running secure and scalable AI agents: AgentCore Runtime supports both low-latency interactive experiences and complex asynchronous workloads for up to eight hours, and provides session isolation in a framework-agnostic manner. supports both low-latency interactive experiences and complex asynchronous workloads for up to eight hours, and provides session isolation in a framework-agnostic manner. AgentCore Memory offers long-term and short-term memory functionalities for agents to maintain context, aiming for high accuracy across memory types. offers long-term and short-term memory functionalities for agents to maintain context, aiming for high accuracy across memory types. AgentCore Identity integrates seamlessly with existing identity providers, such as Amazon Cognito, Microsoft Entra ID, and Okta, to secure and manage agent authentication. integrates seamlessly with existing identity providers, such as Amazon Cognito, Microsoft Entra ID, and Okta, to secure and manage agent authentication. AgentCore Gateway enables secure access to a variety of digital tools, allowing easy transformation of APIs, Lambda functions, and existing services into agent-compatible resources. enables secure access to a variety of digital tools, allowing easy transformation of APIs, Lambda functions, and existing services into agent-compatible resources. AgentCore Code Interpreter allows agents to execute code safely in sandboxed environments and can be tailored to meet varying security and instance requirements. allows agents to execute code safely in sandboxed environments and can be tailored to meet varying security and instance requirements. AgentCore Browser Tool gives AI agents secure web access for automated online tasks, suitable for operations such as web form completion or navigating websites. gives AI agents secure web access for automated online tasks, suitable for operations such as web form completion or navigating websites. AgentCore Observability leverages Amazon CloudWatch for real-time monitoring, dashboards, and telemetry, while integrating with customers' observability systems. Customer organisations including Itaú Unibanco, Innovaccer, Boomi, Epsilon, and Box have begun utilising AgentCore as they seek to embed AI agents into their operations. Secure & production-ready According to Sivasubramanian, these services are aimed at helping customers as models and use cases evolve, allowing businesses to maintain secure deployment while scaling their AI capabilities. He highlighted the need for systems that can adapt as requirements change and said: "Building systems that can act autonomously across digital boundaries, while maintaining the security, reliability, and governance standards required for enterprise deployment, is a critical challenge. AgentCore helps developers bridge the critical gap between proof of concept and production for AI agents. It delivers a set of composable solutions that allows organizations to move agents from prototypes to applications that can scale to millions of end-users." Marketplace expansion AWS is expanding its Marketplace to introduce a new category, AI Agents and Tools. This aims to help enterprises discover, purchase, and deploy AI agent solutions from a selection of providers. The intention is to streamline the process for organisations seeking to adopt AI agents, providing access to solutions and professional services for building, maintaining, and deploying agents at scale. Sivasubramanian discussed this expansion during his remarks at the AWS Summit in New York, saying customers have access to a one-stop shop to accelerate the development of their AI initiatives. Customers leveraging these Marketplace solutions are expected to benefit from streamlined integration and delivery, with the support of specialist service providers. Investment AWS also announced a further USD $100 million for the AWS Generative AI Innovation Centre to support the development and deployment of agentic AI. This investment is designed to help businesses build and scale AI agents tailored to specific industry needs, supporting customers at various stages of their AI adoption journeys. Additional enhancements to Amazon Nova were announced, offering customers improved customisation for building specific AI capabilities with higher accuracy and flexibility. With these latest announcements, AWS aims to provide a more robust platform and ecosystem for organisations interested in deploying secure, scalable AI agents in production environments.
