Identity security has never been more vital – Partner Content


Identity security has become increasingly vital for enterprises and large government organisations, especially in the aftermath of Covid-19. As workers are now required to operate across increasingly disparate locations, time zones and devices across a hybrid physical and cloud environment, securing user identity is now a top priority for C-suite executives and their IT departments. 



It is essential executives implement a strong identity security strategy that ties into their business risks and opportunities. This means integrating robust cybersecurity solutions that complement organisations’ overall business strategies as seamlessly as possible in a timely and cost-effective way.

CyberArk is a leading identity security company with solutions designed to secure access to critical assets and data while enforcing least privilege, and enabling Zero Trust where necessary. CyberArk’s unified Identity Security Platform provides a comprehensive identity solution across a range of platforms and business applications including distributed workforces, hybrid cloud workloads and throughout the DevOps lifecycle. 

CyberArk SVP, PAM & Identity Security Barak Feldman says enterprises today recognise the major shift in cybersecurity of the past few years where identity theft has gone from being a relatively peripheral issue to one of the utmost importance for IT departments.

“Identities can log in from anywhere, which means that company data, or assets, are far more vulnerable, and identity security has become the last line of defence. In the past, power was centralised in an organisation, but business developers and third-party vendors are now gaining a lot more access to data. This means that the attack surface has grown exponentially, and it’s vital that it’s protected,” Feldman says.

“There’s also the issue of the widespread adoption of programmatic access automation scripts that can access data. This phenomenon has accelerated over the past few years and is extremely dangerous from an identity security standpoint as the attacker now has the potential to take over that automation and do significant damage at scale,” Feldman says.

“Since the pandemic, a lot of organisations have accelerated their move into the digital space and automation. Every industry from banking and retail to healthcare and government changed rapidly. Suddenly you have a huge number of identities that were created as a lot of business moved into the cloud.”

This increase in created identities means the attack service is now much larger. In almost every sector there are a lot more developers, a lot more in-house development of technology and a lot more power that is given to those developers. There are more users, which means a much greater potential for identity breaches and organisations need to know that they have full control over their access.

Solutions for a constantly changing landscape

There are increasingly large security breaches occurring globally and Australia is no exception to this phenomenon. These breaches have led to a greater visibility and awareness among large business and government organisations and their potential to adversely affect critical infrastructure.

CyberArk originally came from the privilege access management or PAM space, focussing on critical assets, or what Feldman refers to as the ‘keys to the kingdom’. That means understanding and securing the basics.

“I say to customers that before we get too excited and do all the really important things, let’s start with a foundation with the basics and that’s things like admin access, fire call, service accounts that again are the keys to the kingdom. That also means being able to monitor third-party users of critical infrastructure and how we can give those users permissions to do their job without compromising the security of the overall organisation,” Feldman says.

“We were recently recognised as a leader in the Gartner Magic Quadrant Reports for both Access Management and Privileged Access Management for our experience, maturity and focus, but above all for our innovation, which has become vital in the identity space over the past few years. We’re constantly thinking about the next challenges we’re likely to face around identity.”

 Future-proofing identity security

Discussing what’s next for organisations and what they should expect, Feldman said “Moving forward, cyber threats are likely to become increasingly sophisticated and identity security solutions will become more ingrained into IT security ecosystems. That means a continued focus on the basics such as password protection and strong authentication, and a stronger emphasis on reducing the attack surface. That means finding innovative ways to minimise damage once an attacker gets into a machine or a network, so risk mitigation will become increasingly important.”

“Artificial intelligence will play an increasingly proactive role in determining identity access points, and developing new factors for identification,” Feldman adds. In the meantime, however, the question for C-suite executive will remain, ‘what can we realistically achieve with the resources we have and how do we stay focussed on the most pressing risks?’ Fortunately, CyberArk can provide the solutions for those challenges now in a timely and cost-effective way across their entire IT ecosystems.

Learn more on securing Critical Infrastructure in Australia

 



Source link