Clik here to view.
More than 70% of security breaches in the last decade have listed identity as the primary source of entry. It's something companies must get right. CyberArk VP Khizar Sultan says its solutions can identify and protect high-risk users, those whose job puts them in contact with valuable data and finances.
CyberArk VP Identity Solutions Khizar Sultan has been in Australia to speak about critical security challenges at the CyberArk Impact World Tour in Sydney. CyberArk Impact is the company's big annual tech user conference, kicking off in the USA and then travelling over the globe to ensure it meets customers where they're at. There have been around 20 of these through Asia, Europe, and elsewhere, with Sydney taking place during October.
There is certainly no shortage of things to talk about. While network administrators once spoke about the building as the 'network perimeter', today there is no perimeter. The entire Internet is your perimeter with remote working, 24x7x365 business, follow-the-sun models, and more. Yet, at the same time, cybercriminals show no sign of abating, only increasing their efforts. Identity remains a major weak point where companies are exploited, but CyberArk points out identities are exploding in scale.
Fortunately, CyberArk is on the job. "The product protects workforce users, protecting their access to applications, and the entire user lifecycle," Sultan told iTWire. "It protects the high-risk workforce user - which could be anybody depending on what action they take or what they may be logging into, throughout the day."
To illustrate, "imagine someone from the Finance team doing a normal part of their job like approving a purchase or making a transaction. These are high-risk actions, and they've become a high-risk workforce user while they perform that action."
{loadposition david08}
The high-risk user can change throughout the day, and is based on people's roles and actions. To be clear, it's not the user who is high-risk in themselves, but the actions they perform and their access to data, to systems, to finances, to confidential records, that make them high-risk at that time.
Here's where CyberArk comes in; "we specialise in that persona. We provide additional capabilities and controls to protect the user, the session, the organisation from risk or threat," Sultan said.
"Every department in the organisation has this concept of high-risk user," he said. Finance is an obvious example with access to company funds, "but consider an ancilliary department like Marketing," Sultan said. "They have access to social media accounts and these can be high risk. If an account or credential was compromised it can cause a lot of chaos. The attacker can use the social media accounts to execute a larger plan."
It's the for sales, product, engineering, and all other departments across the business. Even software developers "who often sit outside a lot of the control schemes and tooling because of the nature of their job", Sultan said, who have access to API keys, sandbox environments, and other things living inside of their endpoints.
You might not think of specific people in the business as "high-risk" but what they have access to needs to be protected all the same.
However, "traditional tools in the market today - SSO, MFA, endpoint protection - don't cover for these," Sultan said. Instead, you need a new kind of tool. "We've introduced AI tools to read into user actions, events, and sessions, and see what type of actions users are taking. It can pick up insider threats or other indicators that something is occuring outside of normal activity, notifying the organisation and its administrators."
Additionally, Sultan explained, CyberArk released its CyberArk secure browser earlier in the year. This is an enterprise-grade, security-first browser that CyberArk makes available for free to its CyberArk Identity Platform customers.
"The CyberArk secure browser starts with the idea that today we interact with the organisation and apps in the cloud. Typically people use commercial browsers they download for free like Chrome, Edge, or Firefox," he said.
Yet, "these browsers don't have your security or privacy in mind like an enterprise browser would, because they're trying to sell you ads. They don't have your productivity in mind."
The CyberArk secure browser hones in security, privacy, and productivity. "It eliminates ad-tracking, eliminates the commercial-like delivery of information to the browser's owner, and so on," Sultan said.
For enterprise administrators, the browser also provides a rich suite of controls baked right into the browser to help the organisation manage credentials and secured items, and turn off the ability for user's to exfilitrate credentials. In fact, "we have over 100 security controls inside the admin console," Sultan said.
"The user identifies within the browser, which is turned on by default, and when navigating to any of your resources they will be more protected. It has session monitoring that snapshots every step taken when performing high-risk actions, and allows for auditing, as well as for AI to inspect and look for trends."
This AI is known as CyberArk Cora AI, and it works through all the collected CyberArk telemetry data to find trends and patterns, learning about behaviour, and gaining general threat intelligence from the overall customer base.
In other news, CyberArk has been deploying AI chatbots trained on its support and documentation sites to provide a greater experience for CyberArk administrators, allowing them to ask questions and get help in configuring and deploy their environment.
Security is never-ending, of course, and Sultan told iTWire he and the company are now busy working on their 2025 roadmap. "What's coming next year will push the envelope to keep protecting the workforce," he said.
"One of the really interesting things we're doing will be taking our endpoint solutions and merging them with identity solutions. It will enforce least-privilege and managed privilege on your machine so if you have CyberArk on your laptop the organisation could prevent you doing certain administrative items like plugging in a USB storage device, for example, or challenging for MFA when launching certain apps."
Preventing ransomware is top of mind, Sultan explained. "We've got all these solutions that are in the endpoint story and we want to bring them together with the identity story. We're bringing those two together to protect every step of the user's digital journey."
For example, Sultan said, "this morning you started your laptop and logged in via a password or touch ID or Windows Hello or something like that, and typically ended up in some sort of app like Office 365, Salesforce, Dropbox, whatever, to get your job done."
"Protecting the workforce end-to-end every step of the way is what we're leaning heavily into next year, protecting every step from the endpoint to the app."
"This is the vision and story my group talking about and building towards," Sultan said.