More Thoughts on Vendor Consolidation in the Security Market

In my last blog post, I discussed a new major trend in the security market, which is that security buyers are increasingly looking to consolidate vendors and want more of a platform approach to security versus stitching together point solutions. Besides hearing this directly from customers over the last few months, I documented in the blog how two different analysts, who were both doing comprehensive security customer surveys, both independently found that around “70% of enterprise security buyers are consolidating vendors.”  In this blog post I want to further elaborate on this trend and share some additional data points that…

How to Stop the Breach in a Hybrid Enterprise

Has your enterprise experienced a data breach in the past two years? If so, it’s time for a wake-up call. In fact, 66% of organizations reported falling victim to a breach an average of five or more times during that time span. The security status quo is a slippery slope. Enterprise networks have expanded beyond the well-defined boundaries that used to protect our important assets from falling into the wrong hands and a new security reality has set in. Traditional security methods can’t protect your organization from breaches, and failure to recognize this new reality leaves your business at risk…

New Trend in the Security Space: Customers Want Vendor Consolidation and a Platform Approach

Starting late last year, I kept on hearing a growing drumbeat from customers that they were highly interested in consolidating the breadth of security vendors and products that they use internally to secure their enterprise. In past years, the talk by customers regarding “vendor consolidation” typically had been more in terms of the purchasing process and not having to deal with getting contracts and negotiating with yet another vendor. This time it was different — it has become clear to customers that having disjointed point solutions leave significant air gaps with regard to securing their enterprise, and that customers are…

Announcing Centrify’s New Analytics Service

After about two years of incredible hard work from the Centrify team, I am excited to announce the Centrify Analytics Service! Our goal for Centrify Analytics Service is to extend the Centrify Identity Services Platform to provide risk-based access management across apps and infrastructure. We all by now agree that IT and security teams in any enterprise are challenged with the risk of being breached in an enterprise that spans across cloud, mobile and data center. Traditional perimeter-based security is not good enough anymore, and the industry supports this claim: PwC in Information Security Breaches Survey 2016 titled, “A matter of when,…

How to Keep Active Directory Active in a Hybrid IT World

For enterprise IT, “hybrid” is the word of the year. You’re either operating a hybrid infrastructure model already or you’re teetering on the edge. It’s getting easier now that AWS, Microsoft, Google et al are improving their services in support of such a model. At the Amazon AWS re:invent show in November, every other sentence contained the word “hybrid.” This was in stark contrast to last year where Amazon still firmly believed a total migration was the only logical choice. Some of our customers are very aggressive with plans to dissolve all their data centers and migrate everything to IaaS. The…

Solving DHS Continuous Diagnostics and Mitigation (CDM) Phase 2

The Department of Homeland Security (DHS) established a $6B blanket purchase agreement (BPA) to improve the cyber defenses for federal, state, local, tribal and territorial governments. The DHS Continuous Diagnostics and Mitigation (CDM) program helps protect government IT networks from cyberthreats and enhances risk-based decision making by providing a consistent and proven set of solutions. Centrify is the selected solution for CDM Phase 2 CRED that ensures all federal agency associates only have access to servers, applications or network resources based on their unique identity, role and responsibility within their organization. Centrify Server Suite offers a robust Active Directory bridge…

Changing the Game: Simplified Authentication to IaaS

I am pleased to introduce the Identity Broker capability of the Centrify Privilege Service. Identity Broker for Linux enables a new paradigm in user authentication to Linux systems, which seamlessly integrates your choice of directory service, including Active Directory, LDAP directories or cloud directories such as Google G Suite Directory. This is a significant advancement in Centrify’s identity consolidation capabilities and delivers freedom of choice when deciding where to store your identities. For 12+ years, Centrify has focused on delivering some of the best possible integration of Linux servers into Active Directory. Our customers are successfully securing identity, authentication and privilege across…

How To Prevent Cybercrime: CFO Insights for Mid-Market and SMB Companies

Cybersecurity Risk From the Break Room to the Board Room How can CFO’s enable an organization to effectively combat cybercrime, while reducing IT security budgets? If this sounds too good to be true, let me explain how it can be done. Cyber risk is present at every level in every company from the break room to the board room. In retail, data breaches occur in companies of every size; from Yellowfront, a one-store grocer in Maine to the massive Home Depot and Target breaches. Cyber awareness of social engineering attack modes is a management priority, and all employees have responsibility in preventing…

Why the New York Banking Cybersecurity Regulations Are Imperative and Timely

New York Governor Andrew Cuomo’s announcement of proposed new and far-reaching regulations to protect New York State banks, financial institutions and insurance companies against escalating threat of cyberattacks is both timely and imperative. The regulation requires institutions to establish and maintain a cybersecurity program designed to protect consumers and ensure the safety and soundness of New York’s financial services industry. The proposal is a landmark initiative to elevate the security posture and preparedness of New York’s thousands of financial institutions in combatting cyber-crime through a cybersecurity program that performs five core functions: Identification of cyber risks. Implementation of policies and procedures…

Russian Hackers Target World Anti-Doping Agency in Latest Breach

What Happened: A Russian cyber espionage group known by the name of Tsar Team, also calling itself Fancy Bear, were successful in illegally hacking the World Anti-Doping Agency (WADA). The Anti-Doping Administration and Management System (ADAMS) database was accessed using a compromised account provided to the International Olympic Committee for the Rio 2016 Games. A release by WADA indicates, “While it is an evolving situation, at present, we believe that access to ADAMS was obtained through spear phishing of email accounts.” Olivier Niggli, Director General, WADA states, “WADA has been informed by law enforcement authorities that these attacks are originating…