A Leader! Forrester Wave Names Centrify Leader For Identity-as-a-Service

Today Forrester Research released The Forrester Wave™: Identity-As-A-Service, Q4 2017. Evaluating the “seven vendors that matter”, Forrester named Centrify a Leader. Here at Centrify, we believe this is a strong validation of Centrify’s zero-trust approach to securing access to apps and systems. A complimentary version of this report is available for download here. Centrify provides the industry’s only single platform to secure each user’s access to apps and infrastructure through the power of identity services. With this recent report from Forrester, Centrify becomes the only identity services provider to be evaluated in and positioned as a leader in both IDaaS…

Zero-Trust Model: Never Trust, Always Verify

“Never trust, always verify” is the lingo floating around in the security world. It succeeds the traditional belief of “trust, but verify,” which places a fair amount of trust in the people and devices accessing resources within a protected network. Surely, with massive data breaches happening regularly, we know that network perimeters are not as robust as we once thought. Attackers use weak or stolen credentials to gain access a network as a legitimate user. When an attacker has breached the network perimeter, we also know they are able to move laterally to more valuable assets and data that are…

How To Lower Cyber Insurance Premiums

According to Lloyd’s of London, a massive global cyberattack could result in economic losses as high as $53 billion. Given that, it’s no surprise that an increasing number of businesses are adding cybersecurity coverage to their liability insurance. But as businesses rush to insure, what exactly these policies cover, as well as the cost of premiums, is coming under scrutiny. A key question is whether or not non-malicious human activity is covered. On one hand, cybersecurity policies that do not cover human error —  which would include falling victim to sophisticated phishing schemes, visiting Trojan-infected sites, or even deferring patches…

A Culture of Excellence

Today at CyberConnect, we announced our contribution to the American Red Cross’s hurricane and wildfire relief funds. We have employees and customers located throughout the continental U.S., and many of them have been affected by the recent natural disasters. Whether it be those affected by Hurricane Harvey in Texas or those recovering from the wildfires that have plagued California, we believe it is important to provide employees with a culture of support both in the office and in their communities. As our CEO, Tom Kemp, says, “It is important that Centrify gives back — be it our local schools, our…

A Beginner’s Guide to Cybersecurity

Many people worry that cybersecurity involves a dark and dangerous domain full of unpredictable terrors and threats over which they have little control. The fact is that the greatest risks in the digital space result from the same causes as security vulnerabilities in the real world — poor habits. How many people do you know who leave their doors or windows unlocked at night or hide a spare key under a pot plant near the back door? In effect, they are prioritising convenience over security — a lax practice that many people emulate online by using easy-to-remember passwords or using…

Cybersecurity Awareness Month: Protecting Critical Infrastructure from Cyber Threats

It is interesting and at times bewildering, that in the many years following the failures of 9/11, we still have not found a way to share threat intelligence information without exposing classified information which may compromise the source. Look at these five primary pieces of infrastructure, which exist in every modern society, consider the interdependencies, and how a persist threat or disruption to one dependency can cascade throughout these infrastructure dominos. Primary Role: Electrical Power Generation/Distribution Dependencies on: Above and below ground electrical distribution wires. Network Access to connect power generation and distribution systems. Backup generation systems for internal systems….

Bad Rabbit Ransomware: Another Wake-Up Call For Organizations

Aside from the cool sounding name, the Bad Rabbit Ransomware has quickly become a problem across Russia and Eastern Europe. While not as many are being affected as with WannaCry or Petya, it is still causing headaches for hundreds of organizations. Ransomware is a particularly nasty type of cyber-attack that costs far more than the relatively minor payouts demanded. For example, as we have seen with WannaCry, certain organizations are particularly vulnerable to ransomware such as healthcare. Disruption of patient care, destruction of data and general disorder caused by a ransomware attack is felt particularly hard by targeted healthcare organizations….

The Internet Wants YOU: Consider a Career in Cybersecurity

Back in May, I blogged about the lack of women in technology and cybersecurity in particular. Weeks after that article was published, Cybersecurity Ventures released a report estimating that the number of unfilled cybersecurity jobs would increase from one million today to 3.5 million in 2021. That’s a lot of people required for an industry that already has a zero percent unemployment rate. And if the report is right, we have a few short years to address the problem before the current cybercrime epidemic truly explodes. Maybe it’s time to recognize that the number of women in tech is on a slippery…

Three Discussions CISOs Should Expect When Attending CyberConnect

I’m really excited to announce that CyberConnect 2017 is nearly sold out! And, I’m even more excited to attend the 30+ keynotes and panels, and collaborate with over 40 thought leader speakers during the event. In fact, collaboration is at the core of CyberConnect. Unlike traditional events, CyberConnect integrates thought leadership, collaborative roundtable sessions and in-depth training designed to arm executives and practitioners alike with the tools and confidence needed to defend their organizations against today’s hyper evolving adversary. So, with collaboration in mind, I’d like to share three topics that CISOs can expect to discuss at the conference. How…