Secure the Vote with Zero Trust

By Tom Kemp, April 16, 2018

Our democracy is under attack. We are in an era where digital assets are being weaponized and used against us. The fragile state of our democracy is highlighted by election meddling by foreign interests, database breaches of both political parties, and most recently a high-profile breach of trust. And now, just a week ago, a “60 Minutes” episode titled, ‘When Russian Hackers Targeted the U.S. Election Infrastructure,’ validated that the main target of the 2016 U.S. election was election boards, and that up to 90,000 voter records were compromised. Election boards and officials face the biggest battle yet when it…

SEC Clarification: Companies Must Disclose Breaches

By Tom Kemp, March 12, 2018

In late February, the U.S. Security and Exchange Commission (SEC) issued new cybersecurity guidance in the form of an “interpretive release.” According to the SEC website, the Commission frequently provides guidance on federal securities laws and SEC regulations for business and investment communities. The release covered three main topics: Disclosure of cybersecurity risks and incidents Companies have been largely remiss in alerting the public to breaches that may directly impact them. Equifax took five months to reveal that the data of 145 million people had been compromised. Yahoo took years to disclose that every one of its user accounts had…

Takeaways from the Russia-Linked US Senate Phishing Attacks

By Tom Kemp, February 28, 2018

The Zero Trust Security approach could empower organizations and protect their customers in ways that go far beyond typical security concerns. On January 12, 2018, cybersecurity firm Trend Micro revealed that Russia-linked hackers tried to infiltrate the US Senate, leveraging phishing attacks to harvest access credentials. These tactics suggest that the hackers were laying the groundwork for a widespread compromise of Senate employees. And while these findings might further bolster the public view that the Kremlin is trying to influence our democracy, security professionals should not get distracted by the media frenzy that these revelations created and instead focus on the real…

What do Equifax, HBO, Uber and Yahoo All Have in Common?

By Tom Kemp, February 1, 2018

A consumer ratings agency, a cable network, a transportation company and a web services provider. What ties them together? Sure, they were all impacted by very high-profile security breaches. But, if you dig a little deeper, you’ll find these organizations had a lot in common before, during and after their respective breaches. And those commonalities can teach us valuable lessons. A quick recap Equifax became the latest poster child for cybersecurity after it announced criminals had gained access to the financial data of 143 million people. The massive breach led to 23 class-action lawsuits, a $4.3 billion loss in market…

Centrify Predicts: Cybersecurity in 2018

By Tom Kemp, January 8, 2018

As we start 2018, we have continued to see major breaches across industries, only last year we witnessed at least two companies — Uber and Equifax — opt to hold off on alerting the public to their respective cybersecurity breaches and make them public at a later, more convenient date. Whether a coincidence or a trend in the making, time will tell. What we do know is that these were among a handful of security “events” that will help shape the year to come. Here are our predictions for 2018. Organizations will respond to the current threat landscape with a…

Centrify Invests in Educating Cyber Leaders on Cutting Edge Defenses

By Tom Kemp, August 14, 2017

As a leader in the industry, we at Centrify feel it is our corporate responsibility to provide truly objective thought leadership, education and guidance to empower cyber security leaders with the tools necessary to defend against digital adversaries. To support this goal, I’d like to invite you to CyberConnect, a two day security conference convening executives from some of the world’s biggest organizations in New York City November 6 and 7th. We have one simple, yet powerful motivation behind CyberConnect: To educate and better secure the companies, people and data within the critical infrastructure of the country. It is undeniable…

Cybersecurity Must Be Top of Mind in the C-Suite

By Tom Kemp, June 12, 2017

Data security breaches are no longer just an IT problem—they’re a C-suite problem. By now this should be obvious to everyone. Today’s advanced hackers — including cybercriminals, nation states, hacktivists and malicious insiders—are perpetrating ever more targeted, dangerous and frequent attacks. And the cost of these attacks is growing fast. The average total cost of a breach was $4 million in 2016, up 29 percent since 2013. And yet security is still not top of mind in the C-suite. Too many CEOs still consider security breaches merely a cost of doing business — rather than a serious threat to their…

More Thoughts on Vendor Consolidation in the Security Market

By Tom Kemp, March 7, 2017

In my last blog post, I discussed a new major trend in the security market, which is that security buyers are increasingly looking to consolidate vendors and want more of a platform approach to security versus stitching together point solutions. Besides hearing this directly from customers over the last few months, I documented in the blog how two different analysts, who were both doing comprehensive security customer surveys, both independently found that around “70% of enterprise security buyers are consolidating vendors.”  In this blog post I want to further elaborate on this trend and share some additional data points that…

New Trend in the Security Space: Customers Want Vendor Consolidation and a Platform Approach

By Tom Kemp, February 28, 2017

Starting late last year, I kept on hearing a growing drumbeat from customers that they were highly interested in consolidating the breadth of security vendors and products that they use internally to secure their enterprise. In past years, the talk by customers regarding “vendor consolidation” typically had been more in terms of the purchasing process and not having to deal with getting contracts and negotiating with yet another vendor. This time it was different — it has become clear to customers that having disjointed point solutions leave significant air gaps with regard to securing their enterprise, and that customers are…

The Cybersecurity Tipping Point Nears

By Tom Kemp, February 15, 2017

If we’d take a moment to pull our heads out of the sand and look around, we’d quickly see that we’re on an ominous trajectory. There’s no arguing that over the last several years, we’ve been suffering from increasing numbers of breaches, cyberhacks and data leaks. What’s truly puzzling is the fact that we’ve grown so used to the headlines, they no longer seem to impact us: Target spent $250 million to manage a breach? A massive 1 terabytes per second attack against a DNS provider that knocks out major websites? One billion Yahoo identities hacked? Even a hacked election?…