Three Discussions CISOs Should Expect When Attending CyberConnect

I’m really excited to announce that CyberConnect 2017 is nearly sold out! And, I’m even more excited to attend the 30+ keynotes and panels, and collaborate with over 40 thought leader speakers during the event. In fact, collaboration is at the core of CyberConnect. Unlike traditional events, CyberConnect integrates thought leadership, collaborative roundtable sessions and in-depth training designed to arm executives and practitioners alike with the tools and confidence needed to defend their organizations against today’s hyper evolving adversary. So, with collaboration in mind, I’d like to share three topics that CISOs can expect to discuss at the conference. How…

Reevaluate Your Cybersecurity Spend in 2017

Without a doubt, the most frustrating fact I face every day is this: Companies spend a meager 4.7% of their total security budgets on identity and access management (IAM) – while compromised identities are responsible for 80 percent of all data breaches. Eighty percent. This glaring disconnect is almost more than I can wrap my head around. Here’s the math: According to Gartner’s “Forecast: Information Security, Worldwide, 2015-2021, 2Q17 Update,” in 2015, companies spent nearly $84 billion on security. Approximately 4.7 percent of that ($4 billion) went towards identity and access management. This year, the total security spend is projected to…

The Equifax Disaster: Technical Controls — ICIT’s Synopsis of America’s In-Credible Insecurity

The following excerpts are from the Technical Controls section of Part-1 of the ICIT Equifax report entitled “America’s In-Credible Insecurity,” written by James Scott, Sr. Fellow, Institute for Critical Infrastructure (ICIT). Technical Controls Data Encryption Data should be protected according to its value and the potential harm that would result if it were stolen. Encryption does not prevent adversaries or insiders from exfiltrating data; however, it does deter or prevent attackers from exploiting the stolen data unless they spend significant additional resources breaking the encryption or stealing the decryption keys. Data Loss Prevention Data loss prevention is the employment of…

How Do You Choose the Right IAM Solution? Here Are 4 Questions You Should Ask

Cloud based services dominate today’s world and over the past few years, delivering cloud based IAM solutions is no exception. The right solution can reduce risk, cut down costs and save time, but choosing the right IDaaS vendor requires careful consideration. Putting together some basic questions to ask while covering several key elements is a first step. So…where do we begin? Is It a True Hybrid Solution? Ask your prospective vendor if they truly provide a hybrid solution with control and access across on-premises and SaaS-based applications. Federation for SaaS apps is a great first step, but larger companies will…

NIS Directive Compliance: It’s Just as Important as the GDPR

IT security managers have had plenty on their plate this year co-ordinating compliance efforts in advance of the forthcoming EU General Data Protection Regulation (GDPR). But while the sweeping new privacy law has dominated the headlines for the past year or more, there’s another important piece of regulation on its way from Brussels, that will apply specifically to “operators of essential services” (OES). It’s known as the EU directive on the security of Networks and Information Systems (NIS). With the same huge fines of up to £17m or 4% of global annual turnover levied for non-compliance, it’s vital that you…

Reflecting on Centrify’s Rethink Security Approach

In the last 12 months, Centrify is the only company to be acknowledged for it’s  vision and leadership in the Gartner Magic Quadrant for Identity and Access Management-as-a-Service,  The Forrester Wave: Privileged Identity Management, and in the Gartner Critical Capabilities for IDaaS Research for Workforce to SaaS, 2016. These acknowledgements demonstrate our growing influence in the industry with a unique point of view for customers who recognize the increased value in securing access for all enterprise identities in one, built from the ground up platform vs. the point solutions offered by others in the industry. Our mantra has been and…

6 Reactions to the Cisco 2017 Midyear Cybersecurity Report: Part 1

When reading this year’s “Cisco Midyear Cyber Security Report,” a few things jump out that bear discussion. Vendor Consolidation First, one of the key findings is related to the “fragmented security toolbox,” and from it, having so many point solutions solving for security gaps actually creates problems. If they are layered effectively, integrated fully and managed appropriately, point solutions are a winning approach. But when you look at the number of separate solutions that need individual attention to stay effective, the administrative burden deters from incident response plan. This leads to the report’s conclusion that consolidation of vendors limits this effect….

Racing Towards a Zero Trust Access Control Model

Drag racing. From 0 to 60 in less than 2 seconds. It’s all about controlled speed. Success depends on maximizing power, minimizing weight and drag, and no obstacles in the way! In IT when the pressure’s on, admins also want to avoid obstacles. They need to get the job done fast whether it’s an OS refresh, new corporate apps rolling out, or fixing a network outage. For this, they too need power (accounts like “root” or “administrator” with superuser rights). SO, just give your admins full rights all the time. Minimize obstacles, bureaucracy, red tape, friction. Jobs get DONE super…

Centrify named “Overall Leader” in KuppingerCole IDaaS Leadership Compass

Centrify is pleased to announce that KuppingerCole Identity as a Service (IDaaS) Leadership Compass Report names Centrify “Overall Leader.” The report also highlights Centrify’s leadership in innovation, product features and market reach. KuppingerCole is a leading analyst covering Identity and Access Management (IAM). This report is the most current and comprehensive look at the IDaaS market, which is one of the fastest growing segments in the Security and Identity markets. According to Jeff Edwards of Solutions Review, The IDaaS market is exploding and it is predicted “that by 2020, 40 percent of IAM purchases will use the IDaaS delivery model,…

Driving Cloud-Based Agility at Rémy Cointreau with Centrify

Business requirements and information security priorities have always had a tough time aligning. It’s even become something of a cliché these days to say that security is a block on agility, productivity and growth. Yet it doesn’t have to be that way. Rémy Cointreau’s recent collaboration with Centrify is a great example of how, when implemented correctly, security can actually support the business: in this instance, our move to a more agile, cloud-based infrastructure.  On the opening day of Infosecurity Europe in London, I explained to a packed audience exactly how the Centrify Identity Service is helping our employees work…