Centrify’s Next Strategic Step Forward with Thoma Bravo

I am pleased as CEO and co-founder of Centrify to announce that Centrify has entered into a definitive agreement whereby Thoma Bravo, a leading high-growth private investment firm with a significant track record in cybersecurity, will acquire a majority interest in Centrify from our current venture capital investors led by Mayfield, Accel, Jackson Square Ventures and Index Ventures. We couldn’t be more thrilled to partner with this world class investor who has invested in other great cybersecurity companies like SailPoint, McAfee, Barracuda and others. We believe that this transaction optimally positions us to accelerate our pace of innovation in the…

Stop Breaches with Analytics and Artificial Intelligence

According to Gartner, companies will spend up to $96 billion worldwide on security this year, but research by Centrify and Dow Jones suggests that up to 79% of companies have experienced a significant breach. Forrester estimates that 80% of security breaches involve privileged credentials. It’s understandable: After an intruder gains access to the employees’ devices, they try to snoop the network and install keylogger to get higher privilege credentials (such as root or administrator). Privileged credentials provide greater scope for stealing data en masse than individual accounts do. Traditional Privileged Access Management (PAM) products have been trying to resolve the…

Making Smarter Access Control Decisions

Hey Siri, block that attacker, please Wouldn’t it be great if Siri, Alexa, or Google Assistant had the intelligence to figure out malicious intent, govern access to our sensitive corporate data, and alert us in real time when something dodgy was going on? Well, they do leverage modern machine learning and AI to make “intelligent” decisions, but they’re clearly not designed for enterprise-grade security. At Centrify, though, we’re using AI and machine learning concepts to develop Next-Gen Access security to do just that. Only it’s not in a soft, cute, platonic solid form factor that sits on your desk….yet. As part…

Cyber Risk Insights from the AIG 2017 Cyber Insurance Review

I read with interest AIG’s 2017 Cyber Insurance Review. In a one sentence summary: cyber insurance claims are up, due to systemic ransomware and wiper malware attacks, the cyber business is booming, but we are still early in the market evolution. Reading the report prompted me to ask three questions regarding Cyber Insurance: How well do insurance brokers understand cyber risk and cyber insurance? What percentage of businesses shopping for cyber insurance truly understand their cyber loss exposure in quantitative terms, and conversely how well do brokers understand their exposure What security controls and policies do businesses have in place…

Centrify and SailPoint Join Forces to Apply Zero Trust Security Best Practices to Identity Governance

Today, Centrify is proud to announce the integration of the Centrify Privileged Access Service with SailPoint® Technologies IdentityIQ™ solution. This integration provides joint customers with a single pane of glass for a privileged user’s entitlements and enables issuing access requests for accounts, systems, and existing roles that are controlled by the Centrify Privileged Access Service. This allows for centralized management and control of identities to quickly identify and mitigate access risks of privileged users, while strengthening an organization’s compliance posture. Figure: Centrify Privileged Access Service integration with SailPoint IdentityIQ BRINGING ZERO TRUST SECURITY TO IDENTITY GOVERNANCE One of the essential…

How to Operationalize the Zero Trust Security Pillar ‘Limit Access & Privilege’ with ServiceNow

An easy way for a cyber-attacker to gain access to sensitive data is by compromising an end user’s identity and credentials. Things get even worse if a stolen identity belongs to a privileged user, who has even broader access, and therefore provides the intruder with “the keys to the kingdom.” As a result, it’s not surprising that, according to Forrester, 80 percent of breaches involve privileged credential misuse. By leveraging a “trusted” identity a hacker can operate undetected and exfiltrate sensitive data sets without raising any red flags. Zero Trust Best Practice: Limit Access & Privilege To limit their exposure…

Why the Path Towards Zero Trust Starts with Next-Gen Access

Zero Trust Security has gained a lot of popularity over the last six months. Almost daily you can read articles about this security strategy (e.g., TechRepublic, CSO, Security Current). Both analysts (e.g., Forrester) and security professionals acknowledge the benefits it offers in the context of establishing effective ways to minimize the risk of falling victim to a cyber-attack. The reason why so many embrace Zero Trust Security is most likely anchored around its simplicity ― with today’s porous network perimeter, untrusted actors already exist both inside and outside the network. However, when it comes to developing the necessary blueprint on…

Real-Life Exposed Privileged Identity Theft

Have you ever had your identity stolen? Credit cards obtained under your name that were not yours? Most of us have, and what a pain it can be to stop excess charges, get reimbursed, close down those accounts, and repair your damaged credit. It can take years to recover from such an invasion. While we know what it’s like in our personal lives, many of us don’t pay attention to the damage that could be caused in our professional careers, especially with privileged accounts like database access. One reason for this disconnect is because the breaches typically are not financial…

SEC Clarification: Companies Must Disclose Breaches

In late February, the U.S. Security and Exchange Commission (SEC) issued new cybersecurity guidance in the form of an “interpretive release.” According to the SEC website, the Commission frequently provides guidance on federal securities laws and SEC regulations for business and investment communities. The release covered three main topics: Disclosure of cybersecurity risks and incidents Companies have been largely remiss in alerting the public to breaches that may directly impact them. Equifax took five months to reveal that the data of 145 million people had been compromised. Yahoo took years to disclose that every one of its user accounts had…

Frost & Sullivan Recognizes Centrify for IDaaS and PIM Leadership

Today Frost & Sullivan, a leading analyst firm and growth partnership company, announced that Centrify has earned the North American Product Leadership Award for its Next-Gen Access Solution for Zero Trust Security. The report specifically noted Centrify’s success as a security company comes by challenging traditional approaches to security and using a unique philosophy to address the problem. Centrify helps its customers identify and follow a set of best practices that are grounded in Zero Trust Security—through verifying all users, validating their devices, and limiting access and privilege—to reduce risks related to breaches. The author of the report, Sankara Narayanan,…