Ushering in a Cybersecurity Renaissance with the World’s Top Experts

As CEO Tom Kemp mentioned in his recent blog post, Centrify has reengineered its annual user group event to more comprehensively tackle the many security issues facing organizations today. As the thought leader partner for CyberConnect 2017, ICIT has spent the last several months building a powerful curriculum which will empower business and technical leaders tasked with defending their organizations from digital threats. The result is a program that will inspire, educate, and ultimately help bring order to organizations developing strategies to survive in today’s cyber kinetic meta war. At ICIT, we believe we’ve entered a new paradigm where old…

How to Protect Against Insider Threats: 3 Tips from HBO’s Game of Thrones’ “LittleFinger”

“I did warn you not to trust me.” (Spoiler Alert: for those of you still binge watching Game of Thrones seasons 1-6) For Game of Throne fans, Lord Baelish’s (otherwise known as Littlefinger) fate was only somewhat surprising, inevitable and a gratifying finale for the nefarious character. A master of manipulation, Littlefinger’s enterprising ways led him to acquire both wealth and key intelligence on his political rivals — a classic example of a malicious insider. As his relevance in the storyline grew over the seasons, his underhanded and power grabbing methods gained momentum. Photo credit: 7strongest (cc by 2.0) So,…

Gartner Privileged Access Management Market Overview 2017

Gartner just published their 2017 Market Overview guide for PAM, and it is a great read! The drivers for PAM are similar to last year’s, with a new emphasis on the need for “a comprehensive cybersecurity defense strategy, specifically for critical infrastructure.” Here’s Gartner’s list of drivers, and we believe they are spot on in terms of what we are hearing from our customers and how we’ve delivered capabilities to help solve these issues: The risk of breaches and insider threats The need to prevent, isolate and limit malware attacks that leverage privileged accounts An increase of operational efficiency for…

Best Practices for Multi-factor Authentication (MFA)

These days, it’s pretty clear that to protect systems and data, organizations need to go beyond traditional perimeter defenses. Because most modern cyber-criminals exploit user credentials to get a foot in the door, user identities have become the new perimeter. And leading organizations are turning to MFA to secure their complex, heterogeneous environments. MFA mitigates password risk by requiring additional factors of authentication: something the user knows, has and is. It’s not difficult to implement, but some up-front planning can further enhance security and save a lot of time and effort. MFA is one of the best ways to prevent…

Reflecting on Centrify’s Rethink Security Approach

In the last 12 months, Centrify is the only company to be acknowledged for it’s  vision and leadership in the Gartner Magic Quadrant for Identity and Access Management-as-a-Service,  The Forrester Wave: Privileged Identity Management, and in the Gartner Critical Capabilities for IDaaS Research for Workforce to SaaS, 2016. These acknowledgements demonstrate our growing influence in the industry with a unique point of view for customers who recognize the increased value in securing access for all enterprise identities in one, built from the ground up platform vs. the point solutions offered by others in the industry. Our mantra has been and…

The Multi-factor Authentication (MFA) Debate

A recent FCW article authored by Derek Handova provides expert opinions from experienced and well respected “identity” professionals: Paul Grassi, Sr. Standards & Technology Adviser at NIST, Jeremy Grant former Sr. Executive Advisor for Identity Management at NIST and now Venable’s managing director for technology business strategy.  Mr. Terry Halvorsen, former CIO for the Department of Defense and Army Col. Tom Clancy, Identity and Asset Management lead for the Department of Defense CIO’s office also provide their thoughts and ideas regarding multi-factor authentication. Their comments, along with other industry experts interviewed by Handova, were thoughtful and worth keeping in mind…

Game of Thrones Hack: Winter Has Come for Passwords

The recent security breach at HBO of confidential data including Game of Thrones scripts, cast personal details and administrator passwords highlights the vulnerability of password-only protection. The breach involved hackers stealing about 1.5 terabytes of data from HBO systems — more than seven times as much as the 200 gigabytes taken in the 2014 Sony hack — including scripts for five Game of Thrones episodes and two unreleased episodes of Ballers and Room 104. Passwords Alone Are Not Enough to Stop the Breach The hackers have reportedly released numerous confidential documents, including one with a list of personal phone numbers,…

6 Reactions to the Cisco 2017 Midyear Cybersecurity Report: Part 2

Last week, I discussed the first three reactions I had to the “Cisco 2017 Midyear Cybersecurity Report.” I discussed how vendor consolidation is increasing, how spyware is being branded as malware and how detection of threats is continuously improving. DevOps as a Target In the Vulnerabilities section of the document, Rapid7 describes how DevOps is a target and vulnerability for many companies that may use things like AWS, Azure, or Docker frameworks for development. When these resources are built, they are not always deployed in a secure state and often are left behind to run indefinitely. Identity management tools that…

6 Reactions to the Cisco 2017 Midyear Cybersecurity Report: Part 1

When reading this year’s “Cisco Midyear Cyber Security Report,” a few things jump out that bear discussion. Vendor Consolidation First, one of the key findings is related to the “fragmented security toolbox,” and from it, having so many point solutions solving for security gaps actually creates problems. If they are layered effectively, integrated fully and managed appropriately, point solutions are a winning approach. But when you look at the number of separate solutions that need individual attention to stay effective, the administrative burden deters from incident response plan. This leads to the report’s conclusion that consolidation of vendors limits this effect….