At SecurIT in New York, it’s a Zero Trust State of Mind

On October 29-30, Centrify will proudly sponsor the second SecurIT: the Zero Trust Summit for CIOs and CISOs in New York City. Produced by CIO and CSO from IDG in partnership with Centrify, the two-day event will focus on how to capitalize on the adoption wave of Zero Trust to stay ahead of the security curve. The summit will be held at the Grand Hyatt New York, which is the only hotel connected to the majestic Grand Central Terminal. It’s an amazing venue that visually stuns with ballrooms evoking the history and splendor of New York and its amazing skyline….

Behind the Numbers: Database Authentication and Authorization

Earlier this month, I posted a blog about how most companies I speak with have not implemented a modern database authentication and authorization approach. I also recommended 8 steps IT leaders can take to modernize their database management operations. Upon reflection, I think an interesting follow up would be to take a look at some numbers that further illustrate the need to put effective database authentication and authorization practices in place to secure the enterprise. LOOK AT THE NUMBERS Let’s create a fictitious sample company to examine, called Company X. At the DB Survival Blog site, the accepted high-end number…

Modern Practices: Zero Trust Security

In today’s mobile-first, cloud-first environment, cybersecurity starts with protecting the primary attack vector – privileged identities – with a “never trust, always verify” mindset for Zero Trust Security. Gartner predicts that companies will spend $96 billion in cybersecurity solutions in 2018 alone. While worldwide spending will increase 8% from last year’s total, less than 10% will be spent on Identity and Access Management, the number one attack vector. Clearly there is misinformation and misunderstanding of how to stop a breach. A recent research study with Dow Jones Customer Intelligence, “CEO Disconnect is Weakening Cybersecurity,” revealed that a discrepancy in the C-Suite is weakening enterprise security postures. CEOs mistakenly focus on eliminating malware, while Technical Officers (CIOs, CTOs and CISOs) on the front lines of cybersecurity point to identity breaches – including privileged user identity attacks and default,…

Centrify Zero Trust Security Network Partners Highlighted at BlackHat USA 2018 Booth 2410

This week, BlackHat USA commemorates its 21st year, taking over the Mandalay Bay Convention Center in Las Vegas to present trainings as well as recent developments and research about cybersecurity trends, best practices, and more. Centrify will once again be present to carry the flag for Next-Gen Access as an empowering force behind Zero Trust Security. You can find us at booth #2410 in the Oceanside Ballroom of the Business Hall, BlackHat’s latest euphemism for the vendor Expo. For more details about Centrify’s presence and other fun things happening at our booth, please read Michele Hayes’s blog from last week….

MFA Everywhere: A Tried and True Method in Accelerating Security

While phishing attacks continue to jeopardize today’s organizations (a reported 76% of organizations experienced phishing attacks in 2017), it was refreshing to hear that tech giant Google has apparently eliminated phishing by giving security keys to all of its 85,000 employees. “We have had no reported or confirmed account takeovers since implementing security keys at Google,” a company spokesperson told Krebs on Security last week. “Users might be asked to authenticate using their security key for many different apps/reasons. It all depends on the sensitivity of the app and the risk of the user at that point in time.” This…

Centrify Booth 2410: Your Destination for All Things Zero Trust Security at BlackHat USA

BlackHat USA 2018 kicks off in Las Vegas next week, the 21st year that the information security event has brought together thousands of cybersecurity professionals. BlackHat is always a unique event in that it devotes a heavier portion of its agenda to technical trainings, skill-building, and research briefings for practical cybersecurity learning, followed by a shorter main conference we typically encounter at a “trade show.” It’s also co-located with DEFCON, a hacker convention that takes place immediately following BlackHat – that’s always interesting. Whether you go to the whole event, just the technical sessions, or the Business Hall (aka The…

Gartner and Centrify Agree – PAM is #1 Security Project for 2018

CISOs are overwhelmed with a multitude of projects that are pulling at their time and resources. All of these projects feel important and usually will have some benefit, but nobody has the time or budget to do it all. So which projects will give you the biggest bang for your buck? How do security professionals prioritize these initiatives? At this year’s Gartner Security and Risk Management Summit, Gartner’s Neil MacDonald revealed the analyst firm’s top 10 recommended security projects for 2018. MacDonald stated that CISOs need to, “focus on projects that reduce the most amount of risk and have the…

Adopt Next-Gen Access to Power Your Zero Trust Strategy

Security breaches are now all too commonplace — 58% of organizations have experienced at least one in the past 12 months. As a result, IT security leaders are urgently scrambling to defend attacks at every entry point. Worse yet, traditional approaches to security, based on the notion that you can keep out the “bad guys” out while letting in the good guys, have proven ineffective.  Access control strategies that focus on separating trusted from untrusted users are missing the whole point. Mobile proliferation, reliance on outsourced partners and cloud technologies, and the regular occurrence of insider attacks mean that there…

The Cost of Customer Identity & Access Management (CIAM)

Customer Identity and Access Management (CIAM) is essentially a set of tools that allow your business to securely authenticate, manage and engage customers who are consuming products and services through your applications. Historically, customer identity has not always been top of mind when it comes to business-driving initiatives. Identity was simply a feature of the application, maybe a table or directory that stored user information. It was just there, without much need to think about it. Fast forward to present day and things have changed dramatically. Customers have now come to expect that their own preferences (likes, dislikes, purchase history)…

Secure Identity to Protect Your Reputation

Reputation is built on trust – yet the paradox in the age of access is that the only way we can build trust is to eschew it. That age-old tool of identification–the password–no longer provides any level of security and, in fact, depending upon a password for protection is probably the worst mistake one can make. Likewise, relying on technology alone, such as firewalls, malware detectors and anti-virus programs, can create a false sense of security that often causes more problems than it solves. LESSONS FROM AUSTRALIA If you doubt that assumption, look at the volume of business disruption that…