0

Mark Fullbrook, of Cyber-Ark, talks about their Privileged Session Identity

Posted on March 17, 2011 by Josh Arrington

0

Privileged Conversations at RSA: From the Cloud to the White House

Posted on March 3, 2011 by Adam Bosnian

RSA 2011As it has every year since its inception, the RSA Conference drew a large number of security vendors, researchers, professionals and insiders of all stripes. Not surprisingly, cloud security emerged as one of the most popular themes addressed throughout the conference, partly due to the buzz and anticipation surrounding The Cloud Security Alliance Summit. That said, while the security of the cloud and other virtual environments were certainly focal points for this year’s show, several other important themes, issues and opportunities were addressed that also challenged the notion of status quo security.

As part of the mission of “Privileged Insights,” we are especially intrigued by topics that address the overarching sophistication and evolution of security threats, particularly the exploitation of privileged accounts and identities to access sensitive information. So while the CSM Summit attracted a lot of attention, and Chris Hoff, Director of Cloud and Virtualized Solutions for Cisco, delivered an insightful presentation that illuminated the importance of transparency between cloud providers and customers, it was Salesforce.com CEO Mark Benioff and Chief Trust Officer Jim Cavalieri who added a different twist to the cloud security picture—it’s not just the cloud, it’s the provider’s infrastructure that we need to worry about. Obviously, this is something that resonates well with IT security professionals.

When we examine the infrastructure of a provider’s data center, it’s realistic to expect that it could contain hundreds or thousands of servers, databases, workloads, applications, services and network devices (among other components), all exposing access points for management and control. Some of these access points are extremely powerful (i.e. privileged) while others are not.  Regardless, access points should be accessed only by authorized sources. Cyber criminals understand the potential of these networks of privileged access points and by leveraging these vulnerabilities they have transformed the cyber crime frontier, as seen with many of the recent APT attacks, such as Stuxnet.

As Symantec pointed out in their presentation, the best approach to combat Stuxnet and similar attacks is a coordinated one focused on policy, protection and monitoring controls—all central tenets of privileged identity management.

Similar takeaways were found elsewhere at RSA that justify the importance of employing “privileged insights” to security intelligence.  White House CIO Vivek Kundra explained some of the rationale behind the federal government’s increasing utilization of the cloud, including the importance of continuous monitoring.  Cyber-Ark believes for continuous monitoring efforts to be effective, they must be properly automated by privileged session management solutions. Elsewhere, the CSA officially announced the launch of a new working group, CloudSIRT – cloud security incident and response. Interestingly, a recent survey conducted by CloudSIRT found that privileged user threats were one of the main vulnerabilities recognized by cloud adopters.

The list could go on, but we’re curious, where else did you hear insightful discussions about the power of privilege at RSA?  From our perspective, it seems the discussion is now less about  the education of privileged identity management technology, it’s now evolved to a need to better understand the emerging security and compliance challenges that it can proactively help solve. Do you agree?

0

Celebrating 20 Years: RSA Conference Keeps on Rollin’

Posted on February 14, 2011 by Josh Arrington

Leading up to the RSA Conference, we in the security industry tend to be acutely aware of new threats and breaches. This year is no different, with emerging stories associated with cyber threats like Night Dragon and speculation swirling about the motivation behind the Nasdaq hack.  And, you don’t need another headline to remind you that cloud security is top-of-mind for a majority of RSA attendees.

Cyber-Ark believes that as these cyber threats become more targeted and sophisticated, organizations’ fears about loss of control and lack of security are amplified, particularly in the data center.  This is further reinforced with the increasing dependency on virtual environments, whether on premise or with Cloud Service Providers, where the magnitude of risk increases dramatically by a single privileged access.

This year at RSA (booth #2045), Cyber-Ark is launching a solution that offers continuous protection against internal and advanced external threats in the data center.  That solution is our new Privileged Session Management Suite.  This comprehensive Suite improves compliance and risk management with the ability to isolate, control and record privileged access to databases, virtual environments and servers using a common platform for reduced total cost of ownership.  Users can view session recordings or monitor sensitive events across the entire data center using one web interface or dashboard view, and generate a unified report for audit and compliance purposes.

This Suite is another important step in proactively enhancing an organization’s security posture, particularly as privileged accounts are commonly the target of attack due to the system-wide access they enable. Organizations must isolate and protect their sensitive servers, databases and hypervisors and be able to control and record ‘who’ and ‘what’ are accessing these business-critical systems.

Please join us at RSA, and roll by our booth where our big “Wheel of Privilege” will be turning.  Try your hand for a chance to win an iPad, and, in the words of the iconic Tina Turner, don’t spend another minute worryin’ about the way things might have been. Talk with Cyber-Ark to learn more about steps your organization can take to proactively protect against security threats targeting your most sensitive data, applications and systems.

0

Councils fined for unencrypted laptop theft

Posted on February 8, 2011 by Josh Arrington

The UK Information Commissioner’s Office has today issued two local government councils with fines for breaches of the Data Protection Act. The two bodies were fined £80k / $128k and £70k / $113k  respectively after two unencrypted laptops, containing the details of around 1,700 individuals, were stolen from the home of an employee working on the joint out of hours service for both councils.

What’s particularly interesting in this case is that one of the council’s actually had a policy in place requiring all data to be encrypted – something which they’d evidently failed to roll out organisation-wide.

Given both councils chose to ignore the warning signs, it’s quite clear that more needs to be done to ensure that organisations take data protection more seriously. As we’ve seen in the US with Senate Bill 1386, fines certainly act as a wake-up call to those involved, but education is absolutely essential if staff are to understand the pitfalls that can ensue from poor data protection policies.

With four fines already under its belt, the UK ICO seems set to make its point – issuing a warning only last week to local councils threatening prosecution for failure to implement proper data control procedures.  Unfortunately we’re still seeing the fallout from organisations that are simply not succeeding in protecting valuable data, so it remains to be seen whether such warnings will be taken seriously.  If not, and lessons are to be learned the hard way, at least we can be sure the powers that be will not be turning a blind eye.

Full Article

2

With Privileged Insights Emerges Security Intelligence: Preparing for the Unexpected

Posted on January 25, 2011 by Udi Mokady

By Udi Mokady, CEO, Cyber-Ark
Cyber-Ark Software believes 2011 will be a significant year for the security industry.  One marked by
transformation – both in terms of increasingly sophisticated threats and encouraging technology
innovation.  Behind these changes are converging market factors such as the challenges facing
organizations that must protect against more targeted, persistent and sophisticated attacks, including
those related to Stuxnet and Wikileaks-type incidents; easing economic pressures driving new
infrastructure investments, particularly virtualization and cloud computing; and evolving internal audit
pressures and compliance requirements, such as PCI. To address these market factors, Cyber-Ark has
launched the “Privileged Insights” blog.

With our global reach, Cyber-Ark is in a fortunate position to be able to draw upon our experiences,
and those of our partners and customers, to share real-world examples of how unexpected
vulnerabilities, such as hard-coded passwords in a video conferencing system, digital copier or storage
device, can impact the overall security posture of an organization.  No longer are threats limited to
insiders and expected targets like databases and servers—we must think about the unexpected.  That
will be one of the goals of this blog, generating industry dialogue and empowering people with the
information they need to proactively manage unexpected threats by elevating awareness about the
risks of status quo security, and the need for innovation and new IT skill sets.

Cyber-Ark closed 2010 with 800 customers in more than 50 countries and strong revenues that are
driving tremendous momentum into the new year, including providing customers with proactive
security solutions for increasingly distributed architectures.  In speaking with our customers, we
understand that, particularly at the C-Level, there remains hesitation about cloud adoption due to
multiple factors including security uncertainties and the sense of a “loss of control.”  Cyber-Ark
recently produced a fun, informative video [included in this post] aimed at describing how Cyber-Ark
can help address key security issues in a cloud environment, whether you are a cloud service customer
or a cloud service provider.

Even with the growing complexity and fragmentation of the IT security space, we are optimistic about
the year to come.  Cyber-Ark is extremely well-positioned in the privileged Account Activity
Management space, one of the fastest growing segments within the identity and access management
market.  And with innovative offerings for governed file transfer, we continue to empower multi-
national organizations to initiate new business models and address their most daunting security
challenges related to how information is accessed, shared, monitored and managed.  We look forward
to sharing our stories and participating in thought-provoking discussions about the expanding threat
landscape.  And – stay tuned for more announcements coming from Cyber-Ark this year.

How do you see enterprise cloud adoption and security in the cloud evolving this year?

Pages ... 1 2