With all the focus on cyber security at the conference, we had a lot of interesting conversations at our booth. Most of the MSPs were hearing the cyber focus loud and clear.
Last month the big focus in cybersecurity was the agreement reached between China and the United States. It’s correct to call it historic, but it would be far from correct to call it complete. There’s simply too much that the deal leaves out.
At this week’s RSA Conference we’re showing the latest release of our adaptive privilege management platform. We’re demonstrating how to remove excess local accounts and administrative memberships, provide local escalation, and create a moving target for cyber attackers that significantly limits the amount of time they have in your environment.
I’m always shocked when 20 year old exploits become news, but last week’s furor around the Equation cyber espionage group detailed in the Kaspersky report warranted a response. The infiltration technology mentioned in this report – introducing rogue firmware into the IT infrastructure supply chain – has been around for a very long time.
Cyber-defense today is not about stopping intrusions. It is about creating architectures and processes that minimize losses and limit how far into the network intruders can go after they do manage to penetrate the perimeter with zero day attacks and similar exploits.
We polled attendees at the recent Black Hat USA 2014 in Las Vegas and learned that 93% of them believe the hacking landscape is only going to get worse. Worryingly, 44% of respondents believe the USA is losing the battle against state-sponsored cyber attacks.
Financial services security must now be built and operated at the level of national defense and military-level security; commercial compliance and mitigation are no longer effective strategies.
For a long time we have been beating the drum about how automation is the only way to get control over the powerful privileged identities in the enterprise. Our assertion has always been that every step from account discovery to password changes must be as automated as possible. To that end we have been developing faster, deeper and more sophisticated technology. Our philosophy is simple: cyber-warfare opponents use automation to find weaknesses. Only by employing automation for security, can you find and automatically repair weaknesses faster than your opponents can exploit them.
We’re already in a worldwide cyber war against forces that include foreign governments, foreign corporate entities, anarchists, criminals…even sociopaths.