Controlling Who Has Access to What in a CompanyBy Jan Hogewoning | Tue, 12/08/2020 - 05:00
Q: CyberArk is primarily known for its privilege security technology. How does this form the basis of your offering and products in the market?
AM: A privileged account is typically any access, either through a username and password or credential, that allows access to a computer system with privileges to execute changes in the company’s infrastructure. These accounts or credentials are the No. 1 target of attackers. Infiltration usually has a primary objective: to steal these privileges, move laterally and steal data. But it is not only external cybercriminals who are involved. Attackers may be within the companies themselves. In Latin America, more than 50 percent of leaks are caused by insiders. Internal users are sometimes motivated by financial incentives or by anger against the company. There are even cases where employees are threatened by criminal organizations and forced to use their current permissions to compromise the company.
AR: It is essential for us to be able to determine if the person who is requesting access is really who they say they are. To find out, we ask something that only that person would know based on something that only that person can have, like a smartphone, a token or something that belongs to them. We also use biometric factors, such as a fingerprints or face ID, to corroborate their identity. Once we do this, we identify the type of privileges this person has. Those with elevated privileges are very important and we give them specialized treatment as they have a high impact on the company as they can make modifications or access sensitive information.
Q: Do you also offer managers an overview of their employees' behavior?
AM: Identity security and visibility are paramount and one of the first steps in any cybersecurity strategy. Over 80 percent of cyberattacks are related to credential theft. Ask any analyst like Verizon and they all find the root cause of cyberattacks to be credential theft. That said, beyond full visibility, the first thing we need to prioritize is risk mitigation. Having full visibility in a cybersecurity strategy is the equivalent of waking up and brushing your teeth. It is the first thing that has to be done.
Q: Which CyberArk product are companies in Mexico requesting the most?
AR: Core Privileged Access Security (PAS) has been a very well-received product among our customers. This solution is a password "vault" through which we can detect where these privileged accounts are and manage them to protect them from cyberattacks. This product can be delivered as a SaaS, which is a great advantage for all companies that want to access this service with a single click. Around this product, there are others that allow us to extend the services to activities that have to do with third-party access and endpoint privilege management.
AM: As a cybersecurity community we have invested in taking care of every penny while neglecting the dollars. We have invested millions in next-generation firewalls, next-gen endpoints and advanced persistent threat solutions. These are real problems and they need to be addressed. However, we are neglecting the crown jewels of the business. Even if a company has the best firewall in the market, if it shares credentials among multiple users it has no knowledge of what each member of the organization is doing. That opens the door for a cybercriminal to enter and modify its infrastructure.
One of the reasons why companies have not yet invested in this area is because they often do not know where to start. It is difficult for them to categorize privileged accounts and then start managing them. At CyberArk, we have developed a methodology and tools to identify those accounts and a blueprint to prioritize them. We divide the accounts into different tiers. Tier 0 are the most critical accounts and if the information is stolen, there is no way to recover it. Tier 1 accounts can compromise the operation, affect certain services and have information stolen, but with high probabilities of recovery. Finally, Tier 2 is the general access to the company’s infrastructure. We reduce the risk through very specialized strategies depending on the account.
CyberArk is a publicly traded information security company that offers identity and privilege security technology. This allows companies to control access to different areas of their operation.