What is your theme of participation at GISEC 2022?
Attivo’s theme for GISEC 2022 is “Identity Is the Ultimate Attack Surface.” Since hybrid workforce and cloud work has been expanding in the light of the pandemic, organisations are now experiencing a more significant threat than ever with threat actors targeting identities. Unfortunately, traditional identity solutions can’t keep up since they allow room for potential identity-based attacks. This area is where Identity Detection and Response (IDR) plays an important role.

IDR is critical for protecting against identity compromise, privilege escalation, and detecting attacker lateral movement. It is not about controlling authentication or multiple factor authentication (MFA). IDR is about protecting credentials, entitlements, and the systems that manage them, from endpoints to Active Directory to the cloud. Understanding its fit in the security stack is critical as it closes gaps between Endpoint Detection and Response (EDR) and Identity Protection solutions.

What is the general agenda / planned list of activities at the event?
Attivo is the diamond sponsor at GISEC 2022, and we have a jam-packed agenda presenting and participating in panels throughout the show. On the first day, we are presenting on the Main Stage, where we will talk about “Guarding the new identity-based perimeter that tops the CISO’s priority list” from 14:30-14:45. Then between 15:35-16:05, we are part of a panel discussion – “CISO Panel Discussion: Staying ahead of the hacker.” On day two, our Director of System Engineering – Bahi Hour – will be sharing a presentation, “Discover Critical Active Directory Exposures & Targeted Attack,” at the Dark Stage between 12:40 – 13:00.

What according to you are the challenges faced by CISOs and Cybersecurity experts today?
CISOs and Cybersecurity experts have in the last years been exposed to an increasing threat of cyber-attacks and often face the challenge of their enterprise-level environments being vulnerable to lateral movement in their networks. Modern advanced threats actively use privilege escalation and lateral movement, which has become an Achilles heel for many organizations.

Another challenge is that for many organisations, dwell time, the period from when an attacker enters the network to when the organization detects them, is too long. CISOs and Cybersecurity experts must also face the increased threat to Identity Security breaches. They should also look over their organisation’s breach fatigue since this is a relatively new concern for cyber security.

In 2021 we experienced an extensive increase in cyber security breaches and attacks in the Middle East, and unfortunately, it is expected to continue in 2022. Organisations are faced with the burden to tackle the increase in cyber-attacks and the after-effect of working remotely. And the preferred target for cybercriminals is the Active Directory (AD), dubbing them the businesses’ Achilles Heel, especially when it comes to ransomware attack preparedness. Microsoft estimated that more than 95 million AD accounts come under attack each day, and that number has almost indeed risen since then.

Active Directory represents a skeleton key capable of unlocking the rest of the network for attackers. AD provides the directory services that enable administrators to manage permissions and control access to resources throughout the network, making it essential to an organisation’s day-to-day operations—but it also makes it a target. Because it manages permissions and authentication, AD needs to be easily accessible to its user base. Unfortunately, this makes it notoriously difficult to secure.

The AD’s role in network operations is so extensive that most customers (understandably) lack the in-depth knowledge needed to troubleshoot AD security. It isn’t just a matter of patching known vulnerabilities or correcting misconfigurations. Any exposed setting or poorly adjusted parameter can allow an attacker to infiltrate the system. Protecting AD involves visibility to exposures, live attack detection, managing security policies and requires insights into compliance drift when users do not follow those policies consistently. In other, more dynamic situations, like mergers and acquisitions, major environment changes can make management exponentially more difficult.

Why Do Attackers Target Active Directory?
For most enterprises, AD is the central repository for all accounts and systems within the network, and it is responsible for all authentication and authorisation to the network. It is a lucrative target for attackers since compromising AD can give them access to all network resources and the necessary rights and privileges to make changes that make it harder to locate and remove them from the environment.

Unfortunately, many open-source and freely available tools, including Bloodhound and Mimikatz, make attacking and compromising AD dangerously simple. Attackers use these tools to identify accounts capable of granting them administrative rights and conduct their attacks in a way that allows them to elevate their privileges and hide their tracks. Almost every major ransomware attack includes a step in which the attacker leveraged AD along the way for information, privileges, or both. AD can quickly become an adversary’s best friend if not adequately protected.

Steps to Secure Active Directory
There are certain best practices that enterprises should adhere to, including hardening AD, keeping privileged accounts to a minimum, using jump boxes, and following secure technical implementation guides. But these alone will not keep AD safe. Responsible organisations should implement identity security solutions that provide visibility into exposed credentials that create potential attack paths and allow access to AD. Visibility into AD exposures and vulnerabilities is essential as well.

New tools capable of helping organisations secure AD have also emerged. Identity Detection and Response (IDR) solutions are today considered an essential element of AD defense, as they can help defend against attackers targeting AD infrastructure within the network. For faster, more comprehensive threat detection and improved investigation and response times, enterprises need to detect attackers targeting credentials, cloud entitlements, and Active Directory—and IDR can help. Peter Firstbrook, Vice President of Gartner Research, recently stated, “Identity Detection and Response is a critical capability of any solution calling itself an XDR,” further lending credence to the value of IDR.

Prioritising Active Directory Security
Attackers recognise that the unique nature of AD makes it both highly valuable and difficult to secure—and exploiting it is now a priority for them. Ultimately, defenders can’t secure their directory services when they don’t understand the risks or have clear insights into when these assets are under attack. IDR provides continuous visibility into exposures, misconfigurations, and credentials that attackers seek to exploit during an identity-based attack. Adversaries aren’t going to stop targeting AD any time soon—but today’s organisations now have tools and resources at their disposal that can quickly detect and derail attackers seeking to exploit credentials and Active Directory.

If you liked the video, please like, share, and comment below.

More information: https://cyberknight.tech/ | https://www.attivonetworks.com/

For more videos, please subscribe to our channel. Also, hit the bell icon to join our Notification Squad!

Carolyn Crandall, the Chief Security Advocate at Attivo Networks, is of the opinion that companies should set up mentorship programs where women in power educate the next generation of security executives

Tell us about yourself and your current job role.
My name is Carolyn Crandall, and I am the chief security advocate and CMO at Attivo Networks. I have over 30 years of experience building new markets and successful enterprises infrastructure companies such as Cisco, Juniper Networks, Nimble Storage, Riverbed, and Seagate.
Taking companies from pre-IPO to multi-billion-dollar sales has earned me recognition as a global thought leader in technology trends.

I have specialized in developing strategies and solutions for my clients in operations, digitalization, and security. I am highly passionate about educating my customers about shifting to an active security defense that prevents and derails cyberattacks, thus mitigating the risk of a breach.

As the chief security advocate, I’ve focused on raising awareness on the importance of – and inherent market need for – a modern security defense that addresses an ever-evolving environmental and threat landscape. I consistently advocate for proactive vs. reactive cyber defenses and have become a major advocate for an identity-first security posture.

I’m able to use my platform at Attivo to educate enterprises about the need for new cybersecurity measures and what new innovations can be deployed to address them. With the concept of perimeter defenses dissolving, the focus now shifts to identity-based innovations that accelerate detection and response to advanced, credential, ransomware, and insider cyberattacks and for better protection of emerging attack surfaces including cloud, the internet of things (IoT), medical IoT and interconnected operational technology (OT) environments.

Additionally, I serve as an Advisory Board Member for the Santa Clara University Executive MBA program and co-authored the e-book Deception-based Threat Detection, Shifting Power to the Defenders.

Tell us about your journey into the security industry. Was the security industry your first choice?
I have always been interested in technology and studied Electrical Engineering and Computer science at Santa Clara University. My studies in college sparked my interest in pioneering technologies, and I made sure to keep hot technology companies on my radar and follow their news to stay informed.

My security journey has been filled with many wonderful opportunities, teams, products, and solutions. Almost six years ago, I joined Attivo Networks. Since then, I have made it my mission to spread awareness of good cybersecurity practices across organizations alongside Attivo Networks.

During your tenure in the security industry, have you experienced significant changes the industry has gone through?
Since I started with Attivo Networks, there has been a drastic rise in credential attacks. As the business landscape has changed significantly since 2015 due to the further adoption of digital transformation rapidly so in the past two years, this has exposed security vulnerabilities and has given threat attackers a playing field that is ridden with possibilities for cybercriminals to target organizations.

This has ultimately resulted in significant global financial losses as they exploit companies in exchange for the safekeeping of the stolen data. As more news of ransomware due to credential attacks arises regularly, the security industry draws the need for advances. Attivo Networks has recently introduced a new cybersecurity category called Identity Detection and Response (IDR). This category addresses the need for better protection against credential-related threats.

Are there any challenges you face on a day-to-day basis working in this industry?
Debunking the misconceptions in cybersecurity is one of the biggest challenges we face. Proving ROI is also a constant challenge for any security control. With Attivo’s solutions, the value comes in early detection, being informed when existing security controls fail, and in the operational management of an alert. Efficiency savings are fairly easy to calculate but assigning a savings amount to early detection or breach avoidance can be a harder dollar figure to define.

What sort of future do you foresee for the security industry as a whole?
As organizations have both accepted and embraced the digitalization of most services, this means that cyber threats will continue to evolve no matter the defenses put in place. There will be an additional need for better in-network detection to disrupt and derail attackers before they can cause damage.

As time goes on, companies will begin adopting a prevention posture instead of dealing with the consequences of a successful attack. As defenders, we need to keep up with the TTPs of the sophisticated actors and update our systems and technologies to keep up with them. With identity-based attacks on the rise, today’s businesses require the ability to detect when attackers exploit, misuse, or steal enterprise identities.

This need is particularly true as organizations race to adopt the public cloud, and both human and non-human identities continue to increase exponentially. Given the penchant for attackers to use credentials and leverage Active Directory (AD), it’s becoming more critical to detect identity-based activity.

What more needs to be done to welcome more and more women into the security industry?
The technology field has been saturated with mostly men, as very few high-level opportunities were available or pursued by women. Top executives need to start the conversation and empower women to pursue this career path to make the security industry a more inclusive space for them. This can be done by setting up mentorship programs where women in power educate the next generation of security executives.

Creating women-oriented programs and initiatives that include workshops on the security industry can generate interest in the participants. When larger organizations set up this type of program, it is often beneficial to provide internship or job opportunities to those who demonstrate a genuine commitment to the inclusion of women into the field, ultimately benefiting from talented resources.

A credential-based attack occurs when an attacker steals credentials, extends privileges, and compromises critical data. Credential theft is the first stage of a lateral movement attack and stopping the attack early in the process can make a material impact on the success and damages incurred by an attacker. According to Verizon’s 2021 Data Breach Investigation Report, credentials remain among the most sought-after data types by attackers (60%). Stolen Credentials have been behind some of the largest and most costly data breaches.

The Attivo ThreatStrike cloaking hides and denies unauthorized access to applications. For example, only Chrome will have access to its credential store, and all other applications won’t. The product launches with support for 75 of the most popular Windows applications that attackers target, with a plan to add more applications in the future.

“The benefit of credential protection is that only allowed system software can access them,” said Srikant Vissamsetti, senior vice president of engineering at Attivo Networks. “Customers will benefit from the prevention of unauthorized access, which can lead to credential theft attacks, such as Pass-the-Hash, Pass-The-Ticket, and Password Theft that can be extremely difficult to detect and stop.”

This new capability directly addresses sophisticated attack techniques as outlined in the MITRE ATT&CK Credential Access Tactic, such as OS Credential Dumping (T1003), Credentials from Password Store (T1555), Unsecured Credentials (T1552), Steal or Forge Kerberos Tickets (T1558) and Steal Web Session Cookie (T1539). With endpoint credentials now hidden from attacker view, the ThreatStrike solution plants bait on the endpoint, designed to appear as popular production Windows, Mac, and Linux credentials. As threat actors conduct reconnaissance, these lures will appear as attractive bait for in-network attackers to steal.

“The growing risk of credential theft attacks and misuse is the root cause of many modern cyber incidents,’ said Ed Amoroso founder and CEO of TAG Cyber. ‘The recent Verizon Data Breach Report, for example, underscores stolen credentials as a top target for attackers. This challenge in the market is fueling the need to reduce credential risk by managing entitlements in the context of an authorization model. With the introduction of credential cloaking and policy-based application access, Attivo Networks is well-positioned to emerge as a significant player in the identity detection and response market.”

The addition of credential cloaking also adds to the company’s stack of cloaking technology. The company can currently cloak Active Directory objects, as well as files, folders, network, and cloud mapped shares, and removable drives. This technology is distinctly different from traditional deception technology that weaves fake objects amongst real ones. Cloaking technology hides real assets and puts fake data in its place. This combined innovation has received recognition and awards for its efficacy in identifying and deterring both ransomware and advance attack tactics.

The Attivo Networks Endpoint Detection Net (EDN) Suite is a component of the company’s identity detection and response (IDR) offering. IDR solutions grew popular in 2021 as the technology became available to detect identity theft, privilege escalation, and lateral movement threat activities. The company’s EDN solution includes:

• ThreatStrike: for credential protection
• ADSecure: for Active Directory protection
• ThreatPath: for credential attack path visibility and attack surface reduction
• Deflect: prevents fingerprinting of endpoints to identify targets and vulnerabilities to exploit
• Central Management: manages EDN and comes with the ability, through licensing, to add visibility to Active
• Directory and cloud entitlement exposures and vulnerabilities

Are you participating in GITEX 2021? If yes, which products and solutions will you be showcasing at GITEX Technology Week?
Yes, we will be exhibiting at GITEX alongside our partner, CyberKnight. In the 2021 edition of the event, we will introduce a new category of solutions called Identity Detection and Response (IDR), an umbrella for identity-based attack prevention and detection. IDR is about protecting credentials, privileges, and the systems that manage them as opposed to authorization and authentication, which focuses on making sure the right people have access to what they need.

We’ll also be showcasing the five solutions we offer that fall under the IDR category, which are:

• The ADAssessor solution, which provides continuous visibility to Active Directory (AD) exposures that are vulnerable to attack and detects advanced Active Directory attacks in real-time.
• The ThreatStrike solution, an agentless technology that resides on the endpoint as the first line of defense against credential theft. Deception credentials lure attackers into engaging and revealing themselves. Through misdirection of the attack, organizations gain the advantage of the time to detect, analyze, and stop an attacker.
• The ThreatPath solution, which discovers hidden elements throughout the network that enable lateral movement that attackers could use to advance attacks.
• The ADSecure solution, which prevents attackers from accessing information from Active Directory by efficiently concealing the real objects and returning fake information when an attacker queries AD to access critical assets in the network.
• The IDEntitleX solution, a Cloud Infrastructure Entitlement Management (CIEM) solution designed to deliver visibility and reduce the attack surface for identities and entitlements in the cloud. IDEntitleX expands the company’s leadership position in providing unprecedented visibility and prevention of identity privilege escalation and lateral movement threat activity. With this product, Attivo becomes the only solution of its kind to provide end-to-end analysis of identity and entitlement exposures and risks on endpoints, Active Directory (AD), and the cloud.

What are your expectations from the event this year?
GITEX 2021 is an important event because it’s the first industry event where people have gathered in person since the pandemic broke out. The Attivo team is happy to participate in GITEX this year to have impactful conversations with our channel partners and customers.

This allows us to understand the market and its needs better while staying up to date with the latest trends and concerns within the cybersecurity field. Attending events where our stakeholders are present provides us insight into maintaining our position as the leader in identity detection and response, delivering a superior defense for preventing privilege escalation and lateral movement threat activity.

Do you hope for a business relief from the event?
Being in the UAE gave us a unique vantage point of witnessing organizations in the Middle East accelerate their digitalization timelines to overcome the challenges of the past year and a half. The pressures of the pandemic have only resulted in turning coal into diamonds.

GITEX 2021 is an important event to attend this year as it is in Dubai, a hub for the region’s digital transformation. It showcases many new technologies developed in the past year, thus displaying the breakthroughs in the field and encouraging the development of technology businesses beyond the pandemic.

What will be your theme of participation at GITEX?
Alongside joining the conversation on protecting the Active Directory, Attivo’s main message during this year’s show is introducing a new security category: Identity Detection and Response (IDR). A credential-based attack occurs when an attacker steals credentials, extends privileges, and compromises critical data. Credential theft is the first stage of a lateral movement attack and stopping the attack early in the process can significantly impact the attacker’s success and the damages they can cause.

According to Verizon’s 2021 Data Breach Investigation Report, credentials remain among attackers’ most sought-after data types (60%). Stolen Credentials have been behind some of the largest and most costly data breaches. With identity-based attacks on the rise, organizations must detect when attackers exploit, misuse, or steal enterprise identities.

Identity Detection and Response (IDR) is a new security category adjacent to Endpoint Detection and Response (EDR), Extended Detection and Response (XDR), Network Detection and Response (NDR), and other detection solutions. While some might want to ask whether the industry needs yet another acronym amid cybersecurity’s seemingly endless alphabet soup, IDR fills a significant gap in the identity security landscape.

How have your regional strategies changed in recent months?
Our emphasis has been targeted toward identity-based security and securing the transition to the cloud. Attivo recently expanded its Identity Detection and Response portfolio with Credential Cloaking and Policy-based Application Access. With this new functionality, Attivo becomes the only solution of its kind to cloak real credentials from attackers.

Organizations are moving to the public cloud in record-setting numbers, but with this growth comes unanticipated security challenges with user identity management and the explosion of “non-human” identities such as applications, databases, and data stores. Gartner, Inc. estimates that “By 2023, 75% of security failures will result from inadequate management of identities, access, and privileges, up from 50% in 2020”1. Unfortunately, traditional security tools are ill-equipped to handle this explosion of resource management and, as a result, over-provision access and exasperate security risks.

The new IDEntitleX solution reduces this risk by providing security teams with a unified view of identities and exposures across the organization to address provisioning management challenges while maintaining operational effectiveness. This includes multi-cloud support for AWS and Azure and provides detailed entitlement visibility for users, applications, virtual machines, containers, serverless functions, and other objects which attackers seek to target.

“As organizations continue to adopt cloud infrastructure at an ever-increasing rate and human and non-human identities expand to match, CISOs must focus on identity-first security solutions that can keep pace with this growth,” said Venu Vissamsetty, VP of Research at Attivo Networks. “This CIEM solution gives security teams the optimal flexibility and visibility they need for continuous monitoring of identities, entitlements, as well as correlation across standard cloud-based services.”

“In today’s heady atmosphere of accelerated app delivery, security is all too often remaining an afterthought,” said Rik Turner, principal analyst at Omdia. “The rapid enterprise adoption of cloud computing has revealed a latent threat of ‘permission sprawl,’ and this challenge is driving an emerging technology segment that prioritises visibility and reduces the attack surface for identities and entitlements in the cloud. With the introduction of IDEntitleX, Attivo Networks is well-positioned to emerge as a major player in the CPM or CIEM market.”

The Attivo Networks IDEntitleX solution meets the challenges of identity and entitlement management with the following benefits:

• Broadest Range of Cloud Visibility: Understand exposures with identity and entitlement summaries across all platforms.
• Platform-Specific Cloud Visibility: Monitor entitlements to key cloud services, such as AWS S3 and Azure Key Vault.
• End-to-end Visibility: View endpoint, Active Directory, and cloud exposures from a centralized management console.
• Object-specific Risk Assessment: Isolate objects by risk and analyze the details of their entitlements.

How has the security threat landscape evolved over the past few months?
Like everything else, the COVID-19 pandemic is having a direct impact on the increasing cyber risk level. Remote workforces have increased the attack surface, cloud breaches have increased, and ransomware demands have hit staggering levels. As we embrace the digital world, the cyber threat landscape changes. We see IoT devices becoming more vulnerable to cyber-attacks and the rollout of 5G, which introduces a new set of security risks.

In the past few months, we witnessed an increasing number of cyber-attacks globally, affecting organisations of all sizes, including Microsoft, SolarWinds, Acer, Sierra Wireless and others. We also saw a significant rise in ransomware attacks and payouts, with demands recorded over $50 million.

What sort of security challenges are people facing when working from home, and how is your company equipped to handle those challenges?
Working from home means factoring in a significantly expanded attack surface of devices and unsecured Wi-Fi networks that can make devices directly vulnerable since home Wi-Fi networks may use weaker security passwords and protocols. Once attackers compromise a system, they will look for vulnerable connections to exploit and gain access to company networks. Security practitioners must also be conscious that employees might use devices that are already compromised when they return to the office.

Reconnecting them to the central network might pave the way for cybercriminals to access the enterprise. Users may also mistakenly store their account credentials on their workstations, leaving them available for attackers to steal and reuse.

How has ransomware evolved during the pandemic period and what are you doing to tackle the problem?
Ransomware attacks increased by an astounding 485% in 2020 compared to 2019, according to Bitdefender’s 2020 Consumer Threat Landscape Report. The pandemic caused most of us to work from home, causing a significant increase in the risk of a successful ransomware attack. This increase is due to weaker home IT security and a higher probability of users clicking on COVID-19 themed or other persuasive ransomware lure emails. Criminal groups are craftily taking advantage of employees working from home, allowing them to leverage weaker security to insert themselves into the business networks.

Ransomware-as-a-service is also on the rise, making it easier for nonskilled people to become cybercriminals. In addition, cybercriminals have adopted more creative ways to extract payments, like extorting an organisation’s customers for additional payouts. While it is impossible to prevent every possible attack, proper planning and use of lateral movement prevention technologies like deception and concealment technologies could avert a more significant impact on the organisation.

How can companies overcome digital security and privacy challenges?
One of the strongest ways to provide better digital security and privacy protection is to take an identity-first security posture. Instead of thinking about layered protection at the edge of a network, businesses should start with how best to protect credentials and privileges and provide least-privileged access to data. This approach requires a different level of security architecture and must cover endpoints, Active Directory and cloud environments. A primary place for security teams to start is with protecting Active Directory.

It is the prime target for attackers seeking to access the credentials and privileges they need to elevate their attack. Despite being such a critical control, it is intrinsically insecure, which attackers leverage to their advantage. The loss of Active Directory Domain control can create a devasting and game-over situation for an organisation’s digital security and ability to maintain privacy for its customers.

Do you believe companies today have accelerated their digital transformation initiatives?
Companies used to be careful about how quickly they introduced new technology solutions and how advanced they were. However, the responses to the COVID-19 pandemic have sped up the adoption of digital technologies by months or even years as they raced to maintain uninterrupted operations. According to a new McKinsey Global Survey of executives, their companies have accelerated the digitization of their customer and supply-chain interactions and their internal operations by three to four years. Additionally, the share of digital or digitally enabled products in their portfolios has accelerated by a staggering seven years.

What are the cybersecurity trends for 2021?
Like the rest of the world, the cybersecurity industry in the Middle East will witness increased use of AI in applications and in-depth analysis of network traffic to spot anomalous behaviour. AI will also help to stress-test security measures to ensure maximum protection. On the other hand, cybercriminals will also have equal access to AI. They will use it continue to crack codes, break encryption and unlock passwords.

In 2020, the industry and analysts did a big push to educate the world on the benefits of cyber deception. With the increase in sophistication and destructiveness of attacks, it became clear that organisations needed cyber deception capabilities to detect attackers as they attempt to break out and move laterally from a compromised endpoint. Deception has also gained recognition for its efficiency in detecting exposed and misused credentials, which attackers use in most attacks. Although modern deception platform availability began to appear around 2014, many security professionals see 2021 as the “year of deception.”

Although many organisations may think they have already taken the steps required to avoid ransomware attacks, systems infections are still occurring at unprecedented rates. The ransomware attack on Oman’s largest insurance company in Jan 2020, which caused data loss but no publicized monetary loss, is a good example of how aggressive these attackers can be. Given the attacker’s success rates, one can expect ransomware to continue to be a significant threat throughout 2021.

So-called ransomware 2.0, where humans rather than automated code guide attacks, will continue to increase in 2021. Attackers will take more sophisticated and aggressive paths to gain domain control to inject their ransomware code en masse into systems. Security teams must continue to guard against attacks. They should look at adopting security controls that provide visibility into Active Directory vulnerabilities and misconfigurations and prevent attacker privilege escalation by hiding and denying their access to Active Directory privileges. Using concealment technology can also be a significant deterrent. In this case, the technology can hide files, folders, and the data the attacker seeks so that they can neither steal nor encrypt a company’s files.

Businesses stabilized working from home in 2020, which seems to continue in 2021, causing a higher cybersecurity risk with employees accessing the network remotely and sometimes using personal devices. Internal security controls must adapt to addressing these increased risks. CISOs and CTOs should immediately assess their VPN and cloud security programs. They should also put in programs to detect the misuse of a legitimate employee’s credentials and in-network lateral movement, privilege escalation and data collection activities.

What are the key factors to consider to make sure the digital economies of today are secured?
A trusted digital economy could stimulate valuable additional growth for organisations over the years. The Covid-19 pandemic has fueled tremendous growth in internet commerce, and organisations are adopting new and emerging technologies faster than they can address related security issues. The pandemic has also motivated businesses to accelerate efforts to grow their digital presence and speed app development to meet consumers’ demands and expectations as they move online.

This situation comes with inherent supply chain risks if the organization cannot properly vet providers and their software. Just as companies head online to where the consumers are, cybercriminals are doing the same, targeting the weaknesses of these companies. Hence, cybersecurity is emerging at the top of risks companies face in the age of the digital economy. To meet these threats, organisations must scale up their security efforts. These should include security automation, AI and increasingly assessing critical systems like Active Directory for credential and privileges protection.

With edge perimeters dissolving, an identity-first security posture will better position the company to protect its employees’ identities, credentials and privileges. Viewing this across the entire threat landscape from endpoint to Active Directory to the cloud will provide comprehensive coverage for today and as the company continues to expand on its digital transformation.