ID & Access Management , Technology

Why Credentials Are 'The New Perimeter'

Gerrit Lansing of CyberArk on Ramping Up Credential Management

Because so many major data breaches involve using compromised privileged credentials, organizations must ramp up their credential management efforts, says Gerrit Lansing of CyberArk.

See Also: 2017 Predictions on Data Security: Insights on Important Trends in Security for the Banking Industry

"Credentials are your new boundary, your new perimeter," Lansing says. That's why it's so essential to deny the ability of hackers to escalate privileges so they can go beyond accessing an individual workstation and, for example, access sensitive data on a server, he adds.

"It takes rigorous practices around password management, ensuring that all of our passwords are unique." Lansing stresses. "It takes an investment in the idea that credentials are your new perimeter, and that means that we need to isolate sensitive assets, meaning no one connects directly to a sensitive asset from their workstation. We have to protect privilege with strong authentication. So if I'm going to gain access to a domain controller ... I need to strongly assert my identity and I need to not be doing that from my workstation."

In this video interview at Information Security Media Group's recent Healthcare Security Summit in New York, Lansing also:

  • Discusses new phishing threats, such as criminals impersonating trainers following up on phishing awareness sessions;
  • Describes why protecting the perimeter is an inadequate approach to security.

Lansing, CISSP, is chief architect at CyberArk, where he architects, standardizes and promote solutions with CyberArk's core products and new strategic directions. Lansing and his team also support CyberArk's goals as public ambassadors and advise and collaborate throughout the CyberArk team.


About the Author

Information Security Media Group

Information Security Media Group (ISMG) is the world's largest media company devoted to information security and risk management. Each of its 28 media sites provides relevant education, research and news that is specifically tailored to key vertical sectors including banking, healthcare and the public sector; geographies from the North America to Southeast Asia; and topics such as data breach prevention, cyber risk assessment and fraud. Its yearly global Summit series connects senior security professionals with industry thought leaders to find actionable solutions for pressing cybersecurity challenges.




Around the Network