Cyber Magazine - July 2023

R I S I N G

RANSOM WARE: HO W BUS I NESSES CAN F I GHT BACK

We explore the best practices to prevent ransomware attacks and the future of the threat landscape

Is your organisation secure?

Are you 100% protected from the latest cybersecurity threats?

The cybersecurity landscape changes every day, so organizations face mounting challenges when it comes to protecting their digital assets.

This thought leadership roundtable featuring experts from Tech Mahindra and Microsoft explores how nextgeneration Security Information and Event Management (SIEM) systems powered by cloud computing and artificial intelligence can help you protect your business.

By harnessing the scalability and agility of the cloud, combined

with advanced AI algorithms, this cutting-edge SIEM technology enables defenders to gain a deep understanding of the threat landscape.

Armed with this knowledge and insight, you can proactively hunt and mitigate threats in real-time, bolstering your cybersecurity defenses and minimizing potential damages.

Tech Mahindra and Microsoft will deep dive into the key features and benefits of this SIEM solution.

Can you afford to miss it?

The Digital Platform for Cyber Leaders

Ways to Work With us

Cyber Magazine is an established and trusted voice with an engaged and highly targeted audience of 45,000 global executives

Digital Magazine

Website Newsletters

Industry Data & Demand Generation

Webinars: Creation & Promotion

White Papers & Research Reports

Lists: Top 10s & Top 100s

Events: Virtual & In-Person

WORK WITH US

CHIEF

MANAGING

PROOFREADER

JESS

CHIEF

MATT

ANDY

LEAD

REBEKAH

DANILO

SENIOR

DREW

JOSEPH

SALLY

JINGXI

PRODUCTION

GEORGIA

DANIELA

PRODUCTION

JANE

MARIA

YEVHENIIA

MARKETING

PROJECT

MEDIA

JASON

PRESIDENT

GLEN

The changing security needs for the hybrid network

As remote and hybrid working continues to become the norm for many organisations globally, IT teams face increasing cybersecurity challenges

The pandemic might be behind us, but hybrid working is here to stay – with a recent report by Littler Mendelson PC finding over 70% of US employers are embracing hybrid work models.

But, though hybrid working offers many benefits, such as increased flexibility and reduced overhead costs, it also presents unique cybersecurity challenges that companies must address. According to a report by EY, remote working can increase an organisation's vulnerability to security threats.

As remote and hybrid working continues to become the norm for many organisations globally, IT teams face the challenges of ensuring the new corporate network and infrastructure are fully equipped to be able to securely facilitate this new flexible work environment.

As Etay Maor, Senior Director of Security Strategy at Cato Networks, explained to us this month, traditionally, the corporate workforce has been tethered to office configurations that made it easier to provide secure access to company applications.

As Maor describes, organisations looking to support hybrid work will require a long-term strategy. MARCUS

marcus.law@bizclikmedia.com

“Hybrid working presents unique cybersecurity challenges that companies must address”

UP FRONT

Security Operations Center as-a-service (SOCaaS) provider

Quzara Cybertorch ™ enables robust Cyber Threat Management

Quzara Cybertorch™, the first FedRAMP HIGH Ready SOC-as-a-Service, provides the following security capabilities to Materion’s ecosystem:

• 24/7/365 Security Monitoring

• Managed Extended Detection and Response (MXDR) to cyber threats

• Adhere to multiple security compliance frameworks

• Detecting, preventing, and investigating suspicious activities

• Vulnerability management and Threat Remediation

CONTENTS

58

66 TECHNOLOGY

Security should not be an afterthought in cloud security

BIG PICTURE

US chipmaker banned in China over ‘security risk’ concerns

Boise, Idaho

Beijing stepped up its feud with Washington in May after announcing that products made by Idaho-based memory chip giant Micron Technology pose a national security risk. China’s cyberspace regulator said that it found Micron products had unspecified “serious network security risks” that were a hazard to the country’s information infrastructure.

CAC’s statement did not provide further details of the risk or which Micron products were deemed a threat.

NTIT Y

to independent contractors, using personal devices to access sensitive corporate data can pose serious cybersecurity risks for companies. It is essential to understand these risks and implement robust security protocols and proactive measures.

Research by Beyond Identity indicates that short-term contractors may enjoy long-term access to corporate data and accounts. They may also be accessing this data from devices that are not well secured. This access ranges from financial affairs (87%) to communications channels (64%) to operational processes (63%). This risks significant corporate data breaches, social media hacks and phishing attempts.

Q. WHY IS FOLLOWING PROTOCOL SO IMPORTANT?

» Contractors are also less likely to follow established security protocols to protect devices. According to the survey findings, 62% of companies required contractors to adhere to security protocols during the onboarding process. Most gig workers surveyed reported complying with this requirement by using complex passwords that are regularly changed. While multi-factor authentication and firewalls were identified as top security measures contractors took to guard against cyberattacks, less than half of the respondents confirmed using these safeguards.

There are over 2,000 cyber attacks every day, leading to more than 800,000 people or businesses being compromised each year. One of the leading causes is human error, with 88% of attacks attributed to mistakes. Failure to adhere to security protocols can thus have significant consequences.

Sadly, the research revealed that 76% of freelancers had been hacked while working on a gig. This has resulted in 64% having an average of US$260 stolen, usually by unauthorised purchases. At the same time, 60% of gig worker usernames and passwords have been stolen, providing an access point for data theft.

Q. TELL US ABOUT THE IMPORTANCE OF PUTTING TRAINING FIRST?

» Hacking attacks are frequently the result of employee mistakes, making those who use gig workers responsible for ensuring they are adequately trained in cybersecurity processes. Adversary methods change constantly, and we need to stay up-to-date with all the latest techniques. Prevention is better than a cure, so organisations should start with a robust security protocol and comprehensive training.

Training can be as simple as highlighting the potential harm of phishing scams, malware, and other forms of cyberattacks; encouraging phishing-resistant multifactor authentication; and teaching about the danger of clicking on unknown links or downloads. Better yet, organisations across the board should move to passwordless technology and phishing-resistant MFA for the internal systems that gig workers access. It is also worth ensuring you hire the right workers by joining the 69% of businesses that perform background checks on gig workers. That helps avoid hiring someone with a history of cybercrime.

Q. HOW CAN ORGANISATIONS MINIMISE DISRUPTION?

» Although many companies prioritise cybersecurity protocols before and during gig work, implementing measures after the gig is over is equally essential, if not more crucial. These post-gig measures are critical to maintaining cybersecurity and ensuring that sensitive data remains protected, which might come as a shock to the 33% of respondents who said that they only sometimes change internal passwords after a gig worker has finished their contract. Gig workers can also be a source of frustration with regular requests for access. According to the research, 40% of managers are contacted daily for this reason, with another 35% being bothered a few times per week. This adds up to 34 minutes per day spent on these tasks, which explains why it might be tempting to forget to change passwords.

Undoubtedly, COVID-19 and the ongoing evolution of the gig economy have turbocharged the number of contractors. It is clearly a flexible, cost-effective model that has benefits for employers and contractors alike; however, security must remain paramount at all times. Temporary passwords and restricted access are a limited solution but remember to revoke access and update passwords post-contract. That way, both the employer and gig worker can work safely and securely today and in the future.

Jasson Casey, CTO of Beyond Identity, on asymmetric secrets and the passwordless authentication

“Although many companies prioritise cybersecurity protocols before and during gig work, implementing measures after the gig is over is equally essential”

JOHN CHEN JOHN CHEN

Fifteen years ago, BlackBerry’s mobile handsets dominated the landscape with their physical keyboards and innovative tools for business users.

But by the time John Chen, BlackBerry’s Executive Chairman of the Board and Chief Executive Officer, joined the business, it was a very different picture.

The launch of the iPhone in 2007 heralded a huge change in the mobile handset industry. And, rather than embracing a new world of touch screens and mobile apps, BlackBerry got left behind.

By November 2013, the company’s market share had fallen dramatically. Recognising the need for a radical shift in strategy, Chen was instrumental in steering BlackBerry away from the handset business and towards becoming a leader in cybersecurity and enterprise software solutions.

Career before BlackBerry

Born in Hong Kong, Chen pursued his education at Brown University in Rhode Island, where he earned a bachelor’s degree in electrical engineering.

Obtaining a master’s degree in electrical engineering from the California Institute of Technology (Caltech), Chen’s career in the technology industry began in 1978 when he joined the prestigious Unisys Corporation. Throughout his tenure at Unisys, he held various leadership positions, honing his skills in developing and implementing innovative strategies to drive business growth. In 1991, Chen joined Siemens Nixdorf as the president and CEO of its Open Enterprise Computing Division, further solidifying his reputation as a dynamic leader in the technology sector.

In 1997, Chen took on the role of CEO at Sybase, a struggling enterprise software and services company. Under his visionary leadership, he orchestrated a remarkable

LIFETIME ACHIEVEMENT AWARD

turnaround, refocusing the company on mobile enterprise solutions and expanding its global reach. Chen’s strategic decisions and business acumen successfully transformed Sybase into a profitable, respected company, eventually leading to its acquisition by SAP AG in 2010.

Joining BlackBerry in 2013

Chen led BlackBerry’s turnaround, successfully stabilising the company’s financial position, ensuring its viability, and pivoting its operations from consumer hardware to enterprise software.

EXECUTIVE BIO

TITLE: CEO & EXECUTIVE CHAIRMAN

COMPANY: BLACKBERRY

Appointed in November 2013, John led BlackBerry’s turnaround stabilising the company’s financial position, ensuring its viability and pivoting its operations from consumer hardware to enterprise software. Today, the company takes advantage of the current growth opportunities in IoT and cybersecurity.

A distinguished business leader and proven turnaround executive with over 40 years of engineering and management experience, prior to joining BlackBerry, Chen served as Chairman and CEO of Sybase Inc., where he re-invented the company and achieved 55 consecutive quarters of profitability during his 15-year tenure.

LIFETIME ACHIEVEMENT AWARD

Today, the company takes advantage of the current growth opportunities in IoT and cybersecurity, and is pioneering the convergence of these two markets.

Under Chen’s leadership, BlackBerry recognised the challenges and intense competition in the mobile handset market. Chen made the strategic decision to shift the company’s focus away from handsets towards cybersecurity and enterprise software solutions. This shift allowed BlackBerry to leverage its expertise in mobile security and capitalise on emerging opportunities in the cybersecurity market.

Having begun to outsource some of its device manufacturing since 2013, the company announced in 2016 that it would be leaving the smartphone manufacturing business.

To kickstart BlackBerry’s cybersecurity consultancy, Chen acquired Encription – a UK cybersecurity company – for an undisclosed amount in 2016. He also acquired Cylance, a security software start-up that uses artificial intelligence to identify and disarm threats, for US$1.4bn in cash in February 2019.

In 2022, BlackBerry announced the end of an era with the decommissioning of its infrastructure and services used by its legacy software and phone operating systems.

“BlackBerry ushered in the mobile workforce and messaging revolutions that changed the world,” Chen wrote in a blog post. “The grandeur of our mission to make the world a better place has not changed.

“Five years ago, we reinvented BlackBerry as a software company, allowing us to stay 100% focused on providing enabling technologies to ensure the safety and security of all the devices and systems you rely on. We invested and invented our way to leadership positions in cybersecurity,

“Today, we secure 96% of the threat landscape, preventing more than 165 million cyberattacks in 2021 alone”

BlackBerry 35 Years of Security

encrypted voice and digital communications, automotive safety, and innumerable connected IoT (Internet of Things) systems and devices in fields such as medical, industrial, avionics, and more – all with the common thread of intelligent security.

“Today, we secure 96% of the threat landscape, preventing more than 165 million cyberattacks in 2021 alone. We securely connect more than 500m mobile, desktop and IoT endpoint devices. Our safety-certified software is used in over 195m vehicles – including those from 24 of the top 25 electric vehicle (EV) manufacturers – and we continue to expand into new markets with new capabilities and innovation.”

“Letting go of the past is always bittersweet, even when a brighter future awaits,” Chen added. “At BlackBerry, that brighter future is based on a commitment to solving the world’s most pressing problems with our industry-leading technologies in artificial intelligence and machine learning, safety-certified real-time operating systems, critical event management, secure communications and more.

“We’re expanding and applying that portfolio of capabilities every day to help more customers create a safer, smarter, and infinitely more secure way to live and do business.”

The World’s Fastest Growing Fintech & Crypto Event

8 - 9 November 2023

QEII Centre, London

SPONSORSHIPS GET YOUR PASS

Leveraging procurement to shape the future

Linda Siegert, SailPoint's SD of Global Procurement, on leveraging culture, sustainability & transparency in procurement to drive long-term strategic success

As technology accelerates at near-exponential rates, invariably bound up with the internet and big data, security considerations explode in accordance with this growth. A very large part of these security concerns is around ‘identity’.

PwC’s recent Global Economic Crime and Fraud Survey found that of 1,296 executives surveyed across 53 countries and regions, 51% of organisations said they had experienced fraud in the previous two years – the highest level in PWC’s 20 years of research.

We interviewed Linda Siegert, the Senior Director of Global Procurement for SailPoint Technologies, to find out how they leverage culture in procurement to influence the future.

SailPoint is the leading provider of identity security for the modern enterprise. They help organisations discover, manage and secure all identities across all environments.

As Senior Director of Global Procurement, Siegert began her career in accounting and quickly found that while she was good at the numbers, she more enjoyed the working relationships and the stories that the numbers could tell. Siegert transitioned into an HR role and then HR leadership, which further solidified how much she enjoyed “empowering people for success”.

EXECUTIVE BIO

INDUSTRY: SOFTWARE DEVELOPMENT

LOCATION: UNITED STATES

SailPoint is a leading provider of identity security for the modern enterprise, empowering organisations worldwide to put identity security at the core of their business. With a foundation of artificial intelligence and machine learning, SailPoint identity security delivers the right access to the right identities and resources at the right time.

Leveraging procurement to shape the future

“Procurement is really the brilliant marriage of the two: the numbers and the people. It enables me to do what I'm passionate about — giving me a unique perspective and approach to our strategic goals.”

“Today, I have the privilege of leading an incredibly talented procurement team with a focus on sustainable strategic procurement that stretches beyond simple spend management, but also includes risk in contractual management, supplier lifecycle management, compliance and audits and sustainability throughout the entire lifecycle. It allows us to be on a continual growth track. The exciting part is the continual maturity road on which I get to lead the team.”

Now at SailPoint, Siegert has set her sights on the intersection between culture, sustainability in procurement activity. These aspects mesh more naturally than one would expect.

“ We don't view the buying landscape as just a numbers game – because numbers are only a part of our overall success”

LINDA SIEGERT SENIOR DIRECTOR OF GLOBAL PROCUREMENT, SAILPOINT

SailPoint's unique procurement philosophy: the four ‘I’s Siegert says that SailPoint sets itself apart in that the company “lives and breathes culture” through the Four ‘I’s of Innovation, Impact, Individuals and Integrity.

Within procurement, these values are cornerstones to every interaction. They inform buying approach and allow the procurement team to look past dollars to drive ROI deeper into the business.

“Our dollars shouldn't just buy things, they should grow things,” Siegert says. “We don't view the buying landscape as just a numbers game - because numbers are only a part of our overall success.

“There really is no single way to solve a problem, and just because it’s worked ten other times already, that doesn't mean it's going to work for an eleventh”

LINDA SIEGERT SENIOR DIRECTOR OF GLOBAL PROCUREMENT, SAILPOINT

“When two companies interact, it's relational, and if we're to achieve long-term strategic success, we can't only focus on the numbers. We need to look deeper, expect higher values from our suppliers, and ensure that our suppliers’ company goals align with SailPoint's goals for spend sustainability.”

SailPoint utilises its core values to maximise the value of its supplier interactions because, says Siegert, “within this structure, success can always be found.”

Core message as it relates to procurement Siegert says that what separates SailPoint is its ability to think outside of the box.

“We don't have to think like mainstream procurement,” she says. “Let's think from a human perspective; let's think from a creative perspective and use organisational values to provide a natural foundation for procurement strategic thinking.

“There really is no single way to solve a problem, and just because it's worked ten other times doesn't mean it's going to work for an eleventh. It’s important to always be thinking of a better way to do it. When it comes to our foundational core values for innovation within the procurement team, we're developing real solutions for challenges and solving problems.

“When we engage with suppliers, we are solving a need. Our suppliers and all those we have relationships with understand our challenges. They know there's a bottom-line impact – and they want to make us better. When we combine our knowledge with our suppliers to create a truly successful relationship, both parties win.”

Asked about overarching goals, Siegert says: “Our goal always is impact.” She points out that for SailPoint procurement, success

is based on measurable results, and this takes the form of KPIs, in-depth due diligence and clear standards for excellence and engagement.”

“We value individuals and both the work they do and the roles they serve. We treat people with integrity and deliver on the commitments that we make - and we expect others to deliver on the commitments that they themselves make.”

“We base our relationships on trust and offer honest solutions. We want our suppliers to do the same for us. If there are issues that need to be resolved, we do it with transparency. Achieving and maintaining strong, healthy relationships is foundational.”

Transparent supplier engagements Siegert says that SailPoint procurement approaches its supplier engagements

“When it comes to our foundational core values for innovation within the procurement team, we’re developing real solutions for challenges and solving problems”

LINDA SIEGERT SENIOR DIRECTOR OF GLOBAL PROCUREMENT, SAILPOINT

with transparency and deeply holds company strategy at the forefront of her team’s goals. “We partner closely with our business areas to understand their objectives and walk alongside them as partners so we can help them drive strategy and corporate vision in a sustainable way.

“Culture impacts the dollars we spend. It drives the talent and positioning of the team beyond just a job title. It empowers the procurement team to do what they love and creates healthy partnerships while making a long-term impact,” Siegert says.

“I encourage my team to be relationship driven with a focus on strategic partnerships and lifecycle sustainability. When coupled with spend management, that's impactful for everyone.”

Her team also offers its expertise and innovations to SailPoint’s suppliers. “We're all on an innovation journey and we regularly collaborate with our suppliers to innovate and find new and creative ways of solving SailPoint goals. For us, depth is key,” she says. “We don't want to wade in the pond when we can really swim in the ocean.”

SailPoint’s procurement partners

When asked about SailPoint’s procurement partner ecosystem Siegert says that they have a number of really amazing procurement partners and strategic supplier partnerships, and of course, that it's difficult for her to list them all, “but I'll mention a couple of examples from two opposite sides of business support,” she says.

“Since we are a global company and we're providing support in all areas, we hold events all over the world. We wouldn't be able to robustly serve the business without the partnership of companies like Prestige Global Meeting Source (Prestige), who support us globally through sourcing our

company event locations with their intimate knowledge of the global meeting and event landscape.

“Prestige just outshines any other company I've worked with in this area. They are strategic, hands-on, and truly a genuine pleasure to work with. Prestige emulates our core values, placing our success as their top goal.

“On the operational side of the business, we partner with companies like ServiceNow who have a passion for innovation and value the individuals they work with inside of our company. This is highly important for us, as we provide for employee self-service and operational efficiencies at an enterprise level.”

The future of SailPoint’s procurement function

SailPoint’s procurement focus is on managing the current market and the fluctuations that we're all continuing to see – while better positioning the company over the next three to five years.

“We're doing that by continuing to drive depth within the company through our supplier and business stakeholder relationships. We work smart, which means we're always innovating and optimising how the procurement team works, interacts and how we accomplish our goals.

“We don't ever settle for, 'it's working today, so why fix it?' We are always looking for ways to work smarter and automate activities that don't bring long-term value.”

“My team is strategic in nature, so eliminating transactional churn really allows me to focus their talents on the procurement activities that matter and provides SailPoint with the most impact.”

The Portfolio

With almost three-quarters of IT leaders reporting at least one ransomware attack in the last year, it’s crucial for businesses to take proactive measures

From phishing attempts to DDoS attacks, organisations today are facing wave after wave of security threats.

But, amid an ongoing economic downturn, staffing shortages and seemingly endless cyberattacks, some businesses are struggling against the rising tide of ransomware.

The 2017 WannaCry outbreak is perhaps one of the best-known, most damaging examples of a ransomware attack. With the ability to self-replicate, this ransomware strain went viral, infecting more than 200,000 systems across 150 countries. The attack impacted organisations across many sectors, bringing business operations to a grinding halt.

Years later, the global threat of ransomware remains at peak levels, with half of the organisations across all sizes, regions and industries telling Fortinet that they fell victim in the last year.

This month, Cyber Magazine speaks with David Higgins, Field Technology Office at CyberArk, about the ways organisations can protect themselves against ransomware attacks as well as his thoughts on how the threat landscape will continue to evolve in future.

Ransomware has devastating consequences for businesses

One of the most serious and costly cyber threats facing businesses today, ransomware is a specific type of malware that extorts victims for financial gain.

Ransomware attacks can have devastating consequences for businesses, such as disrupting operations, damaging reputation, exposing sensitive information, and incurring legal liabilities.

“When it executes, it prevents victims – usually by encryption – from interacting with their files, applications or systems,” explains Higgins. “Further, ransomware can also facilitate access to an organisation’s internal systems, allowing criminals to look for more machines to encrypt, valuable data to extort, backups to disrupt, shadow copies to delete, and files to be unlocked. This maximises the impact of an attack. Some of the more sophisticated ransomware attacks can even leave backdoors or hidden identities that allow attackers a way in for the future.

“Threat actors often target organisations based on their ability to afford large payouts and aim to hold their files and systems hostage until a ransom is paid.

DAVID HIGGINS

TITLE: SENIOR DIRECTOR, FIELD TECHNOLOGY OFFICE

COMPANY: CYBERARK

LOCATION: ENGLAND

David Higgins is Senior Director in the Field Technology Office CyberArk. Since joining CyberArk in 2010, David has worked to help many of the world’s largest, most complex organisations understand and secure access to their critical data and assets.

This is usually in the form of an untraceable cryptocurrency like Bitcoin. In some cases, victims are instructed to pay the perpetrator by a set time or risk losing access forever. In other cases, the perpetrator intermittently raises the ransom demands until the victim pays.”

How ransomware infects systems

As Higgins describes, by distributing ransomware in bulk using common “spray and pray” tactics – such as phishing, social engineering and exploit kits – attackers can target many organisations and infect numerous desktops, laptops and servers with minimal effort.

“Attackers can also, however, go to great lengths to understand a victim’s technology stack so they can identify and exploit vulnerabilities while pinpointing the most valuable data to encrypt and hold for ransom,” he says. “They can be extremely patient, escalating privileges to circumvent security systems and evading detection for months – or longer – before deploying the ransomware payload. During this time, attackers often target data backups (if they exist) so the organisation can’t restore files after they’ve been encrypted.”

Whereas traditional anti-virus solutions use signature patterns to identify and block

known malware variants, contemporary ransomware continuously morphs and can’t be detected using signature-based methods. As a result, anti-virus vendors can’t keep pace with the evolving ransomware landscape.

“Organisations can defend against modern ransomware by taking a multi-layered, defence-in-depth approach to security,” Higgins explains. “This includes robust Identity Security controls to contain breaches and spread. By combining strong Identity and Access Management capabilities – like multi-factor authentication – with comprehensive endpoint privilege manager and privileged access management solutions, organisations can block and limit the extent that ransomware can execute and spread.”

Ransomware still a cybercrime hotspot

CyberArk’s 2022 Identity Security Threat Landscape Report shows the ransomware attack vector continues to be a cybercrime hot spot, but the scale is staggering: 73% of global IT security decision-makers reported at least one ransomware attack on their organisation in the last 12 months.

The report also found the number of ransomware-based breaches grew by 41%, with attacks taking 49 days longer than average to identify and contain, according to IBM’s 2022 Cost of a Data Breach report. The same report found that destructive ransomware attacks increased by more than US$430,000 in cost for victim organisations.

Best practices to prevent ransomware attacks

As Higgins describes, organisations can make it more difficult for cybercriminals by restricting all network users to work under standard accounts with no admin rights. By cutting admin privileges and elevating certain users on an as-needed basis, security teams can shut off the ability for ransomware to run with escalated privileges and disrupt the attack.

“This is just one of countless ways for attackers to launch ransomware attacks, exploit privileged credentials and start moving laterally towards sensitive IT systems to steal confidential data,” Higgins comments. “Additionally, threat actors can often retrieve cached credentials without ever needing admin privileges. Therefore, having the ability to automatically detect and block credential harvesting attempts is a crucial endpoint security layer.”

Additional supplementary steps include adding automated secrets and credentials management on critical targets, such as backup servers, to eliminate stolen tokens or keys as an entry method. “You can also use a combination of application performance monitoring and security information and event management solutions to develop an audit trail for

“Attackers can go to great lengths to understand a victim’s technology stack”

DAVID HIGGINS SENIOR DIRECTOR, FEILD TECHNOLOGY OFFICE, CYBERARK

CYBERSECURITY

compliance reporting, and closely observe any unusual behaviours that may indicate an intruder in your network,” adds Higgins.

The future of ransomware

Ransomware attacks are constantly evolving in complexity, scope and scale and, recently, a new trend has emerged: intermittent encryption.

“Intermittent encryption is when ransomware forgoes encrypting the entirety of every file, instead only encrypting part of each file, often blocks of a fixed size or only the beginning of targeted files,” concludes Higgins.

There are several reasons attackers choose intermittent encryption over full encryption, according to Higgins: “The most obvious is speed: because files are only partially encrypted, intermittent encryption requires less time spent on each file, allowing the ransomware to impact more files in less time. This means that even if the ransomware is stopped before running to completion, more files will be encrypted, creating a more significant impact and making it more likely the ransomware will end up damaging critical files.

“Additionally, some security solutions make use of the amount of content being written to disk by a process in their heuristics to identify ransomware. With intermittent encryption, less content is written, and, therefore, there is a smaller chance that ransomware will trigger such detections.

“Intermittent encryption starts to blur the line between corrupting files and making files truly unusable. However, because the malware can end up leaving a large portion of the files unencrypted, there are – fortunately – tools available that can extract data from the non-encrypted parts of the files and recover some of the unencrypted data.”

THE CRUCIAL IMPORTANCE OF IAM IN A HYBRID

n today’s digital landscape, where data breaches and cyber threats have become commonplace, safeguarding sensitive information has, in turn, become paramount. As the pace of technology adoption continues to move at breakneck speed, the importance of robust cybersecurity measures has never been more critical. Among the various security challenges, managing and protecting user identities has emerged as a top priority. Consequently, the demand for effective Identity Access Management (IAM) solutions is rapidly escalating.

A crucial aspect of modern-day digital security that involves the management of user identities and their associated access privileges to digital systems, applications, and resources, the IAM market is projected to be worth US$39.26 billion by 2030 as the digital landscape continues to evolve.

With hybrid work more common than ever, IAM is a crucial framework for protecting data, ensuring compliance, and optimising operations

“Hybrid work is more common than ever and employees need secure access to company resources, whether they’re working on-site or remotely,” says Microsoft. “This is where IAM comes in. The organisation’s IT department needs a way to control what users can and can’t access so that sensitive data and functions are restricted to only the people and things that need to work with them.”

IAM encompasses the processes, policies, and technologies that enable organisations

to control and secure access to their critical systems, applications, and data. It provides a framework to manage user identities, authenticate their access, enforce security policies, and monitor user activities across various platforms. With the proliferation of cloud services, mobile devices, and remote work arrangements, traditional perimeter-based security measures are no longer sufficient. IAM solutions provide a centralised approach to identity management, ensuring that only authorised individuals can access valuable resources, while minimising the risk of unauthorised access and data breaches.

Zero Trust, cyber hygiene, and the rise of identity-first security

A security concept that has gained significant prominence in recent years and plays a crucial role in IAM, Zero Trust shifts the traditional perimeter-based security model – which assumes trust within the network

“Our security strategy is identity-first – on top of impeccable basic security hygiene”

– to an approach that enforces strict access controls and verification for every user and device, regardless of their location.

In the context of IAM, Zero Trust extends the principle of “never trust, always verify” to user identities and their access privileges. It emphasises continuous authentication, authorisation, and validation of users throughout their entire session, rather than relying solely on initial login credentials. By adopting a Zero Trust approach to IAM, organisations can achieve greater granularity and control over access, reducing the risk of unauthorised access or lateral movement within the network.

As explained in a whitepaper by Okta, Zero Trust is not a novel concept or idea.

What is identity and access management (IAM) and how to use it

“The doors for data and systems to exist anywhere and allow organisations to adopt work-from-anywhere practices also leads to cracks appearing, creating security risks for businesses”

DENIS DORVAL VP SALES INTERNATIONAL, JUMPCLOUD

“The industry has been discussing the reality of the shifting perimeter for nearly two decades, with origins back to the Jericho forum. It has really only been within the last 5-10 years that we have finally reached a point where organisations are prioritising security strategy and technology has seen enough innovation to support the implementation of these new strategies,” it says.

“This was brought into sharp focus in 2020. The worldwide pandemic forced many organisations to shift operations to support remote work overnight, effectively dismantling traditional security models, accelerating the adoption of cloud technologies, and forcing the shift

DENIS DORVAL

TITLE: VP SALES INTERNATIONAL

COMPANY: JUMPCLOUD

LOCATION: LONDON

JumpCloud VP of International Sales Denis Dorval has decades of experience as a proven senior executive in providing software for start-ups and high-growth organisations. He is passionate about leading through innovation with disruptive software and business models, and is an expert in delivering sustained customer success, consistency, and predictability to help businesses to meet their long-term goals.

to support remote work outside the safety of a corporate network. As the world emerged from the pandemic, many organisations made the decision to continue to support a dynamic work model, meaning they must maintain flexibility while securing fully distributed workforces and hybrid working models.”

Marc Rogers, Okta’s Senior Director of Cybersecurity Strategy, explains that an ‘identity-first’ strategy is crucial: “Our security strategy is identity-first – on top of impeccable, basic security hygiene. Gartner has described identity-first security as reaching critical mass’ in the past year, and this is mirrored in what we see in demand from our customers. The trend is not going away.”

“Our Identity-First research has shown that in the wake of the pandemic, identity and access management tools are increasingly important, whatever industry you work in,” adds Rogers. “The pandemic saw network perimeters become increasingly elastic for many companies – and, in many cases, these boundaries broke down altogether.”

In Rogers’ view, the traditional ways of thinking about security are no longer enough: “More than half of companies already adopt a model where a strategic approach to identity is at the centre of security architecture. This can ease the pressure on overworked support teams and, at the same time, limit the impact on productivity. Single Sign On and Multi-Factor Authentication solutions can help to ensure that security is not a time drain for workers.”

“Cybercrime is continually evolving, but cybercriminals are also fundamentally cheap by nature – if a method works, they will keep using it until it stops working. Large changes are expensive for criminal organisations, just as they are for legitimate ones. It is up to businesses to stay ahead of the game by investing in relevant technologies, stopping threats like ransomware before they can gather pace. However, it is also up to all of us to collaborate in creating an ecosystem that is designed to reduce the profitability of criminals and protect those victims less able to protect themselves, such as organisations that exist below the cybersecurity poverty line.”

A robust approach to identity management

Denis Dorval, Vice President, International Sales (EMEA & APAC) at JumpCloud, comments that, despite large-scale cyberattacks filling the headlines and the growing emphasis on security in the

boardroom, instilling good cyber hygiene into an organisation’s culture remains challenging.

“As organisations increasingly rely on digital technology to manage day-to-day operations and take advantage of working on cloud and hybrid environments, IT admins handle a number of users, devices, and applications,” he says. “The doors for data and systems to exist anywhere and allow organisations to adopt work-from-anywhere practices also leads to cracks appearing, creating security risks for businesses.”

“Employees demand flexibility, operational efficiency from their IT stack, and robust security. Despite being widely accepted among CISOs and IT admins as the best threat mitigation strategy, the zero-trust framework is rarely implemented with this in mind. The patchwork of point solutions and MFA applications used in many modern businesses creates a headache of fragmented identities that IT admins struggle to manage centrally. The core ethos of “never trust, always verify” only adds friction to a user’s day-to-day workload.”

Looking to the future, organisations should put identities at the heart of their IT security strategies, leading to IT departments moving from patchwork solutions and on-premises Active Directory environments, Dorval concludes. “A robust identity and access management strategy is the most effective way to protect organisations’ wider attack surfaces.”

he pandemic might be behind us, but hybrid working is here to stay – with a recent report by Littler Mendelson PC finding over 70% of US employers are embracing hybrid work models.

But, though hybrid working offers many benefits, such as increased flexibility and reduced overhead costs, it also presents unique cybersecurity challenges that companies must address. With employees accessing sensitive data from multiple locations and devices, the risk of cyberattacks and data breaches is higher than ever before.

According to a report by EY, remote working can increase an organisation’s vulnerability to security threats, such as cyberattacks, data breaches, fraud, bribery or corruption. Ransomware attacks and social engineering risks increased by 53%, the report said, while 40% of organisations reported a cyber intrusion directed at their remote work environments.

As remote and hybrid working continues to become the norm for many organisations globally, IT teams face the challenges of ensuring the new corporate network and infrastructure are fully equipped to be able to securely facilitate this new flexible work environment.

As Etay Maor, Senior Director of Security Strategy at Cato Networks, explains, traditionally, the corporate workforce has been tethered to office configurations that made it easier to provide secure access to company applications.

Hybrid working might offer many benefits, such as increased flexibility and reduced overhead costs, but it also presents unique cybersecurity challenges

ETAY MAOR

TITLE: SENIOR DIRECTOR OF SECURITY STRATEGY

COMPANY: CATO NETWORKS

LOCATION: GREATER BOSTON

Etay Maor is an industryrecognised cybersecurity researcher. Previously, Etay was the Chief Security Officer for IntSights, where he led strategic cybersecurity research and security services. Etay has also held senior security positions at IBM – where he created and led breach response training and security research – and RSA Security’s Cyber Threats Research Labs, where he managed malware research and intelligence teams.

Etay is an adjunct professor at Boston College and is part of Call for Paper (CFP) committees for the RSA Conference and QuBits Conference. He holds a BA in Computer Science and an MA in Counter-Terrorism and Cyber-Terrorism.

“This,” he says, “has made the need for strong security measures even more complex as traditional perimeter-based network security solutions are no longer sufficient to protect remote and office workers from cyber threats.

“The rise of remote work and cloud technology has rendered traditional, perimeter-focused security solutions obsolete. If a significant percentage of an organisation’s users and IT assets sit outside

of the protected network, then defending that perimeter provides the organisation with limited protection against cyber threats.”

As hybrid work has become the de facto standard for many companies, postpandemic, organisations must also become more flexible with their workplace policies.

“Therefore,” Maor adds, “organisations looking to support hybrid work will require a long-term strategy that ensures their infrastructure is equipped to securely facilitate this new flexible work environment.”

Disparate workforce creates new security challenges

The current threat landscape continues to present the modern enterprise with numerous challenges with remote and hybrid working only compounding those issues further for the IT team. A dispersed workforce creates more specific challenges associated with remote and hybrid working.

The Future of Hybrid Working

“To support hybrid workers,” Maor says, “it’s essential to provide them with secure and uninterrupted access to company resources from any location. This makes it necessary for remote access solutions to maintain consistent security measures and performance standards regardless of the employee’s whereabouts, while also safeguarding the remote workforce.”

Routing remote traffic to the corporate data centre for inspection can also prove challenging, resulting in increased latency and significantly affects network performance and user satisfaction. “Security protocols for remote workers should, therefore, be straightforward to implement and enforce, without compromising the user experience.”

Consistent security – ensuring consistent enforcement of security measures and policies across the entire enterprise, including remote employees – is essential, Maor comments, while resiliency is another challenge: “Remote work is often a crucial

aspect of an organisation’s business continuity plan as it allows businesses to operate even in the event of disruptions to normal operations. To ensure uninterrupted operations, a security solution for remote workers should be resilient to network interruptions.”

Key requirements for remote work security

With traditional perimeter-focused security solutions now obsolete due to this new way of working and a significant percentage of an organisation’s users and IT assets sitting outside the protected network, how does an organisation provide the best protection for its environment?

“What they require is a purpose-built infrastructure designed to offer highperformance secure remote access, and advanced threat protection,” Maor explains. To create this, the key solution requirements are:

• Secure Remote Access: The use of untrusted public networks to access corporate networks and applications poses a significant risk to both remote workers and the company. This risk can lead to a range of cyber threats. As a result, businesses must provide reliable and secure remote access solutions to their remote workers to ensure seamless network connectivity and minimise the risk of security breaches.

By implementing a comprehensive and secure remote access solution that incorporates advanced threat defence, businesses can safeguard their networks and data while enabling their remote workers to stay connected and productive.

• “Cloud Security: In today’s modern workplace, the use of cloud-based business applications has become increasingly prevalent. However, it is essential to ensure the security of these cloud-based applications to prevent any potential security breaches. Traditionally, businesses have resorted to backhauling the remote worker traffic through corporate networks to inspect and enforce policies. Nonetheless, this method has been found to be inefficient, leading to a negative impact on the network’s performance and user experience. Therefore, there is a pressing need for an alternative approach to cloud security that can effectively ensure the safety of business applications without compromising network efficiency or user experience.

• “Secure Site Access: Remote access to company sites can expose organisations to a range of security threats, and traditional methods of securing access to these sites through backhauling remote workers to corporate data centres can result in slow network performance and bad user experience. As a result, businesses must explore alternative ways of securing access to company sites for remote workers that not only provide the necessary security protections but also maintain the efficiency of the company’s website.

• “Advanced Threat Protection: In today’s increasingly digital world, companies often utilise advanced threat protection such as next-generation firewalls (NGFWs) and other similar solutions to safeguard their network perimeters.

It is imperative for organisations to adopt comprehensive advanced threat protection solutions that provide robust security coverage for remote workers as well as on-premises systems to help combat cyber threats.”

Change your infrastructure to SASE

“When we talk about the need for a purpose-built infrastructure, there’s one solution that fits the bill: Secure Access Service Edge (SASE),” comments Maor.

First coined by Gartner in 2019, SASE delivers converged network and security as a service capabilities, including SD-WAN, SWG, CASB, NGFW and zero trust network access.

“SASE is a cloud-based solution that integrates network and security functionalities, providing organisations with a robust and consistent security framework for their entire workforce,” Maor adds. “This amalgamation ensures that network traffic is securely inspected while in transit to its destination, with a minimal performance impact.

Moreover, deploying SASE in the cloud enhances the availability, scalability, and resilience of an organisation’s security architecture while maintaining consistent policy enforcement.

“The evolution of the hybrid and remote workforce is dictating how organisations think and work, which is having serious implications for access strategies, networking, and security,” concludes Maor. “If planned correctly and with the use of effective technology, this new way of working does not have to disrupt the business at all.”

SECURITY SHOULD NOT BE AN AFTERTHOUGHT IN CLOUD SECURITY

AFTERTHOUGHT

Josh Goldfarb, Security and Fraud Architect at F5, tells us why security shouldn’t be an afterthought when moving to the cloud and why hybrid is the future

WRITTEN BY: MARCUS LAW

Secure Your Federal Software Supply Chain with the Sonatype Nexus Platform

A better way to build software and manage open source security risk.

Control. Define open source component policies by organization, team, and application type.

Automate. Automatically and contextually enforce policies across your entire software development lifecycle.

Secure. Decrease false positives and negatives and reduce gaps in security and quality assurance

Integrate. Continuously visualize component intelligence within your favorite tools.

“With time, our customers have needed us to evolve and change to meet their needs. A lot of that change is driven by their end customers. When it comes to banking, for example, the idea of having to go to a brick-and-mortar bank these days is, for many of us, foreign. Even before COVID, most of us did a lot of banking online. Now, the idea of going into a branch to do something is almost nonexistent with most people under a certain age.”

As businesses move online, customers need to be able to meet that demand. “This means that they need to move closer to their customers, meaning they need to move into the cloud or the edge,” Goldfarb adds. “Because of that, they often end up with multiple cloud environments or hybrid environments that include a mix of on-premise, cloud and edge.”

JOSH GOLDFARB

TITLE: SECURITY AND FRAUD ARCHITECT

COMPANY: F5

LOCATION: ISRAEL

Josh Goldfarb is currently Security and Fraud Architect at F5. Previously, he served as VP, CTO - Emerging Technologies at FireEye and as Chief Security Officer for Pulse Technologies until its acquisition by FireEye. Prior to joining nPulse, Josh worked as an independent consultant, applying his analytical methodology to help enterprises build and enhance their network traffic analysis, security operations, and incident response capabilities.

In addition to Josh’s blogging and public speaking appearances, he is also a regular contributor to DarkReading and SecurityWeek.

F5 Distributed Cloud Explained

“So our customers needed us to support them in their journey to satisfy their customers.”

Through a combination of organic evolution and acquisition, F5 has joined its customers on that journey. “With our flagship BIG-IP brand, for example, we spent a lot of time developing and improving so that it no longer requires that the customer buy a server, it can now be deployed in cloud environments.”

With customers using increasingly complex cloud environments, a new solution was needed. Enter, Distributed Cloud.

“As our customers were trying to meet their end customer needs, most of them

were getting into a situation where they had extremely complex environments – some cloud, some edge, some on-prem or private data centre – and they had entire teams dedicated to setting up and managing technology stacks for security, for development, for fraud and for IT at each of these environments.”

Through a number of acquisitions in the cloud space, in the form of Volterra, Shape and Threat Stack, Distributed Cloud was formed.

As Goldfarb explains, one benefit of Distributed Cloud is the ability to simplify the management and administration of IT security and application stack across

multiple environments – whether they’re on-prem or in the cloud: “A huge win for our customers is the ability to simplify that diverse or hybrid cloud environment or multi-cloud environment. But another huge win for them is that, once I deploy and deliver my applications and APIs, I also want to secure those or protect those from security and fraud threats.

“That’s another area where, through organic growth and strategic acquisitions, F5 has been able to provide our customers the ability to protect those applications and APIs from a variety of security and fraud threats, regardless of what environment they’re in.”

“A HUGE WIN FOR OUR CUSTOMERS IS THAT ABILITY TO SIMPLIFY THAT DIVERSE OR HYBRID CLOUD OR MULTI-CLOUD ENVIRONMENT”

JOSH GOLDFARB SECURITY AND FRAUD ARCHITECT, F5

The challenges of moving into the cloud

The rapid move to the cloud has resulted in a number of challenges which must be addressed. As organisations move to a variety of different cloud environments to get closer to their customers and maintain the same pace of innovation, it is essential for security to not be overlooked.

“Let’s say I’m a bank or a retailer and you’re my customer, and you tell me that you want a certain capability on your smartphone application for the bank or for the retail site,” Goldfarb comments. “Well, I’m going to do my best to get you that as quickly as possible.

“That might mean that, unfortunately, security and fraud are an afterthought. Or, if I include them from the get-go, I need a way to do that without being overly intrusive in the process of development and deployment.

“That is another challenge that our customers have is either trying to get security and fraud baked in without it becoming a six-month or a year delay.

And also if it hasn’t been baked in, adding it after the fact to protect those applications and APIs in a way that isn’t intrusive, that doesn’t interfere with your ability, for example, to consume what you want from that application.”

The future cloud landscape

Today, global organisations are continuing to grapple with multi-cloud opportunities and challenges. But as F5’s 9th annual State of Application Strategy Report (SOAS) found, hybrid IT is here to stay.

In 2018, 74% of survey respondents planned to deploy “up to half” their apps in “a cloud.” But today, the report found, just under half of respondents (48%) say they currently have any apps deployed in the cloud, and on average organisations deploy only 15% of their app portfolio in the cloud.

“What we see across our customers is that whereas once it may have looked like everything was moving to the cloud, the reality of the situation is it doesn’t look like that will happen,” Goldfarb concludes. “Some things will remain on-prem, some things will either migrate to the cloud. And in some cases will repatriate back to the on-prem depending on the costing.

“I think the picture for the next two to three years is one of complexity. The fact that one of our chief differentiators for our customers is our ability to simplify that complexity is going to be a huge win. I think that they’re going to find themselves continually in situations where they will have increased complexity and not reduced complexity. And we can help them with that. And I don’t see any other way around that. I don’t see the world going any other way.”

“ IT ONCE LOOKED LIKE EVERYTHING WAS MOVING TO THE CLOUD, BUT THE REALITY OF THE SITUATION IS IT DOESN’T LOOK LIKE THAT WILL HAPPEN”

CYBER STARTUPS SECURITY

TOP 10

CYBER STARTUPS

Cyber Magazine looks at 10 of the top startups that are revolutionising the cybersecurity industry with their unique approaches to tackling digital threats

SECURITY

As technology continues to evolve at a rapid pace, so do the threats that come with it. With cyber threats growing in sophistication and frequency, it’s imperative that individuals and businesses alike take proactive measures to protect their sensitive data.

In response to this pressing need, a new wave of cybersecurity startups has emerged, offering innovative solutions to help protect against these threats. From cutting-edge threat detection platforms to advanced encryption tools, these startups are at the forefront of the fight against cybercrime.

This month we look at 10 of the top cybersecurity startups to keep an eye on this year.

10

C Y WARE

Founded: 2016

Headquarters: Jersey City, New Jersey

CEO: Anuj Goel

Product-based cybersecurity provider Cyware offers a full-stack of innovative cyber-fusion solutions.

Cyware’s Enterprise Solutions are designed to promote secure collaboration, inculcate cyber resilience, enhance threat visibility and deliver needed control by providing organisations with automated context-rich analysis of threats for proactive response without losing the element of human judgement.

Its clients include Fortune 500 financial, healthcare, energy and defence organisations, multinational retail corporations, trade associations, industry groups, nonprofits and government agencies.

09

L AC E WORK

Founded: 2015

Headquarters: Mountain View, California CEO: Jay Parikh

The data-driven security platform for the cloud, Lacework’s Polygraph® Data Platform automates cloud security at scale so customers can innovate with speed and safety. Lacework collects, analyses, and accurately correlates data across an organisation’s AWS, Azure, GCP, and Kubernetes environments, and narrows it down to the handful of security events that matter.

Customers all over the globe depend on Lacework to drive revenue, bring products to market faster and safer, and consolidate point security solutions into a single platform.

DEEP INSTINCT

Founded: 2015

Headquarters: New York CEO: Lane Bess

Deep Instinct was founded on a simple premise: that deep learning, an advanced subset of AI, could be applied to cybersecurity to prevent more threats, faster. Its platform provides comprehensive defence that is designed to protect against the most evasive unknown malware in real-time, across an organisation’s endpoints, servers, and mobile devices.

Originally founded in Tel Aviv, Israel, Deep Instinct is today supported by leading investors including BlackRock, Chrysalis Investments, Catue, LG, Millennium Technology Value Partners, Nvidia, RPM, Samsung, Unbound, and Untitled Investments.

C L ARO T Y

Founded: 2015 Headquarters: New York CEO: Yaniv Vardi

Claroty empowers organisations to secure cyber-physical systems across industrial (OT), healthcare (IoMT), and enterprise (IoT) environments: the Extended Internet of Things (XIoT). The company’s unified platform integrates with customers’ existing infrastructure to provide a full range of controls for visibility, risk and vulnerability management, threat detection, and secure remote access.

Backed by the world’s largest investment firms and industrial automation vendors, Claroty is deployed by hundreds of organisations at thousands of sites globally.

ORCA SECURITY

Founded: 2019

Headquarters: Portland

CEO: Gil Geron

Orca Security is the pioneer of agentless cloud security, and is trusted by hundreds of enterprises globally. We’re the industryleading Cloud Security Platform that identifies, prioritises, and remediates security risks and compliance issues across your cloud estate spanning AWS, Azure, Google Cloud, and Kubernetes.

Trusted by some of the world’s most innovative companies, Orca Security was recently named #24 on CNBC’s 11th annual Disruptor 50 list of private, venture-backed companies transforming industries.

GITGUARDIAN

Founded: 2017 Headquarters: Paris CEO: Eric Fourrier

GitGuardian is a cybersecurity startup solving the issue of secrets sprawling through source code, a widespread problem that leads to some credentials ending up in compromised places or even in the public space.

The company solves this issue by automating secret detection for Application Security and Data Loss Prevention purposes. GitGuardian helps developers, ops, security and compliance professionals secure software development, define and enforce policies consistently and globally.

GitGuardian solutions monitor public and private repositories in real-time, detect secrets and alert to allow investigation and quick remediation.

HIDDE NL AY ER

Founded: 2013

Headquarters: Denver, Colorado

CEO: Chris Sestito

HiddenLayer helps enterprises safeguard the machine learning models behind their most important products with a comprehensive security platform. Only HiddenLayer offers turnkey AI/ML security that doesn’t add unnecessary complexity to models or require access to raw data and algorithms.

Founded in March of 2022 by experienced security and ML professionals, it emerged last year from stealth with US$6m in seed funding from Ten Eleven Ventures, Secure Octane and other investors.

SNYK

Founded: 2015

Headquarters: Boston

CEO: Peter McKay

Snyk empowers the world’s developers to build secure applications and equip security teams to meet the demands of the digital world. The company’s developer-first approach ensures organisations can secure all of the critical components of their applications from code to cloud.

Today, Snyk is used by 1,500 customers worldwide, including industry leaders such as Asurion, Google, Intuit, MongoDB, New Relic, Revolut and Salesforce.

The company has been recognised on the Forbes Cloud 100 2021, the 2021 CNBC

Disruptor 50 and was named a Visionary in the 2021 Gartner Magic Quadrant for AST.

BE YO ND ID E N T I T Y

Founded: 2020

Headquarters: New York

CEO: Tom Jermoluk

Breaking down the barriers between identity, security, and device management, Beyond Identity fundamentally changes the way the world logs in – eliminating passwords and providing users with a frictionless, multifactor login experience.

“A passwordless identity management solution, like Beyond Identity, replaces passwords with asymmetric cryptography that employs public/private key pairs and creates a FIDO-based phishing-resistant authentication process,” said Jermoluk when he spoke with Technology Magazine earlier this year. “Users are authenticated by proving they possess the enrolled device and that it is bound to the user’s identity.

“Establishing high trust in the user and the device, plus the ability to ensure devices meet appropriate security controls before and after initial access, is a cornerstone of a Zero Trust model – especially for modern network architectures where the identity has become the new perimeter.

“Even if you did all the other pieces of Zero Trust perfectly, unless you establish user identity and trust in the device, the effort will fail.”

ABNORMAL SECURITY

Founded: 2018

Headquarters: San Francisco CEO: Evan Reiser

Abnormal Security is a behavioural AI-based email security platform that learns the behaviour of every identity in your cloud email environment and analyses the risk of every event to block even the most sophisticated attacks.

Its platform provides total protection against the widest range of attacks including phishing, malware, ransomware, social engineering, executive impersonation, supply chain compromise, internal account compromise, spam, and graymail.

The Abnormal leadership team is composed of visionaries with decades of AI and ML experience, dedicated to delivering an exceptional customer experience. Their careers span influential roles at companies like Google, Twitter, Amazon, Proofpoint, Okta, Salesforce, and Slack. Its investors include Insights Venture Partners, Greylock and Menlo Ventures.

The startup has received a number of awards, including being named one of CNBC’s Top Startups for the Enterprise and being among Forbes’ Top 50 AI Firms to Watch in 2023.