It’s widely known that 100% of advanced cyber attacks exploit privileged accounts. The number of privileged accounts in an organization is typically three-to-four times the number of employees. Privileged Accounts are found in every software and hardware solution – basically everything with an IP address also has a privileged account.
Given the significance of privileged credentials and the prevalence of them across an organization, IT, security managers and even application developers must scrutinize the following questions as part of a comprehensive security program:
- Are all credentials used to access privileged accounts managed securely? (i.e. rotated based on security policies etc.)
- Are privileged credentials used by different applications to access sensitive network resources secure?
- Do we have a policy-driven approach to identity and access management across all users, ensuring the right users have the right privileges? (i.e. policies to avoid excess privileged permissions/ entitlement creep)
- When an attacker breaches the network perimeter, how do we mitigate risk – to ensure they can’t move laterally and elevate privileges to gain access to sensitive resources?
- Can our SIEM solution monitor and identify critical threats associated with privileged activities?
No matter where privileged credentials reside in an IT environment, they should be secured and managed. Moreover, privileged account activity data should be strategically utilized to protect an organization from the most advanced cyber threats. Companies cannot afford to have a myopic view of privileged account security. Likewise, enterprise software, IT security and services providers must collectively and strategically work together within an ecosystem to address the rapid and ongoing evolution of advanced cyber security threats.
Today CyberArk launched the C³ Alliance, our new Global Technology Partner Program. By partnering with best-of-breed enterprise software, IT security and services providers, we leverage our combined skills and expertise to offer solutions that enable our customers to better secure their environment while maximizing their existing security and IT investment particularly in the areas of proactive protection, detection and threat response.
For example, the CyberArk Privileged Account Security Solution can be used to secure and manage privileged credentials accessed by users as well as those used by a multitude of applications (see CyberArk Secured™). Further, customers can leverage CyberArk privileged account data to gain more valuable insights to detect, alert & rapidly respond to cyber attacks (see CyberArk Connected™).
The C³ Alliance features more than 30 certified partner integrations and more than 170 validated plug-ins, many derived from customer requirements. As a result, our mutual customers will be able to:
- Automatically secure and manage privileged credentials, used by individuals or applications, across integrated solutions
- Gain centralized, enterprise-wide, real-time visibility to monitor and identify critical security threats associated with privileged activity
- Benefit from an integrated, policy-driven approach to identity and access governance across all users
- Reduce complexity and time required to implement with pre-integrated, certified and tested solutions
We will continue to work hard to deliver innovative solutions with the C3 Alliance members. Additional information about our technology partners is available here.
C³ Alliance Program Overview