Why Credentials Are 'The New Perimeter'Gerrit Lansing of CyberArk on Ramping Up Credential Management
Because so many major data breaches involve using compromised privileged credentials, organizations must ramp up their credential management efforts, says Gerrit Lansing of CyberArk.
"Credentials are your new boundary, your new perimeter," Lansing says. That's why it's so essential to deny the ability of hackers to escalate privileges so they can go beyond accessing an individual workstation and, for example, access sensitive data on a server, he adds.
"It takes rigorous practices around password management, ensuring that all of our passwords are unique." Lansing stresses. "It takes an investment in the idea that credentials are your new perimeter, and that means that we need to isolate sensitive assets, meaning no one connects directly to a sensitive asset from their workstation. We have to protect privilege with strong authentication. So if I'm going to gain access to a domain controller ... I need to strongly assert my identity and I need to not be doing that from my workstation."
In this video interview at Information Security Media Group's recent Healthcare Security Summit in New York, Lansing also:
- Discusses new phishing threats, such as criminals impersonating trainers following up on phishing awareness sessions;
- Describes why protecting the perimeter is an inadequate approach to security.
Lansing, CISSP, is chief architect at CyberArk, where he architects, standardizes and promote solutions with CyberArk's core products and new strategic directions. Lansing and his team also support CyberArk's goals as public ambassadors and advise and collaborate throughout the CyberArk team.