CyberArk Survey: AI Tool Use, Employee Churn and Economic Pressures Fuel the Identity Attack Surface

NEWTON, Mass. & PETACH TIKVA, Israel--(BUSINESS WIRE)--Jun 13, 2023--

A new global report released today by CyberArk (NASDAQ: CYBR ) shows how the tension between difficult economic conditions and the pace of technology innovation, including the evolution of artificial intelligence (AI), is influencing the growth of identity-led cybersecurity exposure. The CyberArk 2023 Identity Security Threat Landscape Report details how these issues - allied to an expected 240% growth in human and machine identities – have the potential to result in a compounding of ‘cyber debt’: where investment in digital and cloud initiatives outpaces cybersecurity spend, creating a rapidly expanding and unsecured identity-centric attack surface.

This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20230613944704/en/

AI Tool Use, Employee Churn and Economic Pressure Fuel the Identity Attack Surface (Graphic: Business Wire)

Economic Squeeze Allied to Pace of Digital Acceleration Puts Organizations at Risk

In 2022 organizations experienced growing cyber debt, where security spend over the pandemic period lagged investment in broader digital business initiatives. In 2023, levels of cyber debt are at risk of compounding, driven by an economic squeeze, elevated levels of staff turnover, a consumer spend downturn and an uncertain global environment. With investment in digital and cloud initiatives still ongoing as business leaders seek to unlock greater efficiencies and innovation, these factors have had knock-on effects to cybersecurity.

The 2023 Threat Landscape

Report findings reveal upcoming areas of identity and cybersecurity concern this year.

Expanded Identity-Centric Attack Surface

Identities – both human and machine – are at the heart of all, or nearly all, attacks. Nearly half of identities require sensitive access to perform their roles and are a favored attack vector as a result. The report found that critical areas of the IT environment are inadequately protected and identifies the identity types that represent significant risk .

“The organizational desire to drive ever-greater business efficiencies and innovation remains undiminished, even as cutbacks in staffing and macro-economic forces are creating significant pressures,” said Matt Cohen, chief executive officer, CyberArk. “Business transformation, driven by digital and cloud initiatives, continues to result in a surge in new enterprise identities. While attackers are constantly innovating, compromising identities remains the most effective way to circumvent cyber defenses and access sensitive data and assets. Such profound risk puts the issue of ‘who and what to trust’ at the forefront of efforts to prevent cyber debt from compounding, and to build long-term cyber resilience.”

What Can Be Done?

About the Report

The CyberArk 2023 Identity Security Threat Landscape Report represents the findings of a worldwide survey across private and public sector organizations of 500 employees and above. It was conducted by market researchers Vanson Bourne amongst 2,300 cybersecurity decision makers. Respondents were based in Brazil, Canada, Mexico, the US, France, Germany, Italy, the Netherlands, Spain, the UK, Australia, India, Israel, Japan, Singapore and Taiwan. To learn more, visit: https://www.cyberark.com/threat-landscape/.

About CyberArk

CyberArk (NASDAQ: CYBR ) is the global leader in Identity Security. Centered on intelligent privilege controls, CyberArk provides the most comprehensive security offering for any identity – human or machine – across business applications, distributed workforces, hybrid cloud environments and throughout the DevOps lifecycle. The world’s leading organizations trust CyberArk to help secure their most critical assets. To learn more about CyberArk, visit https://www.cyberark.com, read the CyberArk blogs or follow on LinkedIn, Twitter, Facebook or YouTube.

Copyright © 2023 CyberArk Software. All Rights Reserved. All other brand names, product names, or trademarks belong to their respective holders.

View source version on businesswire.com:https://www.businesswire.com/news/home/20230613944704/en/

CONTACT: Media Contacts:

Carissa Ryan, CyberArk

Email: press@cyberark.comHighwire PR

Email: cyberark@highwirepr.comInvestor Relations:

Erica Smith, CyberArk

Email: ir@cyberark.com

KEYWORD: UNITED STATES NORTH AMERICA ISRAEL MIDDLE EAST MASSACHUSETTS

INDUSTRY KEYWORD: DATA MANAGEMENT SECURITY TECHNOLOGY SOFTWARE NETWORKS ARTIFICIAL INTELLIGENCE INTERNET

SOURCE: CyberArk

Copyright Business Wire 2023.

PUB: 06/13/2023 08:30 AM/DISC: 06/13/2023 08:30 AM

http://www.businesswire.com/news/home/20230613944704/en

Copyright Business Wire 2023.

CyberArk’s enterprise browser promises zero-trust support, policy management

CyberArk has announced plans to launch an enterprise browser, dubbed CyberArk Secure Browser, at the end of 2023 as part of its CyberArk Identity Security Platform. The identity security vendor decided to create a new enterprise browser based on trends impacting hybrid work environments and its own research, which found an increase in post-multifactor authentication (MFA) attacks targeting session cookies. “Developing an enterprise browser — with an identity-first, security-first approach — was a natural progression for our business,” Gil Rapaport, GM Access at CyberArk, said in a statement.

The browser is based on the Chromium open-source browser and supports zero trust with integrated security, centralized policy management and productivity tools. Being a feature of the vendor’s Identity Security Platform means that IT managers can tailor security, privacy, and productivity controls on managed and unmanaged devices, according to CyberArk.

CyberArk’s enterprise browser will dynamically mirror controls and access policies existing on Chrome and Edge browsers that are already deployed on the end user’s device, with the goal to reduce IT overhead and accelerate the deployment.

The key feature shared so far are:

More than a handful of other secure enterprise browsers are available. One is Chrome Browser, which has both built in and added controls. These include preventing malware and isolating malicious web pages, quick fix for zero-day vulnerabilities, and options to manage policies and set up extension permissions.

Talon’s enterprise browser is another option with full picture of browser activity, session recordings for forensic investigations and compliance, integration with SIEM and XDR platforms, protection against malware and phishing and many other features. Others, like LayerX, offer a browser security platform delivered as a browser extension. It can be applied to existing browsers extending zero trust approach to the browser and protecting unmanaged devices among other features.

Copyright © 2023 IDG Communications, Inc.

CyberArk introduces first identity security-based enterprise browser

BOSTON, CyberArk IMPACT 23 – CyberArk, the Identity Security company, today introduced CyberArk Secure Browser. This first-of-its-kind Identity Security web browser enables organizations to better protect against attacks with a flexible, identity-based approach to securing employee and third-party access to enterprise resources.

By 2030, enterprise browsers will be the core platform for delivering workforce productivity and security software on managed and unmanaged devices for a seamless hybrid work experience. Browsers provide a vital connection between identities, applications, and data, making them a prominent attack vector and a target for cybercriminals – especially in distributed, work-from-anywhere environments.

A rise in post-MFA authentication attacks targeting session cookies reinforces the need for defense-in-depth strategies. Now, CyberArk is applying its deep cybersecurity experience, history of Identity Security innovation and intelligent privilege controls to web browsing.

Part of the CyberArk Identity Security Platform, the Chromium-based CyberArk Secure Browser supports enterprise Zero Trust initiatives with integrated security, centralized policy management and productivity tools while delivering a familiar user experience. The CyberArk Identity Security Platform delivers the most robust, layered approach to address the number one area of cybersecurity risk: credential access.

CyberArk Secure Browser is designed to eliminate existing security gaps between consumer-focused browsers and SaaS applications, endpoint-based controls and identity providers. By extending the CyberArk Identity Security Platform to the browser itself, CyberArk makes it easy for IT teams to tailor security, privacy, and productivity controls on managed and unmanaged devices. Key features include:

“CyberArk is constantly innovating – working to protect our customers against current cybersecurity risk and emerging threats. Based on trends impacting hybrid work environments and research generated by our CyberArk Labs and Red Team, developing an enterprise browser – with an identity-first, security-first approach - was a natural progression for our business,” said Gil Rapaport, general manager, Access at CyberArk. "CyberArk Secure Browser represents a new era of web browsing, where security, privacy and productivity are the top priorities.”

Dynamically mirroring controls and access policies existing on Chrome and Edge browsers that are already deployed on the end user’s device, CyberArk Secure Browser reduces IT overhead and accelerates the deployment timeline for employees, contractors, and vendors.

Planned availability for CyberArk Secure Browser on Windows endpoints is by the end of 2023. To learn more about CyberArk Secure Browser, please visit https://lp.cyberark.com/secure-browser-early-access.html.