We’ve raised $27.5 million: How Preempt’s funding validates Identity and Access Threat Prevention

Posted by Ajit Sancheti on Jun 27, 2018 6:19:47 AM

Preempt began with a basic premise: Effective security within an enterprise should combine threat detection and real time response within a single solution. As enterprises transition to the cloud and the perimeter disappears, identity is the new perimeter. If identity is the new perimeter, access management from a security standpoint can lead to effective threat prevention. That simple but powerful idea was the genesis of Preempt and has given us the opportunity to solve challenging security problems for our customers.

Read More

Topics: Risk, Threat Detection, Adaptive Threat Prevention

How to Strengthen Your Cyber Security DNA

Posted by Heather Howland on Jun 21, 2018 12:32:39 PM

Cyber security is a complex animal that requires many disciplines and a diverse toolkit. Typically, resources are limited, and incident response and security staff are overloaded with noise, irrelevant alerts and incomplete static information.  With so many diverse systems its difficult to utilize them in a coordinated and timely way.

Read More

Topics: Risk, Insider Threat, Identity, Adaptive Threat Prevention, Integration

We’re #1! And #2, #5, and #6 in Gartner Top 10 Security Projects

Posted by Heather Howland on Jun 19, 2018 1:13:47 PM

At the recent Gartner Security & Risk Management Summit, analysts presented their findings on the top technologies for information security and their implications for security organizations in 2018. At the event Neil MacDonald highlighted Top 10 Security Projects for Security and Risk Management Organizations. He continues by emphasizing that these are projects with real supporting technologies that CISOs should be exploring.

Read More

Topics: Risk, Credential Compromise, ueba, Threat Detection, CARTA

How do you sell risk?

Posted by Matt Culbertson on Jun 14, 2018 9:17:01 AM

It’s a Silicon Valley* refrain: Risk is better than regret. But does that motto sell?

Read More

Topics: Risk, Identity, Informaton Security

Corporate Culture Shift: Using Adaptive Security to Influence Employee Security Behavior

Posted by Heather Howland on Jan 12, 2018 7:19:33 AM

I’ve heard it many times from customers: “IT Security needs to be transparent to users in order to be successful.” Unfortunately, we are now in a digital age where things have dramatically changed and research has shown over and over that credential compromise is the top way that hackers breach an organization.

Read More

Topics: User Behavior, CISO, Risk, Identity Verification, Identity, Adaptive Threat Prevention

How Identity, Behavior & Risk Enable Security in the New Digital Age

Posted by Ajit Sancheti on Dec 7, 2017 6:07:51 AM

Enterprises are deploying more cloud services, embracing DevOps, leveraging on-premises applications and exploring other productivity and cost optimization solutions. As a result, it is becoming harder for them to know who within the organization has access to what and how that access is being used or, as we found out in our latest survey, being misused.

Read More

Topics: User Behavior, Adaptive Response, Risk, CARTA, Identity

Preempt Inspector Discovers Stealthy Admins to Help Organizations Reduce Risk

Posted by Avi Kama on Nov 10, 2017 9:18:41 AM

This past March we announced Preempt Inspector, a free app for password strength assessment. The App provided administrators with a better understanding of their AD configuration, especially difficult to estimate parameters, such as duplicate and weak passwords. We analyzed the anonymous data we received from the app, and found some worrying trends, like that 1 in 5 enterprise passwords can be easily compromised.

Read More

Topics: Risk, Active Directory, Passwords, Stealthy Admin

Becoming NYDFS Compliant With Preempt

Posted by Wade Williamson on Oct 6, 2017 12:17:29 PM

The New York State Department of Financial Services (NYDFS) has recently enacted new cybersecurity regulation aimed at protecting financial services organizations and their data. The new regulation known as 23 NYCRR 500 actually went into effect earlier in the year, but the 180-day transition period ended on August 28th, meaning organizations now need to be officially in compliance. Of course financial services CISOs are no strangers to regulation, having to already comply with a dizzying array of control frameworks including NIST, COBIT, SSAE and specific regulations such as PCI-DSS and SEC OCIE just to name a few.

Read More

Topics: Risk, Compliance, continous monitoring

Reduce Harm by Refocusing on the Basics

Posted by Eran Cohen on Aug 11, 2017 10:22:02 AM

Full disclosure: I wasn’t physically at BlackHat 2017. But my colleagues who attended told me about the keynote by Alex Stamos, CSO at Facebook.

Read More

Topics: CISO, Risk, Passwords, Identity, Informaton Security

CARTA - The Evolution of IT Security Beyond Black and White

Posted by Ajit Sancheti on Jun 16, 2017 10:04:54 AM

Gartner’s 2017 Security Summit began this week with a keynote from Neil MacDonald, Eric Ahlm and Ramon Krikken introducing a new charter that will transform all areas of information security moving forward. They introduced a new strategic approach called CARTA* – Continuous Adaptive Risk and Trust Assessment.

Read More

Topics: CISO, Adaptive Response, Risk, CARTA