Intelligent CIO Middle East Issue 72 | Page 84

BUSINESS INSIGHTS
Helping organisations lock down permissions is important but knowing that for ransomware to take place and really impact an organisation it ’ s going to want to spread and move out .
ensuring that everyone ’ s using strong authentication and moving away from the usage of passwords in your environment . Because propagation or lateral movement , which is something you want to stop , is going to be a lot easier if there ’ s a lot of weak credentials being used in environments .
Using strong authentication like multi factor authentication is going to be important , as well as managing the privileged and administrative accounts in your environment because they ’ re commonly targeted to allow that spread to take place .
Forcing and adopting the principle of least privilege is something that ’ s talked about in every kind of government best practice but striving towards least privilege is going to make the attacker ’ s life a lot more difficult .
It has a double reward for organisations because that best practice would be the same if we were talking about trying to prevent a data breach or stop a nation state performing espionage in their environment , or lateral movement .
It just so happens in this case we ’ re talking about ransomware because the end objective is some form of ransom to be held against the organisation .
How does CyberArk set itself apart from others as a ransomware prevention partner ?
We look at the end-to-end process , including all the aspects that take place in a ransomware attack such as a data breach or service disruption .
We ’ re very cognisant of what ’ s happening around identities in that attack cycle and attack path . We ’ re really focusing on reducing removing admin rights across the entirety and , when it comes to ransomware , being aware that this is not just an endpoint piece .
Yes , we have technology and services and help organisations ensure no one ’ s running with local admin rights – which is really important because we ’ re all sitting at home on Wi-Fi networks which no one ’ s ever changed the router password for so we ’ re in an environment that ’ s less secure than when we ’ re in the office .
Helping organisations lock down permissions is important but knowing that for ransomware to take place and really impact an organisation it ’ s going to want to spread and move out .
It ’ s also stepping away from the endpoint and looking at how lateral movement and propagation happens in the wider organisation , so things such as privileged access management , forcing least privilege , delivering strong adaptive multi factor authentication . These are things that we have with our capability suite , as they tackle that endpoint problem but also that wider problem of lateral movement within the organisation . p
84 INTELLIGENTCIO MIDDLE EAST www . intelligentcio . com