Organisations Can Reduce Risk with Greater Visibility and Device Discovery Capabilities While Automatically Enforcing Privileged Access Controls and Policies
CyberArk (NASDAQ: CYBR), the global leader in privileged access management, today announced it is working with Forescout and Phosphorus to enable organisations to secure the increasing number of IoT devices and technologies resulting from digital business transformation. Customers can significantly reduce risk using the joint integration to continuously discover, secure and manage IoT devices connected to corporate networks.
By 2030, it’s projected that there will be 25.4 billion active IoT devices, up from 7.7 billion in 2019.[1]
Any connected device – from printers and sensors, to cameras and tablets – can represent privilege risk based on the systems and data it is connected to, and who can access the device. Additionally, IoT devices often have well-known firmware or software vulnerabilities that can be accessed via weak credentials or default credentials that are hardcoded into the device. Attackers target connected devices to gain a foothold within networks, where they can then move laterally and eventually gain access to an organisation’s most critical and sensitive assets.
In order to reduce risk as the attack surface expands, organisations must maintain an up-to-date inventory of their IoT assets and continually assess the network to help ensure that patches are pushed and weak or default credentials do not remain in use. However, maintaining visibility and managing the full lifecycle of IoT is difficult, and costly, to do manually. CyberArk’s new integration with Forescout and Phosphorus reduces risk by providing an automated solution that grants visibility into enterprise IoT networks and automatically shrinks the attackable surface area by actively managing, securing and monitoring the credentials used to access their solutions.
“As organisations are increasing investments in transformative digital technologies like IoT, the number of privileged accounts and credentials in these devices can mean that each new device brings with it the potential for security and compliance vulnerabilities,” said Adam Bosnian, executive vice president, Global Business Development, CyberArk. “Through our integration with Forescout and Phosphorus, CyberArk dramatically improves security and compliance, and alleviates the burden on IT and security teams through greater automation and operational efficiencies related to the influx of interconnected devices.”
Through the integration, the Forescout platform continuously discovers IoT assets as they are added to the network, while Phosphorus Enterprise Solution assesses each asset, assigns it a risk level, and remediates firmware vulnerabilities. The CyberArk Privileged Access Security Solution then enforces security best practices by centralising the management of privileged accounts, applying threat analytics and automating detection and credential rotation.
“Forescout actively defends the Enterprise of Things by identifying, segmenting and enforcing compliance of every connected thing,” said Pedro Abreu, chief product and strategy officer at Forescout. “We embrace an integrated, automated approach with our partners to eliminate security gaps and are thrilled to combine the power of Forescout’s technology with the latest innovation from CyberArk and Phosphorus so customers can realise complete and continuously active IoT security that dramatically reduces risk and manual overhead.”
“IoT devices are proliferating much faster than enterprise security teams can manage, creating a growing threat with huge risks,” said Earle Ady, Phosphorus co-founder and CTO. “Together with CyberArk and Forescout, we’re providing end-to-end IoT protection—automatically detecting and enrolling devices, providing agentless firmware updates for rapid security patching, and providing automated credential management. The result is comprehensive IoT security visibility and remediation across the enterprise.”
Forescout and Phosphorus are both members of the C3 Alliance, CyberArk’s global technology partner program. The integrations are available on the CyberArk Marketplace, the industry’s broadest and deepest inventory of privileged access-related technology integrations.
For more information on the joint integration, watch the on-demand webinar, “Automatically and Continuously Secure IoT with CyberArk, Forescout and Phosphorus”: https://lp.cyberark.com/20201110-SECURE-IOT-FORESCOUT-PHOS-CYBR-WEBINAR_Registration-Page.html
For information on CyberArk’s work with Forescout visit https://www.forescout.com/company/resources/forescout-extended-module-cyberark-datasheet
For more information on CyberArk’s work with Phosphorus visit https://lp.cyberark.com/rs/316-CZP-275/images/Phosphorus%20SB%20Final.pdf
About CyberArk
CyberArk (NASDAQ: CYBR) is the global leader in privileged access management, a critical layer of IT security to protect data, infrastructure and assets across cloud and hybrid environments and throughout the DevOps pipeline. CyberArk delivers the industry’s most complete solution to reduce risk created by privileged credentials and secrets. The company is trusted by the world’s leading organisations, including more than 50 percent of the Fortune 500, to protect against external attackers and malicious insiders. A global company, CyberArk is headquartered in Petach Tikva, Israel, with U.S. headquarters located in Newton, Mass. The company also has offices throughout the Americas, EMEA, Asia Pacific and Japan. To learn more about CyberArk, visit https://www.cyberark.com/, read the CyberArk blogs or follow on Twitter via @CyberArk, LinkedIn or Facebook.
# # #
Copyright © 2020 CyberArk Software. All Rights Reserved. All other brand names, product names, or trademarks belong to their respective holders.
[1] Transforma Insights, Transforma Insights’ Total Addressable Market (TAM) Forecast Database, Nov 3, 2020