In the rapidly evolving landscape of cybersecurity, identity security has become an emerging focus area. With the increasing complexity of threats and the evolving nature of access control, organizations are grappling not only with the challenges of protecting human and machine identities, but also with their ability to scale operational efficiency securely, without hindering productivity. Accomplishing this involves striking a delicate balance.
Additionally, as organizations transition into a perimeterless and cloud-centric world, there has been an increased spotlight on safeguarding privileged users and identities.
To address these new challenges and changing priorities, BeyondTrust has continued to innovate its identity security offerings to cover more use cases and emerging threats—from Cloud Infrastructure Access to Identity Security Insights. In this blog, I’ve sat down with our CEO, Janine Seebeck, to learn about a few of BeyondTrust’s latest cybersecurity innovations—and why they are necessary in today’s landscape.
This discussion touches everything from cloud infrastructure access management to the future incorporation of artificial intelligence into identity management.
The evolution of access—shifting focus from perimeters to people
Where organizations were once secured by a perimeter that was defined by firewalls and physical boundaries, today’s organizations are perimeterless. Access to systems and resources is controlled by digital identities, which are much more dynamic and fluid.
Earlier this year, BeyondTrust met this challenge head-on with the launch of Identity Security Insights. Here’s what Janine has to say about the latest update to the BeyondTrust platform.
Q: With a heritage in PAM, why did you feel it was important to move into identity security?
A: Interestingly, when you step back and think about it, PAM has always been the heart of identity security. In considering your identities—especially from the framework of zero trust—things have gotten a lot more complex as we’ve shifted to a perimeterless, work-from-anywhere world. Where security was once primarily focused on your networks, it’s now based on where people are and what identities they have. So, as we evolve to meet the continued need to prioritize identity, I don’t think we are moving away from who we are. We are still deeply rooted in solving some of the most complex problems – where we actually think the attackers are going to cause the most damage: your privileged users. That’s why we launched Identity Security Insights in August.
Identity Security Insights is the first product of its kind to provide a holistic visualization of identity-based threats. With Identity Security Insights, you benefit from a complete view of identities, access, entitlements, and privileges in your network. The product also identifies and prioritizes potential security issues, illuminates potential attack paths, can detect when identities are being attacked or potentially misused, and offers smart, actionable recommendations to enhance your identity hygiene.
Q: What are you most excited to be able to offer customers with Identity Security Insights?
A: We’re initially most excited to be able to provide a visibility layer across an entire identity estate. This is something that hasn’t been available in the market before. Having a unified view is what resonates with our customers the most, based on feedback so far. They’re excited to have this holistic identity hygiene recommendation system that provides visibility across multiple siloed systems and identifies blind spots and threats quickly. Identity Security Insights is helping to uncover oversights, like policy gaps, and that has been prompting meaningful conversations amongst customers who are starting to notice vulnerabilities they need to address.
Q: Why did you feel it was important to start building towards a more evolved definition of PAM?
A: Identities and their privileges are at the heart of almost every attack today. While preventive privilege management tools remain a key defense, with the growing sophistication of AI and other threats, taking a preventative approach is no longer enough. Our customers need a product that goes beyond preventative capabilities to additionally offer total visibility across their identity estate, along with real-time detection and response. By evolving our PAM products into innovative, identity-first security solutions, we can help our customers better prevent, mitigate, and respond to identity-based threats.
Q: Can you give an example of how Identity Security Insights benefits users?
A: Identity Security Insights has high connectivity and rapid time-to-value. On average, Identity Security Insights takes about 30 minutes to set up. Identity Security Insights integrates with other BeyondTrust products and third-party identity providers, such as Okta, Ping Identity, and Microsoft Entra ID (formerly Azure AD). This allows you to pull information about your actual identities, locate vulnerabilities, and then help fix the policy gaps or security risks identified. This hyperconnectivity can even uncover data leakage, such as something sensitive that is being forwarded to an external email account.
We’ve been using Identity Security Insights internally for a year now, and in that time, it helped our security teams detect the Okta Support Unit breach—an identity-centric attack that originated from within Okta's support, targeting multiple Okta customers. Because our team was able to detect and respond to the Okta Support Unit breach so quickly, we were able to mitigate any potential exposure and verify that the attacker did not gain access to any of our systems. We were also able to alert Okta’s security team that their support system had been compromised, as well as provide Indicators of compromise from Identity Security Insights detections that allowed Okta to identify what files were accessed by the threat actor.
Meeting the demands of a dynamic threat landscape
Q: What do you feel are some of the biggest emerging identity-related challenges organizations are dealing with?
A: The big buzzword is obviously AI. From an identity perspective, there’s so much to consider, particularly how we can help customers identify ways AI is impacting their security and systems. Beyond AI itself, is the added challenge of the continual shift to Cloud, and the added risks of identities being available everywhere, plus the entrance of AI identity. BeyondTrust spent a lot of time talking about AI as we were building Identity Security Insights; it’s super important to us that we are thinking about how we can bring AI into our solutions, but also how we can detect if AI is a part of someone’s activity. It’ll be really interesting to see how that evolves.
Q: What investments has BeyondTrust made in response to the changing threat landscape?
A: This year, we continued to focus on innovation across our entire portfolio, as we think about the use cases our customers are trying to solve (our priority investment). We have full teams dedicated to analyzing the needs of our customers and translating those into innovations to better secure their access. In addition to the release of Identity Security Insights, we’ve developed:
- Auto Update – We introduced a new level of automation to our Privilege Management solution, helping our customers drastically reduce the amount of manual work required from their IT and security teams.
- Password Safe Web Portal updates – We provided customers with a more intuitive, streamlined, and productive user experience to improve performance and accessibility.
- Cloud Infrastructure Access – Privileged Remote Access brought to market new functionality, including ephemeral jump clients. These capabilities enable developers, cloud ops engineers, and technical workers to securely and more easily access critical cloud platforms, applications, and data.
- Localization - Introduced real-time chat translation in Remote Support via an integration with AWS Translation Services. This allows reps to provide support chat to their customers in over 75 languages in real time, without a language barrier.
- Workforce Passwords – Provided new add-on capability for Password Safe, enabling the secure management and storage of business application passwords with an easy-to-use browser plugin, secure personal folders, and full audit support for the administrator.
Navigating the latest market trends
Q: What do you feel is unique about BeyondTrust’s approach to PAM and identity security?
A: What sets BeyondTrust apart is our focus on continuing to innovate, evolve, and go deeper into what we know we are experts in, and then continuing to partner with the best in business more broadly to solve the latest customer challenges. It speaks to the way we interact with our customers. We want people to want to work with us. We want to listen. We do listen. One of the perspectives we always encourage our employees to take is, “How can we?” not “Why can’t I?” We always work in service of the customer.
What’s unique about cybersecurity vendors is that, when it comes to our clients, we all have the same goal: we are all trying to solve cybersecurity challenges for our customers. What makes one better than another all comes down to how easily the solution helps with the problems our customers are actively trying to solve, and how easy we make it for our customers to use our solutions. Am I making it easier for you to actually identify and fix your problems, to flag and limit your risks? What makes BeyondTrust unique is that we are dedicated to remaining customer-centric as we innovate.
Q: What are some of the emerging issues around privileged access management?
A: At our 2023 customer and partner conference, Go Beyond, we spent a lot of time talking about cloud use cases and all the different ways our customers are thinking about evolving their security strategies as the perimeter continues to shift. It’s really important for us to develop innovations that enable just-in-time access from a cloud use case perspective. Customers want to rapidly identify and solve their problems, without jumping through hoops. We are also focused on helping our customers address the security and access implications of hybrid work, which is here to stay. When customers’ identities are being passed between cloud and on-premise, how can we provide the visibility they need into their users’ privileges?
Those are probably the two biggest areas where we see opportunities to help our customers develop their security stance, coupled with education. The cybersecurity space continues to evolve at a rapid pace, and it can be incredibly challenging to keep up with the latest knowledge. BeyondTrust’s experts are dedicated to distilling the latest insights for customer consumption, so you can continue to understand how best to protect yourselves and your customers in light of the latest threats or solutions.
And finally, of course, we are all trying to stop the threat actors—to minimize the potential for an attack and limit the potential impact that could result if an attacker gets through—so we can realize our vision: a world where all identities and access are protected from cyber threats.
Conclusion
In a rapidly evolving cybersecurity landscape, organizations continue to grapple with the complexities of infrastructure access, remote work, and emerging threat vectors. This interview with Janine underscores the interconnectedness of these domains.
BeyondTrust's strategic evolution from PAM to a comprehensive identity security platform reflects the industry's shift towards a holistic approach to identity management in response to the changing nature of work and the proliferation of digital identities. The launch of BeyondTrust's Identity Security Insights product encapsulates this evolution, delivering on the promise of a unified view of identity hygiene and a proactive stance against emerging threats.
Interested in learning more?
Recently, Michael Novison from the Information Security Media Group interviewed Janine Seebeck, CEO and board member of BeyondTrust, to delve into the intricacies of identity security. Tune into the on-demand video interview here.
Allen Longstreet, Content Marketing Writer
Allen is a content marketing writer at BeyondTrust. He has a wealth of experience building content strategy for tech start ups and SAAS businesses. He has a passion for video production, creative storytelling, and the intersection between the two.