Hi [[ session.user.profile.firstName ]]

Deconstructing the Twitter Attack: It’s Time to Prioritize PAM

Same old story. Motivated to cause disruption or by a potential financial gain, attackers follow a tried and true attack path typically starting at the endpoint with phishing. Industry research shows 80% of successful security attacks involve compromised privileged access. In the case of Twitter’s high-profile breach, an insider threat adds another familiar element to the story.

With a dramatic increase of remote workers comes an expanded attack surface. Worker today are distracted while juggling work and family responsibilities, and there is increased stress related to a global pandemic and an uncertain economic future. There is not a better time to review the priorities of your security program to ensure policies and practices reflect new realities.

Questions every security leader asking right now: how are we identifying what our most critical systems, tools, data and infrastructure are and who has access? Who is considered a privileged user (this includes business users) and what steps are we taking to manage, monitor and protect that access?

Join us to learn about security trends and best practices including:
• Reasons identity is the new perimeter
• Isolating access to the administrative system and requiring dual control for highly sensitive operations
• Continuous monitoring and user behavior analysis on applications through a monitored proxy
• Implementing least privilege controls to minimize access to sensitive functionality

The twitter attack highlights the dangers of unsecured privileged access to critical resources and how quickly any credential or identity can become privileged under certain conditions.
Recorded Aug 27 2020 28 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Matt Tarr, principle solutions engineer for CyberArk
Presentation preview: Deconstructing the Twitter Attack: It’s Time to Prioritize PAM

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • Ransomware Exposed: Key Learnings from Examining 3 Million Samples Recorded: Jul 22 2021 43 mins
    Andy Thomson, Global Research Advisor @ CyberArk Labs; Brandon "BT" Traffanstedt, Sr. Director, Global Technology Office
    Ransomware is widely known to be one of the most pervasive and dangerous cyberthreats. Even though it has been around since 1989 it’s managed to become the fastest growing type of cybercrime during the COVID-19 pandemic.

    Research firm Cybersecurity Ventures predicts that the global annual damage costs of ransomware to businesses will top $20 billion in 2021. Dynamic ransomware attacks can quickly spread throughout a company, impairing user productivity and disrupting business.

    The first step in the fight against ransomware is to expose it – to explore the different strains, what they have in common and what it is that makes them unique. The team at CyberArk Labs analyzes 100s of new ransomware samples each day and in this webinar, Andy Thompson and Brandon Traffanstedt disclose their findings of evaluating more than 3 million samples to-date.

    Join us as we discuss
    - The surge and types of ransomware prevalent during the COVID-19 pandemic
    - How ransomware has evolved over the years to become such a formidable threat, including the role of Bitcoin
    - The kill-chain and path to encryption of today’s modern, dynamic ransomware
    - A review of mitigation strategies and recommendations
  • Remote and Hybrid Workplace Endpoint Security Recorded: Jul 13 2021 51 mins
    Masha Sedova, Elevate Security | Ian Goodhart, Maryland Department of Information Technology | Matt Balderstone, CyberArk
    Endpoint security remains a major challenge for organizations, and in November 2020, Cybersecurity Ventures predicted that global cybercrime costs will reach $10.5 trillion USD a year by 2025. That’s more than triple the amount that it was in 2015. With remote working still very much the norm, and hybrid workforces emerging, it is becoming increasingly difficult to keep track of multiple endpoints and the risk they carry.

    With the threatscape continuing to evolve and cyber attacks becoming even more sophisticated, experts are here to share how security leaders can take the complication out of endpoint security.

    Join us to learn:
    - Common endpoint threats from the first half of 2021
    - Emerging endpoint threats and what to prepare for going forward
    - Leading endpoint protection strategies and how they can be integrated into your existing security solutions
    - And more

    Moderator: Masha Sedova, Co-Founder & President, Elevate Security
    Panelists: Ian Goodhart, Director of Security Operations, Maryland Department of Information Technology (DoIT)
    Matt Balderstone, Cybersecurity Advisor, CyberArk
  • Detect & Protect Against the Fundamental Nature of Ransomware Recorded: Jul 12 2021 47 mins
    David Higgins - Technical Director EMEA, CyberArk
    The Endpoint is more exposed than it ever has been before. As remote working becomes the norm, these devices are now very much outside the perimeter of the office defences. Not only is the working environment evolving, so too is Ransomware; becoming more targeted and in some cases maximising financial gain to the attacker through approaches such as double extortion.

    Despite this shift in how attackers leverage Ransomware, there remains a consistency in what they do – a fundamental nature that we could look to target in order to protect our endpoints.

    In this session we take a look at:
    - How to achieve a holistic approach to securing the endpoint
    - How to enforce security best practices such as Least Privilege and Application Control
    - How these best practices can actually protect against the fundamental nature of Ransomware, whilst also providing early warning signs of an in-play attack
  • Integrating PAM and IAM into your Identity Security Strategy - Session 2 of 2 Recorded: Jul 8 2021 40 mins
    Khizar Sultan, Sr. Director of Access Solution Strategy
    Learn how CyberArk’s integrated PAM and IAM solution can help you to:

    Manage the lifecycle of the workforce and privileged identities across the organization
    Control access to business applications and infrastructure
    Provide VPN-less and passwordless remote access to cloud and on-premise resources
    Enable users to elevate their workstation privileges with strong authentication
    Protect high-risk web application sessions with continuous authentication and auditing
  • Preventing the Big One: Staying Ahead of the Breach Recorded: Jul 1 2021 54 mins
    Michelle Drolet, Towerwall| Andy Thompson, CyberArk| Nico Fischbach, Forcepoint| Satya Gupta, Virsec| Micheal Meyer, MRSBPO
    Over 37 billion records were exposed in breach events in 2020 - by far the most records exposed in a single year, according to a recent report by Risk Based Security. How has remote working impacted your organization's security posture? What lessons can security professionals learn from the recent wave of breaches and what steps can enterprises take to strengthen security in 2021?

    This keynote panel of security experts and industry leaders will explore the best practices for breach prevention, as well as share real-life lessons from the frontlines on what works and doesn't work.

    Viewers will learn more about:
    - The reality of data breaches
    - Why data breach severity is rising
    - Ransomware attacks on the rise (doubling from 2019 to 2020) and the threat to businesses
    - Technologies that help with breach prevention, detection and response
    - Why security awareness matters and best practices for educating employees to be cyber secure

    Moderated by:
    Michelle Drolet, CEO, Towerwall
    Nico Fischbach, Global CTO, Forcepoint
    Micheal Meyer, Chief Risk and Innovation Officer, MRSBPO
    Andy Thompson, Research Evangelist, CyberArk
    Satya Gupta, CTO & Founder, Virsec
  • The Future of Access Management - Session 1 of 2 Recorded: Jul 1 2021 46 mins
    Stas Neyman, Director of Product Marketing at CyberArk Khizar Sultan, Sr. Director of Access Solution Strategy at CyberArk
    Access Management (AM) is an essential component of cybersecurity and a central pillar of the enterprise technology portfolio. Security leaders, including CIOs and CISOs, deploy Access Management solutions as part of their Zero Trust and defense-in-depth security strategies to defend IT systems against cyberattacks, identity-focused security breaches and data loss. At the same time, business leaders leverage AM technologies to enhance productivity, improve operational efficiency, and enable business initiatives dependent on reliable identity-based access control mechanisms.

    As IT environments evolve, business drivers change and cybercriminals increasingly target identities, Access Management capabilities must advance to address the new challenges and threats. In this webinar, we will help Security and Identity pros understand emerging trends in the Access Management space, demonstrate how AM can secure hybrid IT environments, and preview the next generation of CyberArk’s AM capabilities.
    After attending the webinar, you will be able to:
    • Understand how changes in IT environments and business drivers are shaping Access Management space
    • Determine which security-focused capabilities are becoming increasingly important
    • Evaluate CyberArk Identity against legacy and modern IAM solutions
    • Gain insight into the next generation of CyberArk’s Access Management capabilities
  • Proactive Prevention Starts By Assuming-Breach Recorded: Jun 8 2021 48 mins
    Brandon Traffanstedt, Sr. Director at CyberArk
    Proactive Prevention Starts By Assuming-Breach: Securing Powerful Access From Dynamic Threats

    Today’s cyber security strategy must secure access at all layers of the environment: from remote endpoints and devices to core databases and servers deep in the datacenter – whether located on prem, in the cloud, or both.

    Dynamic, increasingly complex environments present rich hunting grounds for bad actors and cyber criminals. Coupled with the proliferation of systems accessed by automated, machine-to-machine applications, bots, and cloud-based components like containers – the concern is immediate.

    From new types of ransomware to advanced supply chain attacks – as cyberattacks become ever-more sophisticated, how do you secure your organization?

    Join this session to start thinking like an attacker as we review how to adopt an “Assume-Breach” mindset to prevent attackers from circumventing access controls to penetrate and propagate within your environments. Through a Defense-in-Depth approach to security, Brandon Traffanstedt, Sr. Director at CyberArk, will explore how you can implement policies and controls that detect and isolate adversaries before they traverse your network and inflict serious damage.
  • Ransomware: How Privileged Access Management strategy mitigates risks Recorded: May 18 2021 46 mins
    Matthew Scott, Senior Sales Engineer & Massimo Carlotti, Solution Engineer Team Lead for CyberArk
    Ransomware have been making headlines again and again. Ransomware evolve and new ones like Maze are not only encrypting data and damaging business continuity, they also lead to public data leak of  confidential information. Learn how risks associated with the ransomware rise can be mitigated by implementing a comprehensive Privileged Account Management (PAM) strategy.
    CyberArk solution enables to mitigate the risk related to Ransomware by implementing least privilege approach and credential theft protection to prevent on the attack on the machines where it lands, combined with privileged credential rotation and isolation to block lateral movements and prevent the spread of the attack.
    During this webinar, you will discover the PAM programmatic approach that enables organizations to control this threat from end to end. The PAM approach allows you to secure the initial endpoint where attackers can land and prevent credential theft, privilege escalations and lateral movement
  • Protect against the Fundamental Nature of Ransomware Recorded: May 4 2021 57 mins
    David Higgins, EMEA Technical Director at CyberArk
    The Endpoint is more exposed than it ever has been before. As remote working becomes the norm, these devices are now very much outside the perimeter of the office defences. Unfortunately, exploiting the current global crisis, we have seen an increased and focused effort in Ransomware attacks.

    In this session, we review some past approaches to stopping ransomware and the challenges associated with them. Then look at a more holistic approach to securing the endpoint; enforcing security best practices such as Least Privilege and Application Control, and how this can actually protect against the fundamental nature of Ransomware
  • It’s Human to make mistakes – and attackers are banking on it Recorded: Apr 21 2021 29 mins
    Gary Pollock
    Falling victim to a Social Engineering Attack, Accidental Damage caused by excessive permissions and Misconfiguration are all elements of Human Error that Attackers will exploit – and persistently have done so to date.

    In this session we review what approaches could be taken to prevent such mistakes but also, and perhaps more importantly, limit their impact. The last point being – should we assume it is human to make mistakes, and so they will continue to happen – therefore our strategy should initially focus on reducing the impact of such incidents? We therefore will discuss isolating attacks from the initial point of intrusion, controlling user privileges and some methods for reducing and identifying misconfiguration.
  • First steps to regain control on a compromised infrastructure Recorded: Apr 13 2021 47 mins
    Aaron Fletcher, Senior Security Consultant for CyberArk
    Incidents put stress and pressure on the organisation to rapidly respond, reactively and tactically. So the question is, what do you do when this happens? And what could you do to help mitigate the frequency of incidents?

    In this Webinar we will look at a scenario where an organisation comes under attack from a malicious external actor, we will analyse the vector of the attack and we will identify where mitigations can be put in place to reactively respond and where you could proactively defend the organisation.

    - Identifying the type of attack and what did it do?
    - What is the recovery mechanism in place?
    - Measuring the decisions to return to Business as Usual operations
    - Threat Analytics and Discovery for known attacks and Vulnerabilities
  • It’s Human to make mistakes – and attackers are banking on it Recorded: Jan 21 2021 28 mins
    David Higgins, Technical Director at CyberArk
    Falling victim to a Social Engineering Attack, Accidental Damage caused by excessive permissions and Misconfiguration are all elements of Human Error that Attackers will exploit – and persistently have done so to date.

    In this session we review what approaches could be taken to prevent such mistakes but also, and perhaps more importantly, limit their impact. The last point being – should we assume it is human to make mistakes, and so they will continue to happen – therefore our strategy should initially focus on reducing the impact of such incidents? We therefore will discuss isolating attacks from the initial point of intrusion, controlling user privileges and some methods for reducing and identifying misconfiguration.
  • Secure Third Party Access with a Modern Identity-Based Approach Recorded: Dec 17 2020 42 mins
    David Higgins, Technical Director at CyberArk
    It’s widely known that perimeter-oriented solutions like VPNs and agent-laden endpoints are ill equipped to help organizations secure remote access to critical internal resources. Therefore, many organizations seek to take an identity-based approach to secure the perimeter and to keep critical internal resources safe. However, providing employees and vendors with smooth access can be an additional challenge. There are unique challenges that come with securing Third Party Vendors and other non-employees that require privileged access from outside a company’s four walls. Additionally, managing third party access can bring a wide range of operational challenges based on popular incumbent solutions.

    In this session, you’ll learn about mitigating risks associated with Third Party Vendors that require privileged access, securing remote access and increasing operational efficiency. You’ll hear about best practices for securing third Parties’ access internal resources, as well as how to make IT and security teams’ jobs easier.
  • Cloud Entitlements Manager Solution Demo Recorded: Dec 15 2020 17 mins
    Tal Kandel, Business Innovation Director at CyberArk
    See key Cloud Entitlements Manager features in action, including the solution’s centralized dashboard display, interactive access map visualizing relationships between identities and resources, exposure level scoring and IAM policy remediation.
  • CyberArk Showcase: Introducing Cloud Entitlements Manager ​ Recorded: Dec 15 2020 32 mins
    Udi Mokady, Chairman and CEO at CyberArk
    Please join our webinar to learn more about LEAST PRIVILEGE ACROSS YOUR CLOUD ENVIRONMENTS.
    The brand-new CyberArk Cloud Entitlements Manager is an AI-powered cloud security service that allows you to detect and remove excessive cloud permissions in a centralized, intuitive dashboard.
    In less than an hour, your organization can deploy the zero-footprint service to remediate risky entitlements across their cloud environments.
  • Managing Third Party Vendor Access? See What’s New with CyberArk Alero Recorded: Dec 14 2020 26 mins
    Chris Maroun, Global SE Director, Emerging Tech at CyberArk
    In today’s landscape with vendors requiring access to a variety of internal systems, including cloud applications, Windows and Linux systems, OT environments, and more, having a robust solution to secure access without straining resources has never been more important. Chris Maroun, Global Director of Solutions Engineering will walk through an in-depth service demo and explain how organizations can leverage Alero to more securely and more efficiently manage remote vendors who require access to critical internal systems.
  • Top Cloud Attack Paths You Should Worry About Recorded: Dec 8 2020 45 mins
    Brandon Traffanstedt, Global Solutions Engineer Director [CyberArk]
    Security pros detail the common ways bad actors attack your cloud environments
    As organizations just like yours transition to cloud environments, so do the cyber criminals. An inherent lack of visibility across cloud environments and workloads is masking security threats, undermining compliance and governance and compromising the value of cloud adoption. Individual cloud vendors, point security solutions and siloed teams address just one piece of the puzzle, increasing the risk of misconfigurations and inhibiting the ability to prioritize the most serious threats.
    It can be overwhelming for security teams when organizations rush headfirst into the cloud without consulting them, putting data and processes at risk.
    To effectively mitigate risk, you need to know what bad actors are after. This webinar will guide you through the main compromise points and attacks paths in the cloud.
    You will understand:
    •How attack paths in the cloud are different from the ones typical for on-premises infrastructure and resources
    •The danger of privileged credentials compromise in the cloud
    •Understand 3 to 4 of the most common Cloud attack paths and potential mitigation tactics and tools
    •The role of cloud identities and permissions in the overall cloud security posture

    Join this webinar and learn how to combat bad actors in the cloud. Bring your questions and concern, we will have a live Q&A session with the CyberArk security pro!
  • The Extended Benefits of Single Sign-On Solutions Recorded: Nov 18 2020 43 mins
    Stas Neyman, Director of Product Marketing
    Today, Single Sign-On (SSO) is a de facto standard for managing employee access to applications and systems. SSO eliminates the need for individual passwords for each application or system account and replaces them with a single set of credentials. The obvious and immediate benefits of Single Sign-On include drastically improved end-user experience, simplified access to corporate resources, and more robust identity security controls.

    However, there are many additional, long-term benefits organizations can realize by implementing SSO solutions that are frequently overlooked during initial discussions. For example, with properly configured self-service tools, companies can significantly reduce their IT costs by reducing the number of password-related help-desk tickets and calls. In addition, SSO can eliminate the risk accounts that remain active when employees change roles or leave companies.

    In this webinar, we’ll discuss the short-term and long-term benefits of modern SSO solutions and highlight the functionality needed to realize these benefits.
  • The Explosion of Identities & Proliferation of Privileged Access Recorded: Nov 9 2020 52 mins
    David Higgins, EMEA Technical Director at CyberArk
    In the past six months, organizations had to swiftly change or accelerate priorities to align with business continuity requirements driven by remote work and other digital transformation programs. As we approach a new year, we have greater visibility about the blind spots that were created along the way. There has been an explosion of identities in use, and we know that any user type (human or not) can have elevated privileges at any time. And, increasingly it’s business users that have elevated access that must be secured with minimal friction.

    Join us to learn:
    1) What is driving explosion of IDs how to leverage automation, AI and ML to ensure security keeps pace
    2) How to build a unified security architecture
    3) How to remove silos and share threat intel across tools
  • Best of IMPACT LIVE Series - Breaking the Cloud Using Five Different Methods Recorded: Nov 5 2020 29 mins
    Asaf Hecht, Security Research Team Leader, CyberArk
    Cloud environments exist everywhere. This in turn means that attackers are super motivated in finding ways to penetrate organizations’ cloud infrastructure. In this session, we will present findings from the CyberArk Labs team, demonstrate five attack techniques, and highlight fundamental considerations such as:
    1. How attackers can steal cloud credentials from endpoints, code and cloud VMs
    2. How intruders can compromise cloud users with only a few permissions, but still succeed to escalate their permissions and become full admins
    3. How to target SSO and IAM solutions that many organizations use for integrating their on-prem network to the cloud
CyberArk, leader in Privilege Access Management & Identity Security
CyberArk channel offers you regular insights and latest news on Privilege Access Management from the global undisputed leader in privileged access management.
You'll find here live webinars, on demand webinars and videos!

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Deconstructing the Twitter Attack: It’s Time to Prioritize PAM
  • Live at: Aug 27 2020 7:00 am
  • Presented by: Matt Tarr, principle solutions engineer for CyberArk
  • From:
Your email has been sent.
or close