By: Carolyn Crandall, CMO & Chief Security Advocate – The nature and scope of existing security paradigms are becoming outdated under the blistering emergence of new identity-based threats in the public cloud. In a traditional setting, user accounts are the principal identity and, therefore, the primary security focus.
In the public cloud, however, applications, databases, and data stores, among others, routinely have entitlements to other resources. The sheer volume of cloud identities and entitlements resulting from new concepts like non-human identities and managed services is palpable for today’s overwhelmed cloud security teams.
What might amount to hundreds of identities on a traditional network can translate into thousands in the public cloud, leaving security teams often blind to the full extent of their exposure. High-profile data breaches have underscored what identity-based attacks can do once attackers exploit misappropriated privileged credentials.
Among the changing tides of 2020, Gartner Inc. added a new segment to the security market that addresses this blind spot: cloud infrastructure entitlement management (CIEM, pronounced “Kim”). CIEM is becoming increasingly important as organizations of all sizes and industries prioritize corporate-wide digital transformation and deploy zero trust architecture. As cloud, hybrid cloud, and multi-cloud adoption increase across organizations, workloads processed in and between these environments require proper visibility, accurate risk assessment, and mitigation.
What does Microsoft’s acquisition of CloudKnox mean for Attivo?
Here at Attivo, we view this acquisition of CloudKnox as further validation of our company’s direction and are inspired by the additional focus in the market. CloudKnox Security shares a similar outlook with Attivo Networks for protecting cloud permissions, crediting that complete visibility into privileged access is vital for securing user credentials and cloud resources alike, whether across multi-cloud or hybrid cloud environments. On behalf of everybody at Attivo Networks, I would like to commend the CloudKnox team on its acquisition by Microsoft. Both companies demonstrate the urgency of protecting identities and entitlements in the cloud.
As this nascent marketplace related to cloud permissions management becomes more established, we predict CIEM will become an essential piece of the bigger security puzzle. Organizations are investing in digital transformation strategies that are heavily leveraging cloud platforms. As such, they must equip themselves with the right tools to gain visibility, right-size permissions, and reduce the attack surface for identities and entitlements in the cloud.
We look forward to participating in this new identity security market, which is now clearly heating up more than ever.
Learn more about the Attivo IDEntitleX CIEM solution here.