Optiv Security announced its Privileged Access Managed Service on July 16, which benefits from a technology integration with privileged access security vendor CyberArk.
The new service pairs CyberArk’s technology with Optiv’s cyber-security management platform, providing an overall approach to help organizations manage and secure privileged access management. Optiv will manage customers’ existing CyberArk deployments or help them deploy a new one, integrating the platform’s capabilities with a broad set of cyber-security services.
“The long-term benefit is, as we continue to build and mature the system, we provide the ability to really run a customer’s full identity infrastructure, with CyberArk as one of the key pieces,” Bryan Wiese, vice president of advisory services at Optiv, told eWEEK.
Customers will have in their environment other functions besides identity management that are needed beyond just what CyberArk provides, according to Wiese. Those features include identity governance, SIEM (Security Information and Event Management) technology and incident response services.
CyberArk provides privileged account security technology that helps organizations secure sensitive access. Optiv, on the other hand, was formed in February 2015—after the merger of Accuvant and FishNet—to help organizations plan, build and run cyber-security platforms. Identity and Access Management (IAM) is one of the core areas of Optiv’s practice, which was expanded in April 2016 after the acquisition of IAM services vendor Advancive.
Incident Response
A core element of Optiv’s managed services portfolio are incident response capabilities, which Wiese helps to lead. While incident response is not part of the Privileged Access Managed Service, Optiv is aligning the two services to complement each other for customers that choose to pay for both sets of services, he said.
“When analysts do find things or see breaches, we can switch over to do hunting and remediation,” Wiese said.
Identity and specifically privileged accounts are often targeted by attackers and have been involved in many of the breaches that Optiv’s incident response team has investigated in recent years. The challenge of securing privileged accounts isn’t just about stopping malicious outsiders, but also insider threats. Wiese said Optiv is now building out a framework to help organizations plan and defend against insider threats involving privileged accounts.
There are multiple components that organizations need to consider when figuring out a privileged access management strategy. For example, Wiese said some organizations focus on implementing multifactor authentication to improve user security, which is a good step, he said. What is sometimes missing, however, are policies and controls about how accounts are granted by organizations in the first place. Understanding where privileged accounts are based and what access they have are also essential to security, according to Wiese.
“Sometimes organizations look at the issue of access management from only one viewpoint. The problem with identity and access is that it’s a multidirectional thing that organizations need to be aware off,” Wiese said. “It’s not as easy as just putting CyberArk into use, though it does take a good chunk of the challenge. Organizations still have to understand what is the identity and data life cycle.”
What’s Next
Looking forward, Wiese said the plan for Optiv is to build services and programs that are more proactive and less reactive to specific incidents. For example, with incident response, Wiese said there is more that can be done to mitigate risk from a breach simulation perspective and help to prepare customers for incidents.
“We operate under the mindset that a security breach is likely going to come to our customers,” he said. “So we’re trying to get them to understand the vulnerabilities [and] address those things through technology and process changes, so when things do happen, much of the risk has been mitigated.”
Sean Michael Kerner is a senior editor at eWEEK and InternetNews.com. Follow him on Twitter @TechJournalist.