CFOtech Australia - Technology news for CFOs & financial decision-makers
Story image

CyberArk highlights new security threats at Impact World Tour

Fri, 25th Oct 2024

Brandon Traffanstedt, Field Chief Technology Officer (CTO) of CyberArk, is in Australia for the company's Impact World Tour event and discussed evolving cybersecurity challenges and solutions. Traffanstedt is focused on how the rise of AI and the proliferation of machine identities are reshaping the cybersecurity landscape.  

"We are focusing on two major goals: securing critical infrastructure and enabling digital transformation," Traffanstedt said. He explained that the World Tour events aim to foster collaboration by tailoring discussions to regional challenges, such as those specific to Australia and New Zealand.  

Emerging Threats and Evolving Attacks  

At the heart of CyberArk's strategy is the emphasis on addressing new cyber threats. Traffanstedt described "AI-enriched attackers" as an increasing concern. He noted, "The first thing that comes to mind is AI-augmented phishing—using large language models to craft more personalised and effective phishing campaigns."  

Additionally, Traffanstedt warned about post-authentication session hijacking. "Even with the most stringent authentication, attackers can exploit session cookies with high time-to-live (TTL) values. For as little as 17 dollars on the dark web, these tokens can cause millions in damages," he explained. The challenge lies in maintaining security without diminishing user experience, he added.  

CyberArk has developed a browser-based solution to tackle such attacks. It abstracts cookies to ensure they are inaccessible to potential hackers. "It prevents harvesting without degrading the user experience," Traffanstedt said.  

Humans, Machines, and AI Agents  

The challenges of managing both human and machine identities are not new to CyberArk," Traffanstedt shared, noting CyberArk's long history with machine identity security. "We started looking into this area back in 2007, and our journey has evolved from secrets management to strong machine authentication."  

Traffanstedt highlighted a growing concern: the rapid increase in machine identities outpacing human identities. "The ratio used to be three machine identities for every human identity. Today, it's closer to 45 to 1," he said. This imbalance introduces significant risks, especially as businesses adopt multi-cloud strategies and AI-powered tools."  

He explained how the responsibilities of AI agents are expanding, predicting that they will soon operate autonomously in areas like customer service. "These agents are neither fully human nor machine. They form a third category, and their security needs to reflect both human and machine governance principles," Traffanstedt said.  

Developers and Identity Challenges  

According to CyberArk, developers are another high-risk identity group. Traffanstedt described how they often possess elevated access rights and are now seen as privileged users. However, security controls for developers must be implemented with empathy to avoid stifling innovation or causing attrition.  

"We need to tailor security measures to fit developers' workflows, rather than forcing traditional IT controls onto them," he said. "The goal is to maintain robust security without disrupting productivity."  

However, CyberArk research shows that 62% of global organisations still define privileged access as exclusive to humans, overlooking the growing influence of machine identities. "This is a dangerous oversight, especially as AI tools become integral to business operations," Traffanstedt warned.  

AI-Augmented Attacks and the Future of Security  

As AI technology advances, cyber threats are also becoming more sophisticated. Traffanstedt highlighted concerns about AI-assisted polymorphic malware, which can modify itself to evade detection. "Threat actors are automating their attack paths, creating more efficient ways to compromise systems," he said.  

CyberArk's report indicates that 91% of organisations have experienced successful identity-related breaches, with phishing being a common entry point. "The human element will always play a role in attacks. It often starts with someone clicking on a phishing link, but the threat can escalate quickly, especially when machine identities are involved," Traffanstedt said.  

The company also warned about the risk of over-reliance on AI-powered security tools. "There's a tendency to trust these models implicitly, but it's crucial to secure the models themselves," he explained. "If threat actors compromise an AI model, it could create a false sense of security."  

Industry Response and Key Takeaways  

According to the CyberArk 2024 Identity Security Threat Landscape Report, 99% of Australian organisations experienced two or more identity-related breaches in the past year. Digital transformation initiatives were identified as a leading cause of these breaches, followed closely by third-party and supply-chain vulnerabilities.  

Thomas Fikentscher, Area Vice President for ANZ at CyberArk, stressed the importance of collaboration between CIOs, CTOs, and developers in addressing these challenges. "Leaders are managing multiple risks, including compliance, workforce shortages, and AI-related security concerns. The need for collaboration has never been more critical," he said.  

With Australia ranking among the top countries for cloud adoption, organisations are increasingly vulnerable to identity-based attacks. The report found that 93% of Australian businesses plan to use three or more cloud providers in the coming year, with 75% intending to adopt over 100 SaaS solutions.  

The Impact World Tour

CyberArk's message at the Impact World Tour next week is clear: securing identities—both human and machine—is essential to building resilience. Traffanstedt gave insight by saying, "To stay ahead, we need a new cybersecurity model centred on identity security. The old siloed approach just isn't enough anymore."  

Next week, the event highlights the importance of developing security solutions that align with business goals. "Our work is not just about preventing attacks," Traffanstedt said. "It's about enabling organisations to innovate securely and thrive in an increasingly digital world."