CyberArk, an identity security company, has announced new capabilities aimed at securing access to cloud services and modern infrastructure for all users. These latest capabilities are grounded in the company's risk-based intelligent privilege controls and include significant improvements to the CyberArk Secure Cloud Access solution.

The enriched solution provides just-in-time access to cloud management consoles and services operating in multi-cloud environments with zero standing privileges. Importantly, these new security controls permit secure access to every layer of a cloud environment without causing disruptions or changes to the way developers and other users typically access cloud services.

Recent research indicates that a staggering 85% of organisations plan to utilise three or more public cloud providers within the following year. However, only 9% of organisations employ an agile, holistic method to secure identities throughout their infrastructures. This leaves them particularly susceptible to identity-related attacks.

CyberArk's Identity Security Platform aids organisations in gaining vital visibility and context for identity-centric risks in their cloud environment, facilitating the smooth transition from insight to effective action with simple migration of standing access policies to zero standing privileges.

Melinda Marks, Practice Director for Cybersecurity at Enterprise Strategy Group (ESG), comments: "The remediation and removal of excessive, unneeded and unused permissions and entitlements from administrators, employees, service accounts and machine accounts is key to maintaining a posture of least privilege access, and our research shows that organisations are greatly challenged in this area."

"By combining greater automation and developer-focused user experience with its approach to zero standing privileges and just-in-time controls for the cloud, CyberArk is helping organisations reduce the exposure window while saving overworked cybersecurity teams from manual work," says Marks. 

The CyberArk Identity Security Platform emphasises flexible, risk-based controls to secure access to varying targets for both human and non-human identities. Targets include SaaS applications, workloads and cloud services that are accessed by bots, service accounts, business users, IT admins, software developers, cloud engineers and third-party vendors.

Matt Cohen, CEO of CyberArk, points out the dual nature of cloud services. While they offer organisations the ability to deploy new applications rapidly, they also introduce a host of new identities and potential attack vectors. The lag in cybersecurity controls adapting to these expansive environments leads to a cybersecurity debt.

In response to this challenge, CyberArk is committed to providing advanced cloud security solutions that focus on automation and risk reduction to bridge this gap. They are investing in innovative offerings like Secure Cloud Access to enhance identity security within the cloud significantly, underscoring their dedication to addressing the evolving security needs of cloud-based operations.

Matt Cohen says: "Cloud services have afforded organisations tremendous speed to deliver new applications, but they have also created countless new identities and attack methods."

"Cybersecurity controls often lag behind the scale of these new environments, contributing to cybersecurity debt. We are delivering new cloud security solutions that emphasise automation and risk reduction to help close that gap."

"CyberArk is continuously investing to deliver comprehensive, innovative cloud security solutions, like Secure Cloud Access, that help dramatically improve identity security in the cloud," concludes Cohen.