Mickey Bresman, CEO of Semperis, didn’t shy away from the challenges that artificial intelligence (AI) and hybrid environments pose for cybersecurity professionals today.
“The world is hybrid, and it will be for a very long time,” Bresman said. This is why traditional approaches to identity management fail, he said.
(Note: The video above shows Semperis Co-Founder CEO Mickey Bresman being interviewed by SC Media’s Paul Wagenseil at the Semperis 2024 Hybrid Identity Protection (HIP) conference. A transcript of the interview follows below.)
Speaking to SC Media during the Hybrid Identity Protection (HIP) Conference in New Orleans earlier this week, Bresman said identity-based resilience is not just an option but a necessity for navigating the evolving cybersecurity landscape.
Bresman’s central argument is that managing and securing digital identities in a mix of on-premises and cloud environments requires a corresponding hybrid identity approach. He says this will ensure consistent authentication, authorization and access control, regardless of where the resources or data resides.
(For additional coverage of Semperis’ Hybrid Identity Protection (HIP) 2024 conference, see additional coverage: Semperis HIP Day One Conference: Microsoft mea culpa, a call to cybersecurity coalitions And Second day of the Semperis HIP conference: Ransomware, resilience and identity recognition)
“If you run a virtual machine in AWS or Azure, (those cloud instances) are still part of your environment,” he explained, emphasizing the importance of comprehensive security policies that address both assets on-premises and in the cloud.
Bresman detailed the evolution of Semperis’ offerings, which began with a focus on disaster recovery for Active Directory (AD) but expanded to include proactive cyber defense measures.
“We started by saying, look, if ultimately a company has something on-premises that relies on AD, and then they extend to the cloud, they need to understand what’s going on inside of those stores identity,” Bresman noted.
He emphasized the importance of leveraging identity to build what he calls “identity-based cyber resilience,” which also extends protection to SaaS applications.
A significant portion of Bresman’s discussion with SC Media focused on the role of artificial intelligence (AI) and automation in cybersecurity.
“We see both defenders and villains becoming more sophisticated with AI,” Bresman said. He predicts that many manual tasks currently performed by cybersecurity teams will soon be automated, making defenses faster and more effective, able to anticipate threats in a way that traditional methods simply cannot.
AI as a silver bullet for identity
However, Bresman cautioned that AI, while powerful, presents its own challenges, particularly when managing hybrid identity and authorization structures. “AI can help us make sense of large amounts of data,” Bresman said, “but it also requires us to rethink how we approach identity governance in different systems.”
He said many organizations struggle with authorization structures. “What works in Salesforce may not match in DocuSign, which can lead to unintended access,” he said. His argument is that AI can do the heavy lifting of bridging and harmonizing permissions between two disparate SaaS applications, but AI is not yet the panacea many want and requires oversight and checks and balances.
There is a need for a universal human manager to streamline and secure these processes, he said.
Actively targeted: Active Directory
Bresman also urged IT security professionals to read the recent report (PDF) from the Five Eyes intelligence alliance, which identified common attack vectors targeting AD.
“In nine out of ten attacks, Active Directory will be a target,” Bresman said, emphasizing the importance of remediating misconfigurations (ADs) that could leave organizations vulnerable. Misconfigurations include overly permissive access control, failure to implement the principle of least privilege, use of legacy protocols, poorly designed trust relationships, and lack of auditing and monitoring.
Bresman’s ideas reflect Semperis’ mission to improve identity protection and cyber resilience, not only through its technology, but also by fostering a community dedicated to solving these pressing issues.
“It’s a journey,” Bresman concluded. “We’re not just looking at what’s happening today; we build the tools and strategies organizations will need to remain resilient in the future. »
Transcript of interview between SC Media and Mickey Bresman
The following is an edited transcript of Mickey Bresman’s interview with SC Media at the Hybrid Identity Protection Conference earlier this week. Check out the full interview and watch the video above.
SC Media: Mickey, thank you for joining us today. Let’s start with the big picture: what do you see as the biggest cybersecurity challenge in a hybrid world?
Mickey Bresman: Thank you for inviting me. The world is hybrid, and it will be for a very long time. Today, most organizations manage a combination of on-premises and cloud systems, and this combination brings its own unique challenges. One of the most important is understanding and protecting identity stores in these environments. If you run a virtual machine in AWS or Azure, it’s still part of your environment and the need for security doesn’t stop just because it’s in the cloud.
SC Media: That makes sense. It seems Semperis has evolved over the years. Can you talk about this development?
Mickey Bresman: Absolutely. We started by focusing on disaster recovery for Active Directory (AD) because we saw this as a huge vulnerability for organizations. If AD goes down, everything stops: it is the heart of the IT environment. But over time, we realized that it wasn’t enough to just focus on recovery. We needed to develop proactive defense measures. Now, we don’t just help organizations recover from an attack; we help them prevent this in the first place. We call this “identity-based cyber resilience.” It’s about leveraging identity to extend protection to SaaS applications and beyond.
SC Media: You mentioned AI and automation during your keynote. How do you view those who play a role in cybersecurity?
Mickey Bresman: AI is a game changer, without a doubt. We see both defenders and villains becoming more sophisticated with AI. For us, it’s about automating tasks that currently take up a lot of cybersecurity teams’ time, like threat detection, analysis, and even some response actions. AI can make these processes not only faster, but also more predictive. This helps us anticipate threats before they become incidents. But this is not without its challenges. AI is also forcing us to rethink how we approach identity governance, particularly in hybrid environments. You have different systems (Salesforce, DocuSign, etc.) and what works in one may not necessarily work in another. This is where AI can help make sense of it all, but it also means we need a universal approach to managing these permissions.
SC Media: You mentioned the recent Five Eyes report. Can you explain why Active Directory remains such a popular target?
Mickey Bresman: Of course. The report is very clear: nine out of ten cyberattacks will target Active Directory in one way or another. AD is a very attractive target because it controls everything: user authentication, authorizations, access to resources. If an attacker breaks into AD, they essentially hold the keys to the kingdom. The problem is that AD was created at a time when the threat landscape was very different. Today, with hybrid environments, the attack surface has expanded and configuration errors are all too common. Things like overly permissive access controls, legacy protocols, and a lack of proper monitoring make it easier for attackers. That’s why we emphasize the importance of not only patching vulnerabilities, but also addressing these fundamental misconfigurations.
SC Media: What’s next for Semperis in this space?
Mickey Bresman: It’s a journey, like I said. We don’t just look at what’s happening today; we are focused on creating the tools and strategies that organizations will need to remain resilient in the future. We want to continue to push the boundaries of identity protection and ensure that as the world continues to evolve, our solutions evolve with it. Hybrid environments are complex, but with the right policies in place, we can secure them.