Cyera Platform Announcement: Automated Remediation Actions
Cyera adds automated remediations to become the operational data security platform for the enterprise
A proactive mindset is one of the key traits of the most successful security teams. Yet a recent Dark Reading research report highlights that 97% of security teams struggle to apply proactive security because remediation activities are inefficient. If they weren’t bogged down with inefficient ad-hoc, manual processes, security leaders believe their teams would be more successful at supporting the business to safely leverage data. Today Cyera is providing them with a solution. We have enabled automated remediations to resolve security and compliance exposures for sensitive data.
Cyera is a pioneer in the Data Security Posture Management (DSPM) space. Our cloud-native Data Security Platform implements artificial intelligence (AI), machine learning (ML), and an automated, agentless approach that empowers security teams with holistic visibility, continuous insights, and a deep understanding of the data they are charged with securing so they can implement the right controls with confidence. Across the DSPM ecosystem, remediations have remained challenging due to a lack of agents and direct connectors. Cyera has changed that by enabling remediations directly in our platform. Cyera remediations can be fully automated, part of an integration workflow, or guided with specific context and recommendations.
Fully Automated Remediations
In the last two years, Microsoft, with Microsoft 365 (M365) has eclipsed all other cloud providers to emerge as the most widely used enterprise cloud service by user count. One out of every five corporate employees uses an M365 cloud service. More than 90% of companies with at least 100 employees use M365. The challenges enterprises face with rapid adoption are understanding what data is managed in M365, who has access to it, and how using that data increases their risk.
A major US-based healthcare organization uses Cyera to automatically and continuously identify and remediate security and compliance exposures across their data landscape. With Cyera, the entire M365 environment is continuously scanned to find sensitive data and uncover security and compliance exposures. This extends to applying the correct Microsoft Information Protection (MIP) sensitivity labels in their M365 environment to also enable DLP functionality across Microsoft Purview as well as the network, email, and endpoints. Purview is a data governance and compliance suite designed to tackle the challenge of rampant data growth in SaaS environments. It relies on MIP sensitivity labels to apply data security controls. Before Cyera, their labels were frequently missing or incorrect, which impacted Purview’s ability to apply information governance rules, since it relies on the labels to make decisions. With Cyera, Purview can apply the necessary encryption, DLP, and access controls as dictated by its policy engine. This defers or eliminates the need for expensive E5 license upgrades, and overcomes manual, time-consuming and inaccurate data sensitivity designations and enables Purview to govern sensitive data use.
Automated Remediation Workflows
Most businesses have robust security processes and audit requirements. This can make it challenging or impossible to fully automate remediation activity. Cyera’s open API now includes webhooks to enable broad ecosystem integration.
This enables a major semiconductor company to automate remediations via Tines, a secure workflows tool. When Cyera identifies public links to files containing sensitive data, or sensitive data accessible by stale accounts that constitute insider risk, an event is fired. This event triggers an automation workflow in Tines that then takes action to create a ticket, notify security operations personnel, and then eliminate the overly permissive access using the O365 management API. A global pharmaceutical company uses a similar approach to remediate public exposure for S3 buckets, and to implement TLS encryption for sensitive data in AWS.
Integrations Add Critical Data Context to Security Tools
Alert fatigue is a real problem with many security products. Especially when rules lack the granularity to understand data, they generate a lot of noise and exhaust security operations teams. According to a Critical Start survey, 68% of security leaders report that 25-75% of the alerts they investigate are false positives. Another recent survey reported that 52% of businesses receive >40% false positive alerts stemming from 10 or more siloed security tools.
ACV Auctions integrates Cyera’s DSPM and DDR notifications into a centralized SIEM platform to inform vulnerability management - proactively addressing their security posture - and incident response - informing the scope and scale of a suspected security incident. Cyera has developed integrations with existing cloud security solutions, including Wiz, Splunk, Jira, Microsoft Teams, Slack, and others, to provide our deep data context to inform remediation efforts and help teams prioritize and take action quickly and confidently.
To learn more about Cyera’s Data Security Platform, and to get started with automated remediations in your environment, please visit cyera.io/demo.