Latest news with #CyberArkIMPACT2025
Forbes
14-04-2025
- Business
- Forbes
CyberArk Warns About Cybersecurity Threats To AI Agents And LLM
Are digital entities looking for vulnerabilities in your systems and workflows? The 2025 Forbes AI 50 list highlights a turning point: 'AI graduated from an answer engine to an action engine in the workplace.' Like other graduates entering the workforce, AI agents meet fresh opportunities, face unfamiliar responsibilities, and must overcome new challenges. As more AI agents are deployed in enterprises worldwide, the scale and scope of cyberattacks escalate, as many organizations embed them into critical systems without proper safeguards. AI agents represent new classes of cybersecurity vulnerabilities, providing new venues for infiltrating and manipulating enterprise systems. At CyberArk IMPACT 2025 last week, Lavi Lazarovitz, VP of cyber research at CyberArk, presented an initial analysis of the range of threats posed by the brand-new agentic systems. 'Agents are distinguished by autonomy and proactivity,' said Lazarovitz. As such, they are turning into the most privileged digital identities enterprises have ever seen. The cybersecurity landscape for AI agents will continue to evolve, and at present, there is no silver bullet that can fully mitigate all security risks they pose, according to CyberArk researchers. The best approach is what they call 'defense in depth,' or implementing multiple layers of protection at different stages of the workflow and across various security measures. More broadly, CyberArk warns enterprises to 'never trust an LLM.' Attackers will always find ways to exploit and manipulate these models, so security must be built around them, not within them. At IMPACT 2025, Retsef Levi, Professor of Operations Management at the MIT Sloan School of Management, spoke about the 'Very real risk of creating complex systems with opaque operational boundaries and eroded human capabilities that are prone to major disasters and are not resilient.' Using an LLM is like taking a drug without knowing what's in it, says Levi. The mystery is three-dimensional: The humongous number of parameters obscuring what the model can do; the open data, internet data, on which the model is based (as opposed to in-house, clean data); and the source, the origin of the model's development. The key challenge in implementing AI agents, says Levi, is making sure they 'don't degenerate and erode critical human capabilities,' especially in the areas where humans are superior to AI: Identifying nuance; sensitivity to changing conditions, exceptions, and anomalies; and sensing a new context. 'Don't confuse performance with capability,' advises Levi. As generative AI and LLMs enhance cyberattack capabilities by using machines to manipulate humans or other machines, Levi recommends developing 'measurements for understanding your digital supply chain,' identifying potential vulnerabilities. The research effort to uncover the new 'attack surface' created by generative AI is growing fast. Startup Pillar Security, for example, released a report analyzing over 2,000 real-world LLM-powered applications. Pillar found that 90% of successful attacks resulted in the leakage of sensitive data and that adversaries require only 42 seconds on average to complete an attack, highlighting the speed at which vulnerabilities can be exploited. This present state of attacks on generative AI will get worse in the near future. By 2028, according to Gartner, '25% of enterprise breaches will be traced back to AI agent abuse, from both external and malicious internal actors.' The interest in investing or acquiring related cyber defense skills and solutions is also growing. For example, Palo Alto Networks is set to buy AI cybersecurity company Protect AI for an estimated $650-700 million, sources informed Globes last week. 'Protect AI might end up being the second acquisition [after Cisco's acquisition of Robust Intelligence for a reported $400 million] in the nascent AI security market, but it certainly won't be the last,' reports Information Security Media Group. AI agents' autonomous nature and complex decision-making capabilities introduce various threats and vulnerabilities that span security, privacy, ethical, operational, legal, and technological domains. These real-world challenges will probably not slow down the widespread deployment of AI agents. According to CB Insights, mentions of 'agent' and 'agentic' on earnings calls surged in the first quarter of 2025, with both hitting all-time highs. For the second year in a row, Amazon CEO Andy Jassy used his annual letter to shareholders to stress the contribution of generative AI applications to Amazon's continuing success. He reported that 'there are more than 1,000 GenAI applications being built across Amazon, aiming to meaningfully change customer experiences in shopping, coding, personal assistants, streaming video and music, advertising, healthcare, reading, and home devices, to name a few.' Jassy also highlighted the importance of generative AI to the future of all enterprises: 'If your customer experiences aren't planning to leverage these intelligent models… and their future agentic capabilities, you will not be competitive.'
Yahoo
01-04-2025
- Business
- Yahoo
CyberArk to Host CyberArk IMPACT 2025: The Premier Conference for Identity Security
NEWTON, Mass. & PETACH TIKVA, Israel, April 01, 2025--(BUSINESS WIRE)--CyberArk (NASDAQ: CYBR), the global leader in identity security, will host its annual conference, CyberArk IMPACT 2025, in Boston, MA from April 9-11. As the premier conference for identity security, CyberArk IMPACT 2025 will bring together in-person more than 1,500 cybersecurity professionals to explore the latest developments and trends in identity-based threats and the advancements in products and technologies for securing every identity, human and machine, including AI agents and other non-human identities (NHIs). Keynote sessions will address the challenges and essential solutions for ensuring identity security in an increasingly dangerous threat landscape, including the impact of agentic AI. Attendees will also get a firsthand look at the newest capabilities of the CyberArk Identity Security Platform. This groundbreaking update will demonstrate how CyberArk is continually innovating to secure identities in an increasingly connected and chaotic world. Additionally, Jen Easterly, former Director of the Cybersecurity and Infrastructure Security Agency (CISA), will deliver a keynote address on the 'Promise and Perils of Emerging Technology.' Easterly's expert insights will provide critical perspectives on how AI and other emerging technologies are reshaping cybersecurity and the broader landscape of national security. With more than 70 breakout sessions, 20 hands-on labs, technical certifications and other special events, this year's CyberArk IMPACT will empower attendees to leverage comprehensive identity security to strengthen their security postures and drive real business outcomes for their organizations. Topics include strategies for accelerating and extending identity security, scaling machine identity security, securing AI agents, real-world attack simulations, product roadmap sessions and much more. "In today's rapidly evolving threat landscape, cyberattacks continue to accelerate and intensify. Add AI into the mix and the attack surface isn't just expanding – it's skyrocketing, and identities are the top target," said Matt Cohen, Chief Executive Officer, CyberArk. "Identity security must be central to every organization's cybersecurity strategy. It's a critical time for our industry and at CyberArk IMPACT 2025, we'll explore the many challenges facing security teams and most importantly, how to take back control to protect organizations and people." Speakers and session highlights include: Executive Keynotes: Presentations by Matt Cohen, CEO CyberArk and Udi Mokady, Founder and Executive Chairman, CyberArk. Platform Keynote: New product innovations presented by Peretz Regev, CyberArk Chief Product Officer. Industry Keynote: Jen Easterly, Former Director of CISA, will explore the intersection of AI and cybersecurity. Academic Keynote: Professor Retsef Levi, MIT Sloan School of Management, will discuss AI systems and emerging risks. Partner Perspectives: Executives from AWS, Accenture and PwC will share insights on key cybersecurity issues. Research Keynote: Lavi Lazarovitz, CyberArk's Vice President of Cyber Research at CyberArk, will explore the future of AI-based threats. Customer presentations: Security leaders from Aflac, Discover Financial Services, Four Seasons Hotels and many others will share insights and learnings. Hands-on Labs: Sessions which earn Continuing Professional Education (CPE) credits for attendees. CYBR Arena: A showcase of new products and services from CyberArk and its partners, delivered through an immersive event experience. About CyberArk IMPACT CyberArk IMPACT is CyberArk's annual flagship event for customers, partners and its extended community. In addition, in 2025, CyberArk will host a series of CyberArk IMPACT World Tour events in 37 cities around the world. Those who cannot attend in person can register for a virtual pass here. About CyberArk CyberArk (NASDAQ: CYBR) is the global leader in identity security, trusted by organizations around the world to secure human and machine identities in the modern enterprise. CyberArk's AI-powered Identity Security Platform applies intelligent privilege controls to every identity with continuous threat prevention, detection and response across the identity lifecycle. With CyberArk, organizations can reduce operational and security risks by enabling zero trust and least privilege with complete visibility, empowering all users and identities, including workforce, IT, developers and machines, to securely access any resource, located anywhere, from everywhere. Learn more at Copyright © 2025 CyberArk Software. All Rights Reserved. All other brand names, product names, or trademarks belong to their respective holders. View source version on Contacts Investor Relations: Srinivas Anantha, CFACyberArk617-558-2132ir@ Media: Rachel GardnerCyberArk603-531-7229press@
