New CISO View report highlights the importance of risk reduction for robotic process automation
Global 1000 security executives share strategies for securely scaling RPA initiatives, including automating credential management and limiting access for reprogramming robots.
CyberArk (NASDAQ: CYBR), the global leader in privileged access management, today announced a new report, The CISO View: Protecting Privileged Access in Robotic Process Automation. Sharing recommendations from information security executives at
Global 1000 enterprises, the report discusses how to securely drive innovation through robotic process automation (RPA).
Less than half of organisations have a privileged access management strategy in place for digital transformation technologies, like RPA. The CISO View examines attack techniques and provides practical advice from early RPA adopters on how organisations can mitigate the risks associated with non-human privileged access, including providing robots with more privileges than required to perform functions and tasks.
The report recommends tightening access to RPA tools and mandating secure practices for developing robot scripts. It emphasises integrating RPA and enterprise security technologies in order to automate the management of credentials and detect misuse.
As part of The CISO View industry initiative, sponsored by CyberArk, this report provides practical recommendations from information security executives based on their first-hand experiences. Members of the CISO View research panel include Global 1000 organisations such as Asian Development Bank, GIC Private Limited, Highmark Health, Kellogg Company, Lockheed Martin Corporation, Orange Business Services, Pearson, Rockwell Automation, Royal Bank of Canada, and T-Systems International. These experts share key recommendations for how organisations can securely adopt RPA while mitigating potential risks, including:
- Limiting access for reprogramming robots: Reduce the risk that comes with RPA permissions, like the ability to reprogramme robots, by securely managing credentials to RPA tools and training RPA teams on secure software development practices.
- Automating credential management: Successful RPA deployments require automated credential management, including machine-generated passwords, automatic password rotation, identity verifications and just-in-time or time-limited credential access.
- Establishing robust processes for monitoring RPA activity: Rapidly detect and respond to unauthorised or anomalous robot behaviour by assigning human managers, enforcing least privilege and making actions traceable.
“From finance and HR to manufacturing, organisations are rapidly adopting RPA to drive new efficiencies for their business and deliver innovative services to customers,” said Marianne Budnik, CMO, CyberArk. “This report provides a playbook for organisations to embrace security in a way that enables the business and helps RPA projects move forward as part of key digital transformation initiatives.”
The fourth in The CISO View series, this report was developed in conjunction with independent research firm Robinson Insight.
To download “The CISO View: Protecting Privileged Access in Robotic Process Automation” and other reports in the series, visit https://www.cyberark.com/cisoview/.
Visit CyberArk at RSA Conference (North Expo, Booth #6353) to learn more.
CyberArk (NASDAQ: CYBR) is the global leader in privileged access management, a critical layer of IT security to protect data, infrastructure and assets across cloud and hybrid environments and throughout the DevOps pipeline. CyberArk delivers the industry’s most complete solution to reduce risk created by privileged credentials and secrets. The company is trusted by the world’s leading organizations, including more than 50 percent of the Fortune 500, to protect against external attackers and malicious insiders. A global company, CyberArk is headquartered in Petach Tikva, Israel, with U.S. headquarters located in Newton, Mass. The company also has offices throughout the Americas, EMEA, Asia Pacific and Japan. To learn more about CyberArk, visit https://www.cyberark.com/, read the CyberArk blogs or follow on Twitter via @CyberArk, LinkedIn or Facebook.