Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

At CyberArk, the trust and security of our customers are at the heart of everything we do. Today, July 15th, we are addressing the publication of several Common Vulnerabilities and Exposures (CVEs) related to CyberArk Secrets Manager, Self-Hosted (formerly Conjur Enterprise) and Conjur Open Source (OSS). We regret the challenges this situation may pose to our customers and reaffirm our commitment to supporting them through the resolution process.

What does it take to stay calm in the face of constant cyber pressure—and why does that mindset matter more than ever? In this episode of Security Matters, host David Puner speaks with Den Jones, founder and CEO of 909Cyber, about his transition from enterprise chief security officer (CSO) to cybersecurity consultant.

Modern enterprises are facing an identity explosion. Fueled by cloud adoption, DevOps acceleration, and now agentic AI, the number of human and machine identities is growing faster than most organizations can manage. According to the CyberArk 2025 Identity Security Landscape, 9 out of 10 organizations report a successful identity-centric breach, with relentless and sophisticated bad actors continuing to target identities. Machine identities now outnumber human identities by an astonishing 82:1.

Scattered Spider has emerged as one of the most disruptive advanced persistent threats in recent years, breaching major organizations across telecom, gaming, transportation, and retail. In the last few months, the group has escalated its activity—targeting financial services and launching coordinated ransomware campaigns that have crippled operations and exposed sensitive data.

Alex was the kind of IT administrator who kept everything humming smoothly behind the scenes at QuantumAxis Corp. Servers, user accounts, random requests at 4:55 PM on Fridays—he put out the fires and stayed out of the drama. So, when the CISO asked for a “quick chat,” he braced himself. “Alex,” she said, with zero preamble, “we’ve had too many close calls lately.

Technology is moving at the speed of light, and two forces—quantum computing and AI agents—are poised to shake up cybersecurity. We’re not talking about some far-off future; this is happening now. The message for CISOs and security leaders is simple: If you’re not preparing now, you’re already behind. As we say in Brazil, “Melhor prevenir do que remediar” or “better to prevent than remediate.”

In July 2024, Google introduced a new feature to better protect cookies in Chrome: AppBound Cookie Encryption. This new feature was able to disrupt the world of infostealers, forcing the malware developers to quickly modify their malware to adapt to the latest protections. In the new era of cookie protection, infostealer malware either need direct access to the Chrome process or to run with elevated privileges.

The line between human and machine is blurring—and it’s not a question of whether machines can do more, but how far we’re willing to let them go. The frontier lies in tackling the chaos and solving the fragmented processes that slow enterprises: siloed rulebooks, scattered pricing spreadsheets, and manual approvals.

In this episode of Security Matters, host David Puner sits down with Deepak Taneja, co-founder of Zilla Security and General Manager of Identity Governance at CyberArk, to explore why 2025 marks a pivotal moment for identity security. From the explosion of machine identities—now outnumbering human identities 80 to 1—to the convergence of IGA, PAM, and AI-driven automation, Deepak shares insights from his decades-long career at the forefront of identity innovation. Listeners will learn.

Machine identities—like the API keys, certificates, and access tokens that secure machine-to-machine connections—are swarming businesses. Yet, many teams still reach for manual tools while their systems overclock. At the start of the year, I predicted the ratio of machine to human identities would likely soon tip past 100:1. As of mid-year, most organizations are clocking in at more than 80:1—and I’ve seen environments as high as 500:1.