In the News: 2015

eWeek, July 2015
"The common attack as well as the land and expand methods of intruders depend on moving within the network via stolen credentials," Lieberman said. "To minimize this consequence, companies must change the way they use privileged identities from the IT perspective—no use of domain admin accounts—and the removal of users having local administrator rights on their own machines."
InfoSecurity Magazine, June 2015
“The fact that IT professionals believe that data breaches are occurring more frequently than reported is revealing,” said Philip Lieberman, CEO of Lieberman Software. “Due to today’s advanced cyber-attacks, intruders are already within most IT environments, are undetectable, and have access to credentials on every compromised machine.”
TechWeek Europe, June 2015
"A survey from Lieberman Software Corporation revealed that 87 percent of IT professionals believe large financial hacks are happening more often than reported, and right under the nose of security auditors."
CSO, June 2015
"If someone breaks into your house, and you have the keys to the Porsche and the Mercedes sitting on the kitchen counter, they'll steal your cars," he said. In enterprise terms, this means changing operations so that there are no credentials sitting on machines, waiting to be stolen.
Information Security Buzz, June 2015
“Lieberman Software released a new whitepaper this week called “Cyber Defense Review of Mandiant and Verizon Threats: How to Immediately Limit Attack Consequences.”  In it, they lay out a step-by-step analysis, repudiating recent claims made by Mandiant and Verizon, and offer solutions for protecting organizations from the common phases of most cyber attacks.”
 USA Today, June 2015 
 “Let's be honest here, it's not as if MLB teams have national security-level experts guarding their computer systems. Even the MLB waiver wire can be accessed by thousands of front office executives and scouts on their computers, iPads or cell phones. Why, in a recent study by Lieberman Software, nearly 23% of IT security professionals admitted they can access their previous two employers' systems simply using their old credentials.”
 Vigilance Security, June 2015
 “It is a tragedy that the Executive Branch as well as NIST and NSA have been preaching the gospel of security by design, segmentation of data and control, proper identity management, and effective monitoring. Here with OPM we have an agency entrusted with the defence of its government employees ignoring the guidance given by the government as well as failing to implement off-the-shelf technologies that are common to the commercial realm.”
Wall Street Journal, May 2015
 “A survey of 170 IT professionals by Lieberman Software found 76% of respondents said the evolution of cyberattacks is occurring too quickly for IT departments to keep up...”
InfoSecurity, May 2015
 “As zero-day attacks and other cyber threats evolve at a steady pace, many organizations are searching for new IT security solutions to defend against the latest wave of attacks,” said Philip Lieberman, president of Lieberman Software. “Unfortunately, these organizations often discover too late that the products they purchase cannot scale to large enterprise environments, or be deployed quickly enough to provide real defense. That creates a significant security deficit that leaves organizations at risk.”
TechWeek Europe, May 2015
"Both government and commercial enterprises can defend themselves from the actions of hacktivists, but it usually requires more focus and resources than many organisations are willing to provide. At least until they find themselves victims of a cyber attack.”
SC Magazine, April 2015
“There is an assumption that if a person or group have the ‘keys to the kingdom' with full admin rights across an enterprise, that this is a viable and effective way to apply security policies. Anyone who has full admin rights and no accountability has the opportunity to effect an insider attack with a low risk of being detected. Without privilege admin controls there is no way of controlling this security blind spot.”
InfoSecurity, April 2015
"Roy Duckles, EMEA channel director at Lieberman Software, argued that many firms remove internal safeguards in order to maintain staff productivity levels. “Anyone who has full admin rights and no accountability has the opportunity to effect an insider attack with a low risk of being detected. Without privileged admin controls there is no way of controlling this security blind spot. Add to this the fact that many companies fail to enforce a strong password policy, and many passwords are replicated and known throughout an IT team, then it becomes just too easy for a person to find the access they require.”
SC Magazine UK, March 2015
 "Indeed, Lieberman describes the attack as an excellent example of how ineffective firewalls and end-point protection is in the real world. 'The only mitigation is to accept the new reality and toughen the interior of the environment with changes in network design (air gaps), aggressive proactive identity management to implement privilege access and least privilege so as to survive these attacks' Lieberman insists."
Consumers Digest, March 2015
"Consumers who didn’t purchase an Internet protocol, or IP, camera that encrypts data should change the default password on their camera to something that's difficult to guess, says Philip Lieberman, who is the president of security-management company Lieberman Software."
Dark Reading, March 2015
“As with most failed security scenarios, the core problem is not technology, but is in fact a lack of leadership and culture," says Philip Lieberman, president of Lieberman Software. "The refusal to allow the OIG to scan their systems should have been a warning flag that OIG should have publicly published as a public service to Anthem customers."
InfoSecurity, March 2015
"However, Phil Lieberman, CEO of Lieberman Software, cautioned that the [FREAK] attack is a “more or less a hypothetical threat” requiring a “a sophisticated attacker with a set of tools and technology not in common use.”
Vigilance, March 2015
"The interoperable solution...will help organizations manage, control and enforce both privileged and end user access to applications, systems and data across the enterprise and the cloud, all in a single unified platform."
Entrepreneur, February 2015
"The Lieberman Password Manager finds and strengthens server passwords, encrypts themand stores them in a database. Not only does it create complex passwords that staff don’t need to memorize and support common multi-factor authentication tools, it’s surprisingly easy to maintain once installed."
Pro Security Zone, January 2015
"With the new pooled service account rotation feature in Lieberman Software’s Enterprise Random Password Manager (ERPM), users can reliably configure privileged password changes on a continuous basis. This feature significantly lowers the risk of lockouts and cascading system failures caused when password updates for service and process accounts don’t reach every place on the network where those accounts are referenced."
Vigiliance Security Magazine, January 2015
"Skeleton key malware shows the need for privileged access management and session recording technology."
TechWorld, January 2015
"A recent survey of attendees of August’s Black Hat Show by Lieberman Software found that 58 percent believe enterprises are “losing the battle” against state-sponsored attacks. Seventy-four percent were not sure their own networks hadn’t already been breached by such foes." A recent survey of attendees of August’s Black Hat Show by Lieberman Software found that 58 percent believe enterprises are “losing the battle” against state-sponsored attacks. Seventy-four percent were not sure their own networks hadn’t already been breached by such foes.
Computing, January 2015
"...it is easy to modify malware to contain attribution addresses - proper tradecraft uses only anonymous proxies within embedded malware."The real question, said Lieberman, is "whether national security assets reveal intercepted IP traffic (i.e. packets) from North Korea exists regarding these events, that show positive command and control being initiated by North Korea".