In the News: 2014

  • SC Magazine UK, October 2014

    SC Magazine UK article about defending against APTsA new survey from Lieberman Software reveals that almost eight in ten IT security professionals believe that perimeter security technologies like firewalls and anti-malware solutions are sufficient in defending against advanced persistent threats (APTs).
  • Help Net Security, October 2014

    Help Net Security article on APTs"The survey, which was carried out at Black Hat USA in August 2014, also revealed that 22 percent of those surveyed do not think that tools like firewalls and antivirus are able to defend against APTs. However, given the surge in organisations suffering advanced targeted cyber attacks, this number should have been much higher."
  • Dark Reading, October 2014

    Dark Reading article about AT&T breach"The AT&T breach highlights the need for automated systems to not only monitor access to sensitive systems but also to limit how much access to data an employee can accumulate, Lieberman says."
  • Windows IT Pro, October 2014

    Windows IT Pro article on SSL 3.0 bugCybersecurity expert Philip Lieberman, President of Lieberman Software, has this to say on the matter: "Failure to use sufficiently powerful and automated privilege management software and technologies makes these zero day attacks very effective for persistent access even after the vulnerabilities have been patched.  Those companies that attempt to manage passwords, keys and certificates by hand will be victimized after these vulnerabilities have been patched."
  • SC-Magazine, October 2014

    SC Magazine article on defending against APTsCommenting on the survey findings, Philip Lieberman, Lieberman Software's president, said that cyber-attacks are evolving at an astounding pace and, because of this, we - as an industry - are constantly facing extremely sophisticated attacks, something which we have never witnessed before. "Organisations need to take this threat seriously, they cannot stop these attacks - and building taller and thicker walls won't keep the hordes out," he explained.
  • InfoSecurity, October 2014

    Info Security article on state-sponsored cyber attacksHowever, Lieberman Software EMEA director, Roy Duckles, warned that if companies “think” they might have been breached, they probably have been. “The effect of a breach is often silent, in that a company has no way of knowing who has been in their network, for how long and what has been taken,” he told Infosecurity.
  • SC Magazine, October 2014

    SC Magazine article on service account passwords"...a study by Los Angeles-based Lieberman Software found that only 53 percent of organizations update their account service and process account passwords on a quarterly basis."
  • Dark Rreading, September 2014

    Dark Reading article about Shellshock"I see this as a failure in the mindset of the open-source community where everyone waits for everyone else to do something or find something," says Chris Stoneff, director of professional services for Lieberman Software. "One of the interesting things happening with so much bashing of closed-source projects like Microsoft and the embrace of more open software like Linux and OSX is how much visibility Linux and OSX have gained in recent years to would-be attackers. It has shone a light on one of the biggest lies perpetrated on people: We are not vulnerable because we don't use Microsoft. Well, the proof is now here, and it's time for Linux and OSX and UNIX to take some heat."
  • ChannelWeb, September 2014

    ChannelWeb article about CARMAs part of that portfolio, Lieberman Software can provide the privileged identity management, access control, and password management aspect. "It manages access to everything from tin to Twitter when it comes to admin passwords," Duckles points out. "And if you don't manage them, you are going to get breached."
  • Time, September 2014

    Time Magazine article on celebrity photo hack"Lieberman said that for hackings in the commercial world, the average time the hacker or hackers have spent in the system is 200 days. This suggests the intruders could’ve had months to amass a large collection of explicit photos."
  • InfoSecurity Magazine, September 2014

    Info Security article about state-sponsored cyber attacks"When Lieberman Software conducted a similar survey at Black Hat 2013, the majority of respondents (57%) revealed they were confident that their organization's security products and processes could keep up with new and emerging security threats. However, in the 2014 study, this figure dropped significantly, to only 41%."
  • SC Magzine UK, September 2014

    SC Magazine article about stae-sponsored cyber attacks"A new survey conducted by Lieberman Software at BlackHat USA, reveals a general lack of confidence among IT security professionals when it comes to the threat of advanced, state-sponsored attacks and the susceptibility of today's networks."
  • DarkReading, September 2014

    Dark Reading article about state-sponsored cyber attacks"Conducted among Black Hat attendees by Lieberman Software, the survey asked infosec professionals about their organizations' readiness to respond to state-sponsored and other advanced attacks. The study found that 59% of respondents believe their organizations are likely to be the target of a state-sponsored attack sometime in the next six months."
  • Channelnomics, September 2014

    Channelnomics article about state-sponsored cyber attacks"The latest report comes from Lieberman Software, a provider of privilege-management products. After surveying IT security professionals at Black Hat USA 2014—mostly about state-sponsored cyber-attacks—the company came up with some disconcerting stats."
  • Continuity Central, September 2014

    Continuity Central article about state-sponsored cyber attacks"As new cyber attacks continue to emerge, 48 percent of IT security professionals admit they are not confident that they could detect an attacker attempting to breach their network, according to a new survey from Lieberman Software Corporation."
  • Search AWS, September 2014

    Tech Target article about AWS cloud securityIn fact, 33.21% of those participating in Lieberman Software's 2014 Cloud Security Survey said government snooping deters them from keeping data in the cloud, and 79.64% of survey respondents choose to keep their sensitive data on their organization's network rather than in the cloud. Yet, that's still better than the 86% who, in 2012, said they preferred to keep sensitive data on their own network.
  • CRN UK, September 2014

    CRN UK article about privilege management channel growthLieberman Software claims the Edward Snowden scandal has driven resellers into its arms after signing up 30 European partners.
  • HelpNet Security, September 2014

    HelpNet Security article about Home Depot breachPhilip Lieberman, CEO of Lieberman Software, said that he was not surprised this has happened. "We were in contact with them many years ago trying to convince them to implement automation technology to rotate their passwords, but they chose to implement a less expensive and inferior solution from an off-shore company. The rest of the targets in the listed article by Krebs purchased the same ineffective technology from the same off-shore company with similar results.”
  • Los Angeles Times, September 2014

    LA Times article about celebrity iCloud hackHowever, security expert Phil Lieberman, founder and president of Lieberman Software, said "Apple [is] correct when they say their system wasn’t breached in that no one gained universal access. They, however did have poorly implemented security that allowed this. This is like someone selling you a cheap lock. It's pretty embarrassing. This is Security 101."
  • TechZone360, September 2014

    TechZone 360 article about celebrity iCloud hackI have picked one of my favorites on the topic of the day since it encapsulates the thoughts of almost everyone who contacted me, along with a statement from Apple...From a security professional perspective, there was interestingly a consensus of opinion on this one. The quote that represents the consensus and also adds a bit of granularity to what happened was one I received from Philip Lieberman, President and CEO, Lieberman Software.
  • Dark Reading, September 2014

    Dark Reading article on celebrity iCloud hackPhil Lieberman, president and CEO of Lieberman Software, says the attack came in two waves, starting with getting the email addresses of the celebrity targets. "The second part of the attack was understanding that the iCloud service had a flaw that allowed an unlimited number of bad password attempts without lockout or alerting," he says, so the attackers were able to ultimate brute-force the password.
  • International Business Times, August 2014

    International Business Times article on JPMorgan Chase hack"The ability to overcome the typical financial defence-in-depth strategy outlined by JP Morgan points to capabilities that go beyond criminal activity and are in the realm of nation state capabilities. JP Morgan and similar entities employ sufficient technology to protect themselves from criminals, but typically fail to invest enough in technology and process to shield themselves from nation state's ability to access their systems at will," Philip Lieberman, CEO of Lieberman Software told IBTimes UK.
  • Computerworld, August 2014

    ComputerworldThings will probably have to get worse before it starts getting better, said Phil Lieberman, president of Lieberman Software, a security vendor. "It will take a Target type of episode where a healthcare provider and their C-suite face demise due to the damage they have caused to their entire population of patients to get some providers to wake up," and invest in real security, Lieberman said.
  • USA-Today, August 2014

    USA Today article about healthcare data breaches"Too few health care companies invest in computer security, said Philip Lieberman, president of Lieberman Software in Los Angeles. He noted the FBI had warned health care companies in April that the sector's cybersecurity was lax. HIPAA does little to protect patients and offers companies little incentive to invest in computer security — and too many haven't done so, he said."
  • The Register, August 2014

    The Register article about SuperValu hack"This is another example of an incompetent retail CEO incapable of providing leadership and process to secure their organization. Just as the CEO must manage his staff and assets, the CEO is responsible for protecting the security of his network and his customers," said Philip Lieberman, president of security firm Lieberman Software.
  • USA Today, August 2014

    USA Today article about Russian credentials theftSecurity expert Phil Lieberman, CEO of Lieberman Software, thinks the theft may be more of a warning or a veiled threat from the Russians. "I think this is a political statement rather than a security threat," he said. "I think there is a message being sent and the message is: Watch out."
  • TechNewsWorld, August 2014

    TechNewsWorld article about hacking airplanesCompromising in-cabin entertainment and WiFi systems is "possible and probable," Philip Lieberman, president of Lieberman Software, told TechNewsWorld. "Passengers have been able to screw with other passengers on shared communication systems since the beginning."
  • Security Daily, August 2014

    Security Daily article on service account securityCommenting on these findings Lieberman said, “The organizations that choose not to update service and process account passwords because they are worried about causing outages, and believe the consequences of a cyber attack would be less severe than downtime, obviously do not understand how damaging a cyber attack can be and this points out a very worrying lack of awareness.
  • SC Magazine, July 2014

    SC Magazine article about service account managementPhilip Lieberman, CEO of privileged identity management firm Lieberman Software, told SCMagazine.com in a Friday interview that the “concept of persistent administrative access,” is one of the “biggest threats” to companies, particularly as they work to stave off cyber attacks. He added that privileged access, without proper management, was a crucial part of the advanced persistent threat (APT) attack methodology.
  • Law Technology News, July 2014

    Law Technology News about privilege managementKelley Drye uses the Enterprise Random Password Manager from Los Angeles-based Lieberman Software Corp. to fortify the firm’s Active Directory, Flournoy said. In addition, “hardening domain controllers is key,” she said.
  • Information Age, July 2014

    Information Age"IT security professionals are gambling with the security of their organisations by failing to update important service and process account passwords on a regular basis, with almost 15% admitting to either never updating passwords or only updating them annually, a new survey from Lieberman Software Corporation has revealed."
  • ZDNet, July 2014

    ZDNet artilce about password security"Indeed, Lieberman Software's recent 2014 Information Security Survey found that more than 13 percent of respondents could still access a previous employer's systems with their old credentials. The survey points out other discouraging indications of bad policy."
  • Business News Daily, July 2014

    Business News Daily on protecting privileged accessWhen designing security and access for contractors, use a privilege management system — also known as Privileged Identity Management (PIM) — to limit their access to only one machine at a time for administrator access.  PIM systems can also force employees and contractors to complete an automated approval process before gaining access to sensitive systems.
  • Security Daily, June 2014

    Security Daily article on advanced persistent threat defen“The key to privilege management is the ability to automatically discover and remediate security breaches before cyber attackers can exploit them,” Lieberman said.
  • SearchSecurity, June 2014

    Search Security video on privileged account management"There is an entirely different class of identity, known as the super user accounts," said Philip Lieberman, president and chief executive officer of Lieberman Software, in an interview with SearchSecurity at the 2014 RSA Conference. "These are also sometimes called root or administrator, but these are generic accounts. There are also cases where regular user accounts have taken on different attributes or additional power, and in fact have become pseudo super user accounts. [You] would have a user name, which might be associated with a service."
  • PC World, June 2014

    PC World article about CodeSpaces hack"Security incidents like the one involving Code Spaces are avoidable if companies take effective steps to apply strict automated controls to privileged access and to whitelist applications, said Calum MacLeod, vice president of EMEA at Lieberman Software."
  • Wall Street Journal, June 2014

    Wall Street Journal article on IT security researchMore than 13% of the IT security professionals asked by Lieberman Software Corp. said they are still able to access previous employers’ systems using their old credentials.
  • IT Manager Daily, June 2014

    IT Manager Daily about privilege management policyCompanies are also dropping the ball when it comes to keeping security fresh. According to Lieberman Software, nearly a quarter of respondents said they change their passwords less frequently than the recommended 90-day timeframe.
  • FierceCIO, June 2014

    FierceCIO article about insider threatsInsider threats remain one of the greatest concerns to IT security, but a new study finds that former IT security pros make up a significant risk to many organizations. A survey by Lieberman Software finds that 13 percent of IT security professionals say they can still access the systems of previous employers using their old credentials.
  • SecureIDNews, June 2014

    SecureIDNewsResults from Lieberman’s 2014 report suggest a general lack of password security and privileged access control.
  • InfoSecurity, May 2014

    Information Security article on privileged accessA fundamental lack of IT security awareness in enterprises, particularly in the arena of controlling privileged logins, is potentially paving the way for a further wave of data breaches.
  • SC Magazine, May 2014

    SC Magazine article about administrator access of former employees"Lieberman Software also found that nearly 20 percent either do not have, or don't know if their organizations have, a policy for cutting off access to employees and contractors when they leave the company."
  • TechZone 360, May 2014

    Tech Zone article about password security surveyTonight is the night that NBC will air an exclusive interview done in Moscow recently by anchor Brian Williams with NSA leaker Edward Snowden. The reason to mention this is that it provides interesting context for the new “Information Security Survey 2014” from identity management solutions provider Lieberman Software on the subject of the use/abuse of credentials.
  • We Live Security, May 2014

    We Live Security article on password securityPhilip Lieberman, CEO and President of Lieberman Software, said: “The results of this research shows that a fundamental lack of IT security awareness in enterprises, particularly in the arena of controlling privileged logins, is potentially paving the way for a further wave of data breaches.”
  • TweakTown, May 2014

    TweakTown article about password security"...nearly one in four security specialists admit that their companies don't update process passwords within 90 days, despite regulations recommending the practice, according to the Lieberman Software survey conducted during RSA Conference 2014."
  • Network World, May 2014

    Network World writes about privileged user management from Lieberman Software"New privileged user management (PUM) capabilities for cross-platform applications, a broad array of cloud provider portals, SaaS vendors and social media platforms."
  • ProSecurity Zone, May 2014

    ProSecurityZone"With ERPM’s new application launcher, users can access remote applications and web sites through a secure local server."
  • CRN UK, May 2014

    CRN article about Lieberman Software channel program."Duckles claimed that momentum is building behind the privileged identity market – which he estimated is currently worth $100m (£59m) to $200m – following large-scale breaches at retailers such as Target and Tesco. According to Kuppingercole, Lieberman is a "clear leader" in the market..."
  • SC Magazine UK, May 2014

    SC Magazine UK article on growing cyber security riskThis is no surprise, says Calum Macleod, VP of EMEA at Lieberman Software. “You have the minor regional stuff, such as Israel, Hezbollah, Hamas and the Syrian Electronic Army, using botnets, compromised websites, DDoS and whatever they can lay their hands on to get at each other. Throw in Stuxnet, Duqu, Flame, Uroburos, Careto and the many other variants and revelations that the NSA was complicit in cyber espionage is not exactly a ground-breaking revelation.”
  • ProSecurityZone, April 2014

    ProSecurityZone"Lieberman Software has announced significant expansion into the European market. The company is recruiting new strategic partners in the EMEA region due to the increasing number of enterprises striving to close data security holes, meet regulatory compliance mandates and reduce cyber security risk through privileged identity management software."

  • MicroScope, April 2014

    Microscope artilce about Lieberman Software channel partner program"Identity management player Lieberman Software is planning to increase its activity across Europe building on its recent investment in regional offices in the UK, Germany and the Netherlands. The security specialist not only set up regional offices but signed up distributors, including Exclusive Networks, to develop its channel network in the UK and is looking to use that footprint to widen its reach in Europe."
  • Baseline, April 2014

    Baseline article about cloud security survey"One-third of IT security professionals recently surveyed say their organization does not keep corporate data in the cloud because of fear of government snooping, according to a report from identity management vendor Lieberman Software. Instead, the study found that 80 percent of respondents prefer to store sensitive corporate data in their own networks."
  • The Guardian, April 2014

    Guardian article about Heartbleed"Network-connected devices often run a basic web server to let an administrator access online control panels," says Philip Lieberman, president of security firm Lieberman Software. "In many cases, these servers are secured using OpenSSL and their software will need updating.
  • MIT Technology Review, April 2014

    MIT Technology Review article on HeartbleedNetwork-connected devices often run a basic Web server to let an administrator access online control panels. In many cases, these servers are secured using OpenSSL and their software will need updating, says Philip Lieberman, president of security company Lieberman Software. However, this is unlikely to be a priority. “The manufacturers of these devices will not release patches for the vast majority of their devices, and consumers will patch an insignificant number of devices.”
  • Cyber Defense Magazine, April 2014

    Cyber Defense Magazine article on Lieberman Software"In our discussions, Lieberman Software's CEO discussed how Target's breach was also a common wake up call for many at the conference confirming that even at the largest companies in the world, the basics of simply having different random passwords on each device and server was not being done."
  • SC Magazine, March 2014

    SC Magazine article on cloud security surveyDelving into the report reveals that the presence of automated hacking tools means that even a small number of improperly secured resources are certain to give hackers free reign on the network – and access to customers' private data – within minutes of an incursion.

    Until now - privileged accounts and other file-based secrets have proven difficult to secure within large-scale, dynamic cloud service provider networks using human intervention and first-generation software tools.

  • Infosecurity, March 2014

    Info Security article on cloud security surveyA survey of almost 300 IT security professionals at RSA 2014 shows that trust in cloud security has increased slightly over the last 15 months – but not by very much. By February 2014 the number of professionals who prefer to keep sensitive corporate data within their own network had fallen from 86% (November 2012) to 80%.
  • CSO, February 2014

    CSO interview of Philip Lieberman"The perimeter is porous," said Lieberman. "It doesn’t mean we've lost the war. Those who are successful on the Internet, the only ones who will be successful, are those who have their eyes open and understand that whatever technology they have will have a limited lifetime of protection. The question is not whether they're going to get in but how far can they go".
  • Network World, February 2014

    Network World article on User Manager Pro Suite"Windows security management tool now supports Windows 8.1 and Windows Server 2012 R2; modifies and reports on local users, groups, registries, shares and rights in the Windows infrastructure."
  • LA Times, February 2014

    LA Times article about NIST "The framework doesn't force companies that are naive about security, or just cheap about the necessary investments, to get smart and invest appropriately," said Phil Lieberman, chief executive of Lieberman Software in Los Angeles and a cybersecurity industry veteran. "Generally fines and other penalties are about the only thing that gets companies to fix their security."
  • MicroScope, February 2014

    MicroScope article about Lieberman Software and Exclusive Networks"...Exclusive Networks has also inducted US firm Lieberman Software into its CARM initiative, becoming the first European distribution partner for the identity management specialist."
  • E-Commerce Times, February 2014

    E-Commerce Times article about Careto malwareThe Mask "sounds and looks like a big project that required a lot of time, money and resources to accomplish," Philip Lieberman, president and CEO of Lieberman Software, told TechNewsWorld. "The operation of the command and control [servers] appears to be professional," Lieberman continued. "The project appears to be run like a business with funding, technology and proper operations."

  • Channel EMEA, February 2014

    Channel EMEA article on Lieberman Software partnership with Exclusive Networks"By adding Lieberman Software to its portfolio, Exclusive Networks will enable resellers to address enterprise security concerns around customers’ privileged accounts."
  • CloudPro, January 2014

    Cloud Pro article on security in the cloud"Calum McLeod, vice president of EMEA at Lieberman Software...points out that the legacy of outages and leakages, suffered by several banks over the past few years...does not add credence to the argument that cloud presents more risks."
  • USA Today, January 2014

    USA Today article on the Target data breach"In this guest essay, Philip Lieberman, CEO of Lieberman Software, outlines the potential ongoing collateral damage for Target – and its customers."
  • TechWeek Europe, January 2014

    TechWeek Europe interview of Calum MacLeod"Calum McLeod is EMEA vice president of security firm Lieberman Software, but he started in the days of mainframes. He may have set off with a holy ambition but was quickly seduced to piracy…"
  • San Jose Mercury News, January 2014

    San Jose Mercury NewsThat's largely because they refuse to spend what's needed to keep hackers at bay, said security expert Philip Lieberman of Lieberman Software. "They don't care," he said. "They've made a calculated decision that it's cheaper to take this hit than to implement the systems to fix it. I've had this conversation with CEOs of many large retailers."



Live chat by SightMax