An in-depth conversation with Rezonate CEO Roy Akerman on the future of identity security, cloud challenges, and adaptive AI-driven solutions in the cybersecurity landscape.
Roy, could you start by sharing your journey from your role in Israeli cyber defense to co-founding Rezonate and your vision for the company?
Yes, thank you for the opportunity to share. I headed Israeli Cyber Defense Operations, where I was responsible for defending Israel’s critical infrastructure and public companies against cyber attacks, cyber terror, and digital espionage. My mission during over 20 years of service was to develop cutting-edge technology and lead cyber defense operations. I was also part of the founding team of NISA, Israel’s equivalent of the NSA, and established alliances with numerous countries and business partners.
I moved to Boston eight years ago to pursue my MBA at MIT Sloan. Following that, I served as the VP of Product Incubation at Cybereason. I founded three market-changing lines of business, including Cybereason’s flagship XDR product and its strategic partnership with Google Cloud. My journey has always been about pushing boundaries and innovating in cybersecurity around new challenges. When we realized that identity was the new perimeter in security operations, we saw that organizations still struggle to protect it. We had many ideas for revolutionizing identity security technology, so we started Rezonate.
What do you see as the most pressing issues currently facing identity access management, and how are these challenges impacting enterprises?
The shift to the cloud has been monumental, even accelerating during economic downturns for cost-saving and efficiency. Traditional endpoint and network-centric security needed to evolve to include cloud-forward environments. Users and machines have become the new focal points for both defenders and attackers. With 85% of attacks stemming from compromised identities, legacy systems cannot sufficiently protect them. That’s why my partner, Ori Amiga, and I saw a unique opportunity to challenge these outdated approaches on both the cybersecurity and identity and access (IAM) sides with an innovative identity-centric security solution, leading to the founding of Rezonate.
In what ways are adversaries leveraging the sheer volume of security alerts and overstretched security teams to their advantage?
We see new breaches in the headlines weekly. Not only businesses in finance, healthcare, hospitality, manufacturing, and media but also tech companies, like Okta, GitHub, Snowflake, Microsoft, and even MITRE, and CISA have been impacted.
With the shift to the cloud, permission and access management has been dispersed leaving organizations more vulnerable to attacks. Siloed, disparate systems, and management make it difficult to have the right view of risk and context to make real-time, effective security and access decisions. They cannot be made in a vacuum. Attackers know this and use this to their advantage because security and IAM teams are struggling to be able to see everything and act quickly. And, they lack the context to make sound decisions. These access blind spots are debilitating nd teh attackers know it.
Many organizations are struggling to ensure the access management basics are being enforced (i.e., MFA) and attackers are getting around every new security tool or layer that’s implemented. Recently, we’re seeing attackers get around passwordless MFA even. The larger IGA vendors have been more focused on automating user lifecycle management and administration, compliance reporting, roles, rules, and policies, but again, when this is happening in a silo, the organizations are still at risk.
A lot of the identity security is deployed and managed is less adaptive, more rules- and role-based ways that just don’t adapt to the dynamic environment we’re now operating. This rigid approach to identity security makes it easier for attackers to outsmart and outpace organizations that are bound by legacy IAM tools. They simply lack the ability to implement proactive and real-time security actionability.
How can organizations better expand their visibility into their own data, identities, and access management systems to enhance their security posture?
A comprehensive view of all human and non-human identities is critical to a successful identity security program. Detailed insights into privileges, entitlements, activities and risk profiles provide context and intelligence to make decisions about access. With visibility comes continuous monitoring to identify shadow IAM, high-risk identities, and misconfigurations across cloud platforms and SaaS applications.
For security, you need this holistic view to detect and respond to identity threats as they occur – time is critical. You need a complete picture of any identity to understand the blast radius, quickly address an attack, and get to the root cause.
Also, going beyond security and looking at how you can pass audits and comply with regulations, you need to track and monitor what your users and machines have access to, what they’re doing with that access, and if it’s appropriate to their role.
Can you explain the role of identity security posture management (ISPM) and its importance in today’s security landscape?
Identity security posture management is critical for reducing your identity attack surface. Understanding what your security controls are, monitoring identities to ensure they have the least privileged access, and being able to remediate access automatically when a risk or threat is detected. ISPM helps you identify and prioritize high-risk identities: Spots accounts with excess privileges, dormant accounts, misconfigured access, and elevated risk profiles. Posture management also streamlines the remediation process. Implementing ISPM supports regulatory compliance, enhances audit performance, and ensures effective policy enforcement. It also helps organizations to continuously monitor security issues and enforce best practices and policies.
How does Rezonate’s approach to identity threat detection and response (ITDR) differ from traditional methods, and what benefits does it offer?
It starts with the granular visibility we provide into the identities, privileges, entitlement, behavior, and risk profiles. This uniquely enables risk-driven actionability with proactive identification and remediation of security threats. Our platform leverages AI and advanced analytics to detect and respond to threats faster than traditional methods, outpacing attackers who exploit siloed security practices. It quickly detects and blocks attempts by internal and external malicious actors to take over user and machine identities. Our mission is to outpace the attackers, stopping threats of data exfiltration, cryptolocking, ransomware, and resource abuse before they escalate or achieve lateral movement.
What are some effective strategies for organizations to address the current crisis in identity access management?
Leverage the tools you have. Ensure your security settings, including MFA enforcement for critical apps and privileged users, are properly configured. This can be where much of your security efforts are overlooked and leave you exposed. An identity security posture management solution will help detect these issues and enable you to remediate quickly.
Eliminate blind spots. Get a unified view across all your identities and systems to properly understand risk and context, make better access decisions, and save time when there is a breach or an audit. Trying to piece together data points for all of your human and non-human identities across a dynamic, ever-expanding identity fabric slows you down and leaves opportunities for attackers.
Keep your identity data clean. Don’t leave the door open. Be proactive and implement ISPM and ITDR tools. These can provide visibility into the behaviors, privileges, and risk profiles of your identities, as well as help you find and secure dormant or redundant accounts. This way, you can shut down potential attack vectors before threat actors catch the scent.
Implement a strong ITDR solution that continuously monitors all your cloud, SaaS, and IDP platforms. This will give you visibility over your authentication and authorization processes, resources, and identity sessions, privileges, and behaviors, while providing actionable insights and analysis from multiple sources of data. Even better – choose a tool that offers automated features to speed up your threat investigation and response efforts.
Optimize privileges and access policies. Implement strong session policies and access rights to minimize the risk of unauthorized data exposure or breaches. Employ zero trust within your networks and establish least privilege across all your identities to restrict dangerous activity within your network. This will help prevent attackers from moving laterally and escalating their privileges to reach dangerous levels of influence.
Don’t forget about the non-human identities. Many of the identity-based attacks were successful with entry coming from a service account or other non-human identity. Organizations must monitor and protect their programmable access credentials including API keys, OAuth tokens, service accounts, service principals, and cryptographic keys, and the humans who create them. Rezonate unifies identity security for humans and non-human entities to help ensure complete protection.
How does AI contribute to identity-centric security, and what specific advancements in AI are making a difference in this field?
AI offers hope for SecOps and IAM teams to jointly navigate the intricacies of identity security. From proactive identity threat detection to adaptive identity and access security, AI is revolutionizing how organizations defend against these identity-driven attacks and manage the dynamic nature of digital identities by providing unparalleled capabilities that transcend human limitations in speed, scalability, and predictive accuracy. It’s not something that organizations can adopt overnight, but we recommend a crawl, walk, and run approach. Start using an AI assistant for identity security to help you run queries and make access recommendations. From there, you can start to automate tasks based on these queries and recommendations when you are comfortable. It’s a great way to offload overstretched teams and reduce errors made by humans who have too much ground to cover in a day.
With Rezonate’s headquarters in Tel Aviv and a US office in Boston, how does the company leverage its global presence to address identity security challenges?
Our global presence offers a unique blend of perspectives and expertise. We’re focused on key regions, including North America, Europe, South Africa, and Australia, where we have strong coverage through both our team and our strategic partners. This reach enables us to stay ahead of emerging threats and adapt to the evolving security and compliance needs of organizations in these regions. Our global presence also ensures we can deliver incredible support with localized insights, helping our customers stay secure no matter where they operate.
Looking ahead, what are your goals for Rezonate in terms of innovation and growth, and how do you plan to continue evolving in the identity-first security space?
We are constantly iterating and improving the platform’s core capabilities, expanding our integrations into more applications and platforms. We are providing more features and capabilities for non-human identity security. We are introducing more capabilities to address identity governance concerns and enable our customers to tackle the “messy middle” of identity lifecycle management. And, of course, we are excited to continue innovating with ZOE, our identity security AI assistant, which we launched in July 2024.
Roy Akerman
CEO and Co-founder, Rezonate
Roy Akerman is the co-founder and CEO of Rezonate – creator of the revolutionized identity-centric security platform, and the former chief of cyber defense operations for the Israeli Government and for Israel’s critical infrastructure (2001-2017).
Prior to Rezonate, Roy served as VP of Product and Innovation at Cybereason, responsible for growing 3 new business lines on cloud security, mobile defense, and XDR. Roy is leading product incubations and new business initiatives, fusing the practices of advanced Technology, Psychology, and Business in forming new disruptive products and anti-disciplinary innovation teams. Akerman is blending business and innovation practices acquired in his MIT and business journey with problem-solving and tech approaches based on his Government and Military experience.
Roy has 20 years of experience in Cybersecurity, as one of the senior leaders and founders of NISA – the Israeli Equivalent to the NSA/Cyber Command, retired as the chief of global cyber operations. In this role, Roy and his teams ran global counter-cyber defense operations for Israel’s Cyber Defense, built cutting-edge cyber security tech. They established partnerships and alliances with numerous states and business partners.
About Rezonate:
Rezonate is at the forefront of identity-centric security, providing innovative, all-in-one solutions that empower organizations to protect their identities in the cloud. Focusing on identity risk mitigation, continuous compliance, and rapid threat detection and response, Rezonate ensures that businesses of all sizes can secure their environments and achieve peace of mind.
