Dedi Shindler, an experienced chief of staff and former commissioner of transportation and development, is turning the establishment on its head. He’s now the VP of Product at Red Access. Shindler’s background includes product management, business leadership, and security innovation. Additionally, protect the productivity of your workforce with advanced support for managing the modern risk of cyber threats that originate in browser sessions and Software as a Service (SaaS) environments, led by his charge.
Now, as organizations continue moving to the cloud and using more cloud-based applications, agencies are challenged to understand the nuanced risk areas of today’s threat landscape. What’s changed is that the target has gone from simply getting access to protecting all SaaS actions end-to-end. Shindler emphasizes that risks associated with GenAI prompts, copy/paste functionalities, exports, OAuth abuse, bulk downloads, malicious browser extensions, and post-login scripts require immediate attention.
The Shift in Cybersecurity Focus
Cybersecurity threats have changed exponentially in our new digital environment. Threats to the security of information technology are pervasive and ever-changing. As Shindler reminds us, today’s risk resides in the browser itself. The typical ways to secure access aren’t cutting it anymore. Protecting what users do inside SaaS apps must become a primary focus for organizations. This changing landscape is a result of understanding that the majority of vulnerabilities are a product of user activity on their web apps.
Today, securing the browser environment is priority number one and not just an afterthought for many cybersecurity leaders. The increasing adoption of generative AI tools presents important governance challenges. Organizations need to set clear parameters around what are secure, compliant and responsible ways of leveraging GenAI.
Additionally, applying uniform Data Loss Prevention (DLP) protections with an organization to all users, devices and use cases presents another layer of complexity. Shindler makes a great case for taking a holistic approach to Data Loss Prevention DLP. Without it, sensitive information is in danger of being improperly shared or mishandled.
Addressing BYOD and Third-Party Risks
Supplementing this is the accelerating spread of Bring Your Own Device (BYOD) policies, further complicating the cybersecurity landscape. The personal devices and access from third parties creates inherent risk that organizations need to actively manage. These factors create development weaknesses that are usually difficult to regulate. Shindler emphasizes that minimizing such risks should be top priority to ensure a safe public setting.
In order to meet these challenges, Red Access is advocating for a zero-touch security approach. This approach removes the need for user agents or browser extensions on end-user devices. This approach enables enterprises to deliver implicit security without sacrificing user experience or burdening overtaxed IT resources.
To illustrate, Shindler describes how agentless session security focuses on web and SaaS sessions right inside the browser. Routing third-party traffic through Secure Service Edge (SSE) infrastructure without agents can be unfeasible in many cases. This emphasizes the importance for modular and flexible security solutions that can work across a wide range of environments.
The Importance of Configuration Management
Yet another key pillar of cybersecurity is configuration management. According to Shindler, a single misconfigured identity can prevent users from accessing critical enterprise applications, bringing business operations to a halt and severely harming productivity. Making sure it’s configured the right way is critical to keeping these tools and systems up and running—all while staying within a secure framework.
Security leaders are now pressing for a true “one pane of glass.” They are tired of having to war room disparate systems, trying to get centralized visibility and control over their security posture. This new functionality enables organizations to track the impact of their cybersecurity efforts much more effectively. It engenders a proactive rather than reactive approach to risk management.