In an era characterized by relentless cyberattacks, Rubrik (NYSE: RBRK) has publicly unveiled its innovative solution, Identity Resilience. This new offering is strategically designed to enhance security across the entire identity ecosystem, alongside data protection efforts. The primary objective of Identity Resilience is to safeguard critical entry points for cyber criminals, namely human and non-human identities (NHIs), thereby enabling organizations to sustain operations while minimizing downtime during potential security breaches.
The introduction of Identity Resilience aims to fill a significant gap in enterprise security infrastructures. Identity systems, which a large majority of organizations rely upon, have increasingly become prime targets for hackers. When these systems are compromised, attackers can gain access to sensitive data and credentials that are vital for organizational functioning. Moreover, any disruption to these identity systems can severely hinder cyber recovery initiatives, making it imperative to secure this fragile authentication backbone that supports virtually every major enterprise.
Mike Tornincasa, Rubrik’s Chief Business Officer, expressed the urgency of addressing identity protection in today’s cyber landscape. He stated, “Identity systems are not only complex and hard to manage, but they have also become the primary gateway for attackers aiming to access an organisation’s valuable data.” Tornincasa emphasized the company’s commitment to bolstering identity protection. Rubrik is dedicated to helping organizations detect threats targeting identities and proactively mitigating identity-related risks, paralleling their established success in data security.
Understanding the significance of securing identities is crucial in the context of cyber threats. A recent report by the Cybersecurity and Infrastructure Security Agency (CISA) highlighted that a staggering 90% of cyberattacks on critical infrastructure initiate with an identity compromise. Such breaches often lead to privilege escalations, allowing attackers to maneuver laterally within an organization, frequently reaching valuable corporate data. These threats tend to evolve gradually, which highlights the necessity of understanding not just the identity of the attacker but also the temporal dynamics of access privileges and behaviors.
To counteract these potential threats, Rubrik’s identity solution utilizes time-series data to provide organizations with continuous visibility over shifts in identity status. This feature is crucial for early detection of suspicious activities that could indicate a security breach.
In addition to monitoring human identities, Rubrik’s forthcoming solution also aims to cover NHIs, which include machines utilizing service accounts and access tokens. Notably, NHIs outnumber human identities, and their complexity presents a significant challenge for organizations. The risks associated with NHIs have been increasingly exploited by attackers who manipulate these accounts to gain elevated privileges. Current identity security measures often lack the capability to assess risks tied to NHIs comprehensively, making it challenging for organizations to track suspicious activities and access patterns over time.
Rubrik advocates for a holistic approach to cyber resilience by integrating identity management, identity protection, and data security into a unified framework. Many organizations currently treat these components as disparate, resulting in siloed operations led by different teams. In contrast, Rubrik’s innovative strategy seeks to unify these capabilities into a cohesive system that offers organizations a comprehensive overview of both identity and data.
The anticipated features of Identity Recovery and Identity Resilience promise to enhance recovery speed and resilience against cyber threats. Rubrik’s capabilities extend protections across hybrid environments, allowing organizations to fend off attacks earlier and restore systems to their optimal functioning more swiftly.
One key functionality is the Hybrid Protection for Active Directory (AD) and Entra ID. This feature incorporates automated recovery workflows that help organizations navigate the complexities of hybrid identity environments—such as Active Directory forests and full Entra ID tenants—more efficiently. Rubrik has streamlined the recovery process, which traditionally involved numerous manual steps, into an intuitive wizard, significantly reducing complexity and accelerating recovery times.
Another cornerstone of this offering is Comprehensive Risk Analysis for both human and non-human identities. This capability provides organizations with a unified view across identity providers, showcasing who has access to sensitive data. Through this integration, organizations are better equipped to identify dormant accounts, detect privilege escalations, and uncover risky combinations of access permissions that traditional security tools often overlook.
Moreover, Rubrik emphasizes the importance of complete identity and data context. This feature enables organizations to correlate identity information with sensitive data categories—like healthcare and financial data—providing crucial context that can enhance risk management efforts before, during, and after a cyber-attack.
Organizations looking to learn more about Rubrik’s Identity Recovery and Identity Resilience solutions can find detailed briefings during the 2025 RSA Conference, scheduled for April 28-May 1, 2025, in San Francisco. Interested parties are encouraged to register for updates and briefings on these innovative cybersecurity solutions.