CyberArk, Device Authority & Microsoft enhance IoT security

Today

CyberArk and Device Authority have partnered with Microsoft to deliver a solution aimed at enhancing secure device authentication for manufacturers by incorporating Zero Trust principles.

The manufacturing industry is undergoing significant digital transformation, driven by the convergence of the Internet of Things (IoT) and Operational Technology (OT), resulting in numerous connected devices intended to optimise operations. Each connected device presents potential cybersecurity vulnerabilities.

The NIST reference architecture for IoT, introduced in May 2024, outlines a structured approach for secure onboarding, continuous device management, and threat monitoring throughout the device lifecycle. The collaboration among Microsoft, CyberArk, and Device Authority aims to translate this framework into practical and scalable solutions for organisations.

Each partner contributes unique capabilities to the end-to-end solution architecture for NIST compliance. Microsoft provides secure and scalable device management and real-time monitoring through Microsoft Azure IoT and Defender for IoT. This is bolstered by the cloud-edge integration, ensuring consistent device security even in air-gapped remote environments.

CyberArk's privileged access management capabilities are utilised to restrict unauthorised human access to critical devices and systems, enforcing user and device security policies efficiently by minimising the need for manual human intervention, which can often be error-prone and time-consuming.

Device Authority offers automation in secure device onboarding, identity credentialing, and encryption processes. This reduces human error, accelerates incident response, and maintains data integrity across the connected ecosystem.

Darron Antill, CEO of Device Authority, stated, "Manufacturers often face unique security challenges, particularly at the edge, where devices operate in remote or decentralised locations. Edge environments introduce added vulnerabilities thanks to high device density, varying network connectivity, and intermittent monitoring, but there is still the need for real-time decision-making. This complex environment requires a solution operating across widely dispersed devices and locations to help ensure device and data security and operational continuity. Our joint solution addresses these challenges with a unified solution that enables manufacturers to protect devices from malicious access and maintain operational resilience, even in the most distributed settings."

Clarence Hinton, Chief Strategy Officer at CyberArk, remarked, "The complexity of the security challenges faced by manufacturers, in particular, means that no single solution can enable an organisation to be fully compliant with important NIST guidelines, while creating a piecemeal solution is impractical. By joining forces, we are smoothing the way for people to implement NIST compliance best practices, extending privileged access management controls across the entire spectrum of identities."

Dayan Rodriquez, Corporate Vice President of Manufacturing & Mobility at Microsoft, concluded, "As connected technologies become more embedded in manufacturers operations, protecting these devices is critical. This collaboration provides manufacturers with a comprehensive approach to their IoT security, directly aligned with NIST's latest guidelines. With an ecosystem-based security solution, manufacturers can protect their operations from the factory floor to the edge, ensuring regulatory compliance and resilience against cyber threats."

Share on: