Mickey Bresman, CEO of Semperis, pulled no punches about the challenges that artificial intelligence (AI) and hybrid environments pose to cybersecurity professionals today.
“The world is hybrid, and the world will remain hybrid for a very long period of time,” Bresman said. That’s why traditional approaches to identity management are falling short, he said.
(Note: Video above is Mickey Bresman, CEO co-founder of Semperis interviewed by SC Media's Paul Wagenseil at the Semperis 2024 Hybrid Identity Protection (HIP) conference. A transcript of the interview follows below.)
Speaking to SC Media at the Hybrid Identity Protection (HIP) conference in New Orleans earlier this week, Bresman said identity-driven resilience is not just an option but a necessity for navigating the evolving cybersecurity landscape.
Core to Bresman argument is that management and security of digital identities across a mix of on-premises and cloud environments demand a corresponding hybrid identity approach. This he said will ensure consistent authentication, authorization, and access control regardless of where resources or data reside.
[For additional coverage of Semperis' 2024 Hybrid Identity Protection (HIP) conference see additional coverage: Semperis HIP conference Day One: Microsoft mea culpa, a call for cybersecurity coalitions and Semperis HIP conference Day Two: Ransomware, resilience and identity reckoning]
"If you're running a virtual machine in AWS or Azure, (those cloud instances) are still part of your environment," he explained, stressing the importance of comprehensive security strategies that address both on-prem and cloud assets.
Bresman detailed the evolution of Semperis's offerings, which began with a focus on disaster recovery for Active Directory (AD) but have expanded to include proactive cyber defense measures.
"We started by saying, look, if eventually a company has something on-prem that relies on AD, and then they expand to the cloud, they need to understand what's happening inside of those identity stores," Bresman noted.
He emphasized the importance of leveraging identity to build what he calls "identity-driven cyber resilience," which extends protection to SaaS applications as well.
A significant portion of Bresman's discussion with SC Media revolved around the role of artificial intelligence (AI) and automation in cybersecurity.
"We're seeing both the defenders and the bad guys getting more sophisticated with AI," Bresman said. He predicted that many manual tasks currently performed by cybersecurity teams will soon be automated, making defenses faster and more efficient, capable of anticipating threats in ways that traditional methods simply cannot.
AI as an Identity Silver Bullet
However, Bresman cautioned that AI, while powerful, introduces its own challenges, particularly when managing hybrid identity and authorization structures. “AI can help us make sense of vast amounts of data,” Bresman said, “but it also requires us to rethink how we approach identity governance across different systems.”
He said many organizations are struggling with permission structures. "What works in Salesforce might not align with DocuSign, and that can lead to unintended access," he said. His point is AI can do the heavy lifting bridging and harmonize permissions between two disparate SaaS applications, but AI is not yet the panacea many want it to be and needs oversight and checks and balances.
There is a need for a universal human manager to streamline and secure these processes, he said.
Actively Targeted: Active Directory
Bresman also urged IT security professionals to read the recent report (PDF) from the Five Eyes intelligence alliance, which identified common attack vectors targeting AD.
"In nine out of ten attacks, Active Directory is going to be a target," Bresman said, stressing the importance of addressing (AD) misconfigurations that could leave organizations vulnerable. Misconfigurations include overly permissive access control, failure to implement principle of least privilege, using legacy protocols, poorly designed trust relationships and lack of auding and monitoring.
Bresman's insights reflected Semperis' mission to enhance identity protection and cyber resilience, not only through its' technology but also by fostering a community dedicated to solving these pressing issues.
"It's a journey," Bresman concluded. "We're not just looking at what's happening today; we're building the tools and strategies that organizations will need to stay resilient in the future."
Transcript of Interview Between SC Media and Mickey Bresman
What follows is an edited transcript of Mickey Bresman's interview with SC Media at the Hybrid Identity Protection Conference earlier this week. See the entire interview and watch the video above.
SC Media: Mickey, thank you for joining us today. Let's start with the big picture—what do you see as the key challenge for cybersecurity in a hybrid world?
Mickey Bresman: Thanks for having me. The world is hybrid, and the world will remain hybrid for a very long period of time. Most organizations today are managing a mix of on-premises and cloud systems, and that mix brings its own unique challenges. One of the biggest is understanding and protecting identity stores across these environments. If you're running a virtual machine in AWS or Azure, it's still part of your environment, and the need for security doesn't stop just because it's in the cloud.
SC Media: That makes sense. It sounds like Semperis has evolved its focus over the years. Can you talk about that evolution?
Mickey Bresman: Absolutely. We started with a focus on disaster recovery for Active Directory (AD) because we saw that as a huge vulnerability for organizations. If AD goes down, everything stops—it's the core of the IT environment. But over time, we realized that just focusing on recovery wasn't enough. We needed to expand into proactive defense measures. So now, we're not just helping organizations recover from an attack; we're helping them prevent it in the first place. We call it "identity-driven cyber resilience." It's about leveraging identity to extend protection to SaaS applications and beyond.
SC Media: You mentioned AI and automation during your keynote. How do you see those playing a role in cybersecurity?
Mickey Bresman: AI is a game-changer, no doubt. We're seeing both the defenders and the bad guys getting more sophisticated with AI. For us, it's about automating the tasks that are currently taking up a lot of time for cybersecurity teams—things like threat detection, analysis, and even some response actions. AI can make these processes not only faster but also more predictive. It helps us anticipate threats before they become incidents. But it's not without its challenges. AI also requires us to rethink how we approach identity governance, especially in hybrid environments. You have different systems—Salesforce, DocuSign, you name it—and what works in one doesn't necessarily align with another. That's where AI can help make sense of it all, but it also means we need a universal approach to managing those permissions.
SC Media: You brought up the recent Five Eyes report. Can you elaborate on why Active Directory remains such a popular target?
Mickey Bresman: Sure. The report made it pretty clear—nine out of ten cyberattacks are going to target Active Directory in some form. AD is such an attractive target because it controls everything: user authentication, permissions, access to resources. If an attacker gets into AD, they basically have the keys to the kingdom. The problem is that AD was built in an era when the threat landscape was very different. Today, with hybrid environments, the attack surface has grown, and misconfigurations are all too common. Things like overly permissive access controls, legacy protocols, and a lack of proper monitoring make it easy for attackers to find a way in. That's why we stress the importance of not just patching vulnerabilities but also addressing these fundamental misconfigurations.
SC Media: What's next for Semperis in this space?
Mickey Bresman: It's a journey, like I said. We're not just looking at what's happening today; we're focused on building the tools and strategies that organizations will need to stay resilient in the future. We want to continue pushing the boundaries of identity protection and make sure that as the world continues to evolve, our solutions evolve with it. Hybrid environments are complex, but with the right strategies in place, we can make them secure.
