Apr 5, 2024 - Technology

Ivanti CEO pledges new era for cybersecurity

Illustration of a briefcase with a binary code combination lock with ones and and zeroes for options.

Illustration: Brendan Lynch/Axios

Ivanti CEO Jeff Abbott said in an open letter Wednesday that the company is revamping its core cybersecurity practices and product development cycles and is working more with federal cyber agencies.

Why it matters: Nation-state hackers recently exploited flaws in some of the company's popular remote-access tools — potentially leading to hacks of some government agencies and other companies.

What they're saying: "Ivanti is looking to set a new bar for the industry as the rapidly increasing sophistication of threat actors has pressed the network security space to rethink everything," Abbott told Axios exclusively in a statement.

  • "The path we've outlined sets a course not just for Ivanti, but for everyone who is facing this new era of security."

Zoom in: As part of the commitments, Ivanti is revamping its engineering, security and vulnerability management practices to make sure current products are fully secured.

  • The company is also implementing new "secure-by-design" principles into its production cycle, such as running security tests to ensure that products are protected from cyber threats from the beginning.
  • As part of its vulnerability management program, Ivanti is now running more thorough internal scans for bugs and providing "increased incentives" as part of its bug reporting program, per the letter.
  • Ivanti is also creating a new customer advisory board that will ensure the company is prioritizing security in the ways its customers would like to see. Details about this board will be released in the "coming weeks," per the letter.

The big picture: Major cyberattacks often prompt companies to revisit their internal security practices.

  • Microsoft recently unveiled a new cybersecurity strategy after a series of nation-state cyberattacks targeting the company.

Between the lines: Ivanti's new commitments also model the strategies that federal officials have been pushing more companies and critical infrastructure operators to pursue.

Go deeper