CyberArk. The company bills itself as a "leader in privileged access management", which is an ever more critical layer of IT security to protect data, infrastructure and assets across the enterprise, in the cloud and throughout the DevOps pipeline.
CyberArk says it "delivers the industry’s most complete solution to reduce the risk created by privileged credentials and secrets", and boasts over 50% of the Fortune 500 and over 35% of the Global 2000 as customers, CyberArk's pitch is solid.
The company says it "protects against external attackers and malicious insiders", and remains "the leader in securing enterprises against cyber attacks that take cover behind insider privileges to attack critical enterprise assets."
Indeed, the company says it "delivers a new category of targeted security solutions that help leaders stop reacting to cyber threats and get ahead of them, preventing attack escalation before irreparable business harm is done", and given the craziness of 2020, which included the Solarwinds revelations of late 2020 which still reverberate today, security has never been more paramount or important.
Late last year, CyberArk's Australian Solutions Engineering Manager, Andrew Slavkovic, wrote a guest opinion for iTWire entitled: "Protect cloud identities in a hybrid work environment".
In late December 2020, we decided to talk to Slavkovic to get an update on where the world stood at the time, but circumstances meant that we delayed things until the last few days, when 2020 was well behind us and we were all back in work mode for 2021.
So, here's my interview with Andrew Slavkovic on CyberArk, the trends to expect in 2021, CyberArk's view on the Solarwinds breaches, how companies can protect cloud identities in hybrid work environments, least privilege and zero trust and plenty more - with a summary of the questions after the video!
Interview qusetions summary:
- I started by introducing Andrew, welcoming him to the program and asking him to tell us about CyberArk and focus of the company in 2021.
- Andrew then spoke about his own personal history in the world of tech that led him to the world of cybersecurity.
- We spoke about the cybersecurity trends we're already seeing in 2021, and the impacts that Solarwinds breach had on Australian organisations, and the best mitigation for such an attack.
- We then turned to the need to protect cloud identities in the hybrid work environments that have become so prevalent since the pandemic and the work from home reality, and why least privilege and zero trust are so important - as well as what it means.
- We looked at why organisations haven't made this a priority until now, and why it has been so hard for them to tackle.
- We discussed the issue of limiting permissions and limiting the potential attack surface, and why CyberArk gives companies the ability to do this.
- We turned back to the Solarwinds breach and why companies are still taking their time to implement these necessary security measures.
- Then we finished on my usual three questions about the future and what it might hold, great advice in life that Andrew had received, and his final message to iTWire viewers and readers, and to CyberArk's current and future customers and partners.