New Whitepaper Guides Organizations to Address ISO/IEC 27002 Security
Controls with the CyberArk Solution
NEWTON, Mass.--(BUSINESS WIRE)--Dec. 2, 2014--
CyberArk
(NASDAQ: CYBR), the company that protects organizations from cyber
attacks that have made their way inside the network perimeter, has
released a new
white paper, “Safeguarding Privileged Access: Implementing ISO/IEC
27002 Security Controls with the CyberArk Solution.” The technical paper
provides organizations with a blueprint for implementing the CyberArk
Privileged Account Security to enforce controls pertaining to privileged
access within the ISO/IEC 27002:2013 standard.
Privileged accounts, which consist of IT administrative credentials,
default and hardcoded passwords, application backdoors and more, are
targeted in nearly every significant cyber attack.1 In
response, organizations are increasingly adopting best practices
standards for securing these accounts, including the International
Organization for Standardization (ISO) and the International
Electotechnical Commission (IEC) 27002 standard. The standards highlight
the critical nature of privileged account abuse as part of advanced
attacks, warning that “the inappropriate use of system administrator
privileges...is a major contributory factor to failures or breaches of
systems.”2
“Privileged accounts represent a serious vulnerability,” said John
Worrall, CMO, CyberArk. “Organizations adhering to ISO/IEC guidelines
for safeguarding privileged access are taking a huge step forward in
mitigating advanced attacks. The new whitepaper outlines how CyberArk
helps organizations implement the controls outlined in the ISO/IEC
standards.”
The CyberArk Privileged Account Security Solution helps organizations
implement the following controls, which are consistent with the ISO/IEC
27002:2013 standard’s focus on privileged access security:
-
Establishing and implementing privileged access policy
-
Identifying the privileged access rights associated with each system
or process
-
Restricting the use of privileged access to authorized users based on
functional roles
-
Authenticating privileged users, ensuring individual accountability
for privileged actions
-
Changing default vendor passwords
-
Restricting access to privileged utility programs
-
Controlling privileged access by suppliers
CyberArk will host two 30-minute webinars titled, “Do your privileged
accounts meet ISO/IEC 27002 standards,” outlining how to best protect
privileged accounts to address the new controls. To register, please
visit:
To download the whitepaper, “Safeguarding Privileged Access:
Implementing ISO/IEC 27002 Security Controls with the CyberArk
Solution,” please visit http://www.cyberark.com/resource/safeguarding-privileged-access
About CyberArk
CyberArk is the only security company focused on eliminating the most
advanced cyber threats; those that use insider privileges to attack the
heart of the enterprise. Dedicated to stopping attacks before they stop
business, CyberArk proactively secures against cyber threats before
attacks can escalate and do irreparable damage. The company is trusted
by the world’s leading companies – including more than 35 percent of the
Fortune 100 and 17 of the world’s top 20 banks – to protect their
highest value information assets, infrastructure and applications. A
global company, CyberArk is headquartered in Petach Tikvah, Israel, with
U.S. headquarters located in Newton, MA. The company also has offices
throughout EMEA and Asia-Pacific. To learn more about CyberArk, visit www.cyberark.com,
read the company blog, http://www.cyberark.com/blog/,
follow on Twitter @CyberArk or Facebook at https://www.facebook.com/CyberArk.
Forward-Looking Statements
This release may contain forward-looking statements, which express the
current beliefs and expectations of our management. Such statements
involve a number of known and unknown risks and uncertainties that could
cause our future results, performance or achievements to differ
significantly from the results, performance or achievements expressed or
implied by such forward-looking statements. Important factors that could
cause or contribute to such differences include risks relating to:
changes in the new and rapidly evolving cyber threat landscape; our
failure to effectively manage our growth; fluctuations in our quarterly
results of operations; real or perceived shortcomings, defects or
vulnerabilities in our solution or the failure of our solution to meet
customers’ needs; our inability to acquire new customers or sell
additional products and services to existing customers; competition from
IT security vendors and other factors discussed under the heading "Risk
Factors" in the final prospectus for our initial public offering filed
with the Securities and Exchange Commission on September 24, 2014.
Forward-looking statements in this release are made pursuant to the safe
harbor provisions contained in the Private Securities Litigation Reform
Act of 1995. These forward-looking statements are made only as of the
date hereof, and we undertake no obligation to update or revise the
forward-looking statements, whether as a result of new information,
future events or otherwise.
Copyright © 2014 CyberArk Software. All Rights Reserved. All
other brand names, product names, or trademarks belong to their
respective holders.
1 CyberSheath, “APT Privileged Account Exploitation,” 2013
2 ISO/IEC 27002:2013 Page 22
Source: CyberArk
Media Relations Contacts:
fama PR
Brian Merrill,
+1-617-986-5005
cyberark@famapr.com
or
CyberArk
Eric
Seymour, +1-617-796-3240
eric.seymour@cyberark.com
or
Investor
Relations Contact:
ICR
Staci Mortenson, +1-617-558-2132
IR@cyberark.com