Panel of Global 1000 CISOs Share Advice for Implementing Strategic
Security Programs, Gaining Stakeholder Support and Measuring Results
NEWTON, Mass.--(BUSINESS WIRE)--Nov. 19, 2015--
CyberArk (NASDAQ: CYBR),
the company that protects organizations from cyber
attacks that have made their way inside the network perimeter, today
launched a new industry initiative and report to mine cyber security
insight and peer-to-peer guidance from a panel of Chief Information
Security Officers (CISOs) from Global 1000 enterprises. The CISO
View industry initiative is based on independent research, sponsored
by CyberArk.
The CISO View panel’s collective expertise in managing large enterprise
security deployments is featured in a new report, “The
Balancing Act: The CISO View on Improving Privileged Access Controls.”
CISOs from ANZ, Carlson Wagonlit Travel, CIBC, CSX Corporation, ING
Bank, Lockheed Martin, Manulife, McKesson, Monsanto Company, News UK,
Rockwell Automation and Starbucks provide real-world advice for getting
organizational buy-in, implementing sustainable privileged account
security programs and measuring effectiveness of the controls.
Making Privileged Account Security an Organizational Priority
One
of the goals of the CISO View industry initiative is to provide a forum
for the CISO community to share best practices and tangible guidance for
building effective cyber
security programs.
In the report, the CISO panelists focus on concerns about the potential
for compromised privileged
credentials, which are the common denominator in nearly all cyber
attacks. According to the report, the rise in awareness about advanced
threats is prompting many organizations to proactively shore up
privileged access controls in order to help mitigate risks.
“If you don’t have good practices in privileged account management,
you’re making it very easy for adversaries to traverse your whole
network,” said Jim Connelly, VP and CISO, Lockheed Martin. “If they
(attackers) get a hold of an over-privileged account, they’ll run
through the environment like a brushfire.”
Based on a soon-to-be-released global survey from CyberArk, privileged
account security has become a top organizational priority. Survey
respondents (primarily IT security professionals) ranked privileged
account security second only to endpoint security as the priority
for their security programs.
CISO Views – Business Value and Establishing the Right Metrics
Featuring
practical first-hand guidance not available anywhere else, the report
leverages panelists’ hard-won experiences. It describes what it takes to
deploy comprehensive programs that improve privileged access controls at
large enterprises, encompassing people, process and technology. The
report offers peer advice in three key areas:
-
The strategic decisions that CISOs and their teams will need to
make, including how to prioritize based not only on risk but also on
business opportunities
-
The conversations CISOs need to drive across the organization,
such as how to negotiate with and influence stakeholders
-
The essential components of a successful program, including how
to develop metrics to measure security and business results
The panelists describe specific ways to ensure that security and
business objectives are aligned including:
-
Establish Business Value: Determine the line between
“sufficiently secure” and “overly restrictive”
-
Focus on Metrics that Matter: Use metrics to steer course
corrections, measure control efficiency, and assess the impact of
controls on system availability and application performance
-
Make Milestones Count: Set early goals in conjunction with
business partners, define phases to minimize business disruption, and
capitalize on initial successes by creating blueprints for repeatable
processes
“We believe the CISO View is an important industry initiative to help
organizations that are trying to make informed, pragmatic decisions as
they work to improve privileged access controls,” said John Worrall,
Chief Marketing Officer, CyberArk. “Peer advice can be an invaluable
resource to CISOs as they work to get ahead of the ever-changing cyber
threats facing their organizations. We are grateful to the members of
the panel for helping the larger community address business-critical
security issues.”
For more information about “The Balancing Act: The CISO View on
Improving Privileged Access Controls,” visit http://www.cyberark.com/cisoview/.
This report is part of the CISO View, an industry initiative sponsored
by CyberArk. The report was developed by an independent research firm,
Robinson Insight.
About the CISO View Panel
The CISO View panel participants
are: Rob Bening, Chief Information Security Officer, ING Bank; David
Bruyea, SVP and CISO, Enterprise Architecture and Information Security,
CIBC; Jim Connelly, Vice President & Chief Information Security Officer,
Lockheed Martin; Dave Estlick, Information Security Chief, Starbucks;
Steve Glynn, Global Head of Information Security, ANZ; Mark Grant, Chief
Information Security Officer, CSX Corporation; Gary Harbison, Chief
Information Security Officer, Monsanto Company; Jim Motes, Vice
President and Chief Information Security Officer, Rockwell Automation;
Kathy Orner, Vice President & Chief Information Security Officer,
Carlson Wagonlit Travel; John Schramm, Vice President Global Information
Risk Management & CIRO, Manulife; Munawar Valiji, Head of Information
Security, News UK; and Mike Wilson, Vice President & Chief Information
Security Officer, McKesson.
About CyberArk
CyberArk is
the only security company focused on eliminating the most advanced cyber
threats; those that use insider privileges to attack the heart of the
enterprise. Dedicated to stopping attacks before they stop business,
CyberArk proactively secures against cyber threats before attacks can
escalate and do irreparable damage. The company is trusted by the
world’s leading companies – including 40 percent of the Fortune 100 and
17 of the world’s top 20 banks – to protect their highest value
information assets, infrastructure and applications. A global company,
CyberArk is headquartered in Petach Tikvah, Israel, with U.S.
headquarters located in Newton, Mass. The company also has offices
throughout EMEA and Asia-Pacific. To learn more about CyberArk, visit www.cyberark.com,
read the company blog, http://www.cyberark.com/blog/,
follow on Twitter @CyberArk or
Facebook at https://www.facebook.com/CyberArk.
Copyright © 2015 CyberArk Software. All Rights Reserved. All
other brand names, product names, or trademarks belong to their
respective holders.
View source version on businesswire.com: http://www.businesswire.com/news/home/20151119005209/en/
Source: CyberArk
Media Relations Contacts:
fama PR
Brian Merrill,
+1-617-986-5005
cyberark@famapr.com
or
CyberArk
Liz
Campbell, +1-617-558-2191
press@cyberark.com
or
Investor
Relations Contact:
CyberArk
Erica Smith, +1 617-630-6426
ir@cyberark.com