The CISO View on DevOps: New Report Highlights Approaches to Reduce Cyber Security Risk

Products
- Products
- New CyberArk Alero
  
  Alero combines Zero Trust access, biometric multi-factor authentication and just-in-time provisioning for remote vendors accessing critical systems managed by CyberArk.
- LEADERSHIP
  
  Gartner Names CyberArk a Leader in Privileged Access Management.
Solutions
- Solutions
- Business Critical Apps
  
  Are you doing enough to secure business critical apps? CyberArk surveyed 1,400 IT and business stakeholders to find out. View our dynamic infographic to see how you stack up.
- LEADERSHIP
  
  Gartner Names CyberArk a Leader in Privileged Access Management.
Services & Support Services & Support
- Services and Support
- Contact Support
  
  CyberArk’s highly skilled Services organization offers a combination of technology and cyber security expertise to strategically build out a privileged access security program and effectively execute deployment.
  Cyberark documentation for end users, admins and security professionals.
Partners Partners
- Partners
- Become A Partner
  
  Today’s security and compliance environment is challenging, and no single vendor can solve the entire problem for you. CyberArk understands this, which is why we’ve created a powerful ecosystem of technology and channel partners that can provide you with a complete solution for your privileged account security and compliance requirements.
- LEADERSHIP
  
  Gartner Names CyberArk a Leader in Privileged Access Management.
Marketplace
Company Company
- Company
- Careers at CyberArk
  
  CyberArk’s award-winning software protects the high value assets of leading companies and government organizations around the world. We take that responsibility seriously. That’s why we only hire the best.
Careers
Resources Resources
- Resources
- Scan Your Network
  
  Want to see the CyberArk Privileged Access Security Solution in action?
- LEADERSHIP
  
  Gartner Names CyberArk a Leader in Privileged Access Management.

The CISO View on DevOps: New Report Highlights Approaches to Reduce Cyber Security Risk

January 16, 2019

Global 1000 CISOs Provide Recommendations for Protecting Privileged Access in DevOps and Cloud Environments

NEWTON, Mass. & PETACH TIKVA, Israel--(BUSINESS WIRE)-- CyberArk (NASDAQ: CYBR), the global leader in privileged access security, today issued a new research report, “The CISO View: Protecting Privileged Access in DevOps and Cloud Environments.” Based on the direct experiences of a panel of Global 1000 CISOs, the report provides advice for security teams to help effectively assess risk, drive developer collaboration, and prioritize steps to protect DevOps processes while maintaining developer velocity.

The report is part of The CISO View industry initiative and features contributions from executives at leading organizations who are adopting DevOps methodologies and tools, including American Express Company, American Financial Group, Asian Development Bank, Carlson Wagonlit Travel, CIBC, GIC Private Limited, ING Bank, Lockheed Martin, NTT Communications, Orange Business Services, Pearson, Rockwell Automation and Starbucks. Sponsored by CyberArk, the initiative brings together leading CISOs for peer-to-peer information sharing to help security teams build effective cyber security programs.

While security strategies should address privileged access and the risk of unsecured secrets and credentials, they should also closely align with DevOps culture and methods to avoid negatively impacting developer velocity and slowing the release of new services. Despite this, 73 percent of organizations surveyed for the 2018 CyberArk Global Advanced Threat Landscape report have no strategy to address privileged access security for DevOps.

The report summarizes five key recommendations based on the real-world experiences of participating CISOs, including:

Transform the security team into DevOps partners – Ensure security practitioners and developers have the right skills, make it easy for developers to do the right thing, encourage collaboration and adopt agile DevOps methods within security.
Prioritize securing DevOps tools and infrastructure – Set and enforce policies for tools selection and configuration, control access to DevOps tools, ensure least privilege and protect and monitor infrastructure.
Establish enterprise requirements for securing credentials and secrets – Mandate the centralized management of secrets, extend auditing and monitoring capabilities, eliminate credentials from tools and applications, and develop reusable code modules.
Adapt processes for application testing – Integrate automated testing of code, compel developers to fix security issues using a “break the build” approach and consider a bug bounty program.
Evaluate the results of DevOps security programs – Test secrets management solution deployments, measure and promote improvements and educate auditors.

“This CISO View report captures the experiences and recommendations of senior executives who are securely embracing DevOps workflows,” said Marianne Budnik, CMO, CyberArk. “For organizations embarking on digital transformation initiatives, it has never been more important to align security and risk postures across new tools and technologies. In understanding organizational and operational challenges, security teams can more effectively drive productive discussions across executive, security and developer teams.”

This report is the third in The CISO View report series, which was developed in conjunction with independent research firm Robinson Insight and relies on the insights and guidance contributed by The CISO View panel of Global 1000 CISOs, members of the security community and other industry experts.

To download “The CISO View: Protecting Privileged Access in DevOps and Cloud Environments” and other reports in the series, visit https://www.cyberark.com/cisoview/.

Additional Resources

About CyberArk
CyberArk (NASDAQ: CYBR) is the global leader in privileged access security, a critical layer of IT security to protect data, infrastructure and assets across the enterprise, in the cloud and throughout the DevOps pipeline. CyberArk delivers the industry’s most complete solution to reduce risk created by privileged credentials and secrets. The company is trusted by the world’s leading organizations, including 50 percent of the Fortune 500, to protect against external attackers and malicious insiders. A global company, CyberArk is headquartered in Petach Tikva, Israel, with U.S. headquarters located in Newton, Mass. The company also has offices throughout the Americas, EMEA, Asia Pacific and Japan. To learn more about CyberArk, visit www.cyberark.com, read the CyberArk blogs or follow on Twitter via @CyberArk, LinkedIn or Facebook.

View source version on businesswire.com: https://www.businesswire.com/news/home/20190116005123/en/

Media Relations Contacts:
Brian Merrill, fama PR
Phone: +1-617-986-5005
Email: cyberark@famapr.com

Liz Campbell, CyberArk
Phone: +1-617-558-2191
Email: press@cyberark.com

Investor Relations Contact:
Erica Smith, CyberArk
Phone: +1 617-630-6426
Email: ir@cyberark.com

Source: CyberArk

Categories: Press Releases

View all news

Site Search

Press Release Details

The CISO View on DevOps: New Report Highlights Approaches to Reduce Cyber Security Risk

Investor Contact

Quick Links



Enter the code shown above.