Cyber-Ark Takes on Vegas: Virtualization Becomes a Reality and Why the Night Shift is Not a Deterrent
As I walked around the beautiful and magnetic Cosmopolitan hotel in Las Vegas, the venue for our fifth annual North American Customer Event, it was fulfilling to reflect on how far we have come in the past year. Our vision for proactively protecting sensitive assets has taken on a greater sense of urgency and is increasingly becoming important not only from a security and compliance perspective, but also from a business continuity stand point.
Cyber-Ark has continued to grow across all aspects of our business – with consistent quarter-over-quarter revenue growth, a global management team with expanded depth and experience, and the addition of more than 200 new enterprise customers for a total of more than 950 global customers. In addition to several enhanced solutions announced over the past year, we chose this event to unveil the latest version of our Privileged Identity Management Suite, with version 7 featuring first-of-its-kind auto-discovery capabilities for proactively detecting privileged accounts within virtualized environments to support security and compliance priorities across the data center.
Last year, for many customers, managing, monitoring and controlling privileged accounts in virtualized environments was a discussion only in its very nascent stages. Today, those challenges are quickly coming to the forefront as organizations take advantage of the numerous operational and cost benefits associated with virtualized technologies. However, as we highlighted in our new Privileged Identity Management Suite announcement, that adoption also leads to exponential security risk specifically related to the rapid provisioning of new virtual machines, and managing and monitoring related privileged access and activity. Additionally, organizations need to continue to be acutely aware of the risks of attacks targeting hypervisor privileged accounts, given their massive, high-level access to potentially thousands of virtualized servers, databases and applications.
In fact, our keynote presenter, Joji Montelibano, who leads the Insider Threat Technical Solutions and Standards team at CERT, provided a riveting presentation with details on the types of threat cases his team tracks and analyzes – from sabotage and fraud, to IP theft and espionage. In fact, he shared one story detailing a near-catastrophic network meltdown after a poorly performing IT administrator had been demoted to the night shift. Bad move says Joji who shared insight into the “30 day rule” – CERT finds most theft occurs within 30 days of someone leaving their job. Joji also shared advice on steps attendees should take within three months of his presentation, such as establishing an incident handling plan, along with suggestions on how to better manage the insider threat through continuous logging, targeted monitoring and real-time alerting.
We thoroughly enjoyed the spirited and insightful customer discussions during this event, and learning more about how our solutions are being used to address current and emerging security, process and operational pain points across the enterprise. I would also like to extend my gratitude to our spectacular Cyber-Ark team who were instrumental in making this such a memorable event.
And, our team isn’t slowing down! After attending MILCOM, this week, Cyber-Ark hits the road again, traveling to participate at the Gartner Identity & Access Management Summit as well as the Cloud Security Alliance Congress. Please let us know if you plan to attend either of these events and what you hope to gain from your experiences at the shows.