‘Think like an attacker’ to protect yourself: Rohan Vaidya, Regional Director of Sales – India, CyberArk

92
Rohan Vaidya
Rohan Vaidya, Regional Director of Sales – India, CyberArk

CyberArk consistently invests in new technologies to help its customers in staying ahead of attackers – providing proactive protection in cloud and DevOps environments and enabling customers to confidently invest in digital transformation while protecting against malicious insiders or external attackers, says Rohan Vaidya, Regional Director of Sales – India, CyberArk, in conversation with Elets News Network (ENN).

More than half of the Fortune 500 trust CyberArk to protect their most critical and high-value assets. Tell us about this accomplishment of your brand.

CyberArk is a global cybersecurity company that founded the privileged access security market and remains the market leader today. Escalating privileges of human and non-human credentials remains at the centre of almost every major attack and thus privileged access management is a top security project for forward-thinking CISOs.

CyberArk is a publicly traded company (NASDAQ: CYBR) and is a profitable organisation serving 4,400+ customers in more than 90 countries. CyberArk is consistently investing in new technologies to help customers stay ahead of attackers – providing proactive protection in cloud and DevOps environments and enabling customers to confidently invest in digital transformation while protecting against malicious insiders or external attackers. In fact, 40 percent of organisations that have been the victim of an attack have turned to CyberArk for help.

Taking all these factors together, CyberArk is in a powerful position to shape the future of the market and influence how organisations are prioritising investments in privileged access security to reduce risk.

Why is a Privileged Access Security Marketplace significant for BFSI sector? How is your experience pertaining to this?

In the complex IT environment that BFSI firms exist in, privileged accounts are being created and privileged access expanded at unprecedented rate. Chief information security officers are also increasingly talking a security-first approach to solving compliance challenges, like GDPR, NIST, SOX, and PCI.

The integrity of data is a prime concern in this sector; it can make or break public reputations. And that’s why we increasingly see organisations who bought privileged access security for compliance turn to CyberArk to implement holistic, scalable privileged access programs.

Prime cyber issues for BFSI firms that relate to privileged access security include the fact that most breaches occur within the organisation. So knowing where vulnerabilities lie within the organisation, and training teams to avoid them, is crucial to mitigating future risk.

The widespread use of third-party vendors is also a risk. Although these organisations likely set security standards of their own, they might not meet the rigorous ones that you set for your own organisation. Additionally, it is very difficult to be sure they are actually following their security best practices. Just as a breach can occur within your organisation due to employee negligence, breaches can also occur at third party vendors for the same reason.

Finally, as alluded to earlier, it’s easy to create uncertainty in the customer base when the data within BFSI organisations is potentially so sensitive. Companies want to make money, and they cannot do so if customers continue to lose trust and take their business elsewhere. This monetary impact has led to a big change within organisations.

Solutions like those provided by CyberArk help make these concerns less scary and more approachable. The more sensitive information an organisation holds, the bigger target they are. However, having security weaved into the organisation, instead of serving as a bottleneck, will allow businesses to continue operating efficiently while keeping data safe.

Cybersecurity holds a vital position across industries. How do you ensure protection against the latest attacks and maintain efficient privileged access programmes?

What sets CyberArk apart is our market leadership, technology innovation, and customer satisfaction. Everything we do is about improving the security of our customers. We help customers think differently by adopting a “think like an attacker” mindset – enabling them to prioritise risk and mitigate damage of an attack by proactively protecting what is truly important – key assets, information and data.

What is a Threat Lab? Tell us about the recent analysis done by your firm at the lab pertaining to BFSI sector?

To support this leadership with real-world experience, the CyberArk Threat Labs team is on the cutting edge of cybersecurity research. They study the methods and tactics used by attackers to penetrate and move laterally across organisational networks, devising effective detection and mitigation techniques to thwart these attacks.

Recent research has included highlighting privilege-related vulnerabilities and potential exploits in Jenkins, Kerberos and Docker as well as work around the security implications of crypto currency and many other projects.

For 2019, the team predicts never-before-seen attacks on newly engineered biometric markers and the broad embrace of blockchain, to expanded risks posed for “new” critical infrastructure and the transfer of trust.

They advise organisations to look to the threat horizon, and accelerate and collaborate to out-innovate and out-manoeuver the attackers. More specifically to the BFSI sector, with the prevailing importance of identity,  they foresee a new wave of attacks against emerging ‘unique human identities’ – or newly engineered biometric markers for digital and physical authentication.

Biometric fingerprint, voice and face ID authentication controls have proven effective in consumer devices, and organisations will look to new authentication methods – like embedded human microchips, for example. Attackers will increasingly target these identities to gather massive amounts of biometric data for future modelling purposes and nefarious use.

Technology implementation occupies a pivotal place. What major implementation have you planned for 2019?

 “Technology implementation occupies a pivotal place.” This is very true when it comes to mission-critical privilege access management tool like CyberArk. We at CyberArk believe in working very closely with our partner community to build implementation capability for all modules of CyberArk offerings.

We have been investing heavily building training content as well as enabling partners to certify for different level of CyberArk expertise. We work with different technology companies through our C3 alliance to build out of the box integrations. This benefits the end customer not only optimising the CyberArk solution but also expanding this to other technologies to manage their privilege accounts and securing the environment better. Security is a team game and we contribute to this team game with our C3 alliance.

CyberArk shares it’s close to two decades of global privilege access management implementation learning through best practices through structured programs like PAS Hygiene. Customer can avail CyberArk experts for complex implementations through the consulting and professional services engagements.

In India for 2019 we have focussed our efforts in partner enablement programs which will help partners to have more CyberArk certified professional which in turn benefits customers have more professionals to choose from for their implementation projects. With better qualified CyberArk professionals there is always a better chance to get the implementation projects done first time right every time.

The Banking & Finance Post is an initiative of Elets Technomedia Pvt Ltd, existing since 2003.
Now, Elets' YouTube channel, a treasure of premier innovation-oriented knowledge-conferences and awards, is also active. To Subscribe Free, Click Here.

Get a chance to meet the Who's who of the BFSI industry. Join Us for Elets BFSI Gamechanger Summit, Goa and explore business opportunities. Like us on Facebook, connect with us on LinkedIn and follow us on Twitter, Instagram & Pinterest.