THE CISO VIEW

Independent peer-to-peer guidance from industry-leading CISOs.

ABOUT THE CISO VIEW RESEARCH SERIES

The CISO View report series is developed in conjunction with the independent research firm Robinson Insight and brings together leading CISOs for peer-to-peer information sharing to help security teams build effective cybersecurity programs.

2021 CISO VIEW - Zero Trust

PROTECTING PRIVILEGED ACCESS WHILE TRANSITIONING TO ZERO TRUST

Newly Available

Digital transformation and enterprise mobility are rapidly eroding the traditional perimeter-based model. As the perimeter dissolves, how can organizations protect access to their most valuable resources – data, applications, and infrastructure – on-premises or in the cloud?

We interviewed a panel of 12 Global 1000 CISOs on the changing risk picture, including evolving attack techniques that target privileged access. They offered specific recommendations to mitigate risks using a Zero Trust model. This report is one of the first to offer practical and operational insights for CISOs and their teams on implementing a Zero Trust model.

A companion to this report is The CISO View 2021 Survey: Zero Trust and Privileged Access. After hearing from our panel, we wanted to know if the larger security community shared their outlook. Therefore, we surveyed 100 security executives from large enterprises ($1 billion+ annual revenue), about their perspectives. The survey respondents and the panel both suggest a broad consensus around the value of Zero Trust and a growing sense of urgency for securing privileged access.

MORE FROM THE SERIES

PROTECTING PRIVILEGED ACCESS IN ROBOTIC PROCESS AUTOMATION

Securing RPA Workflows

Robotic Process Automation (RPA) is a fast route to increased efficiency, productivity and quality. From a cyber security perspective, RPA also brings a new and attractive attack surface with the proliferation of privileged access as a prime concern.

This CISO View research report examines issues such as: What techniques might an attacker use to exploit privileged access in RPA systems? What are the most significant risks? What controls are the most useful and feasible? What are the key success factors in working with business stakeholders?

PROTECTING PRIVILEGED ACCESS

Securing Devops and Cloud Environments

The rewards of rapid software development and automated IT operations are clear – faster time-to-market and reduced costs. But, what about the risks? How do you successfully secure DevOps and cloud environments?

This CISO View research report drew from the experiences of CISOs from the Global 1000, as well as security professionals and technical experts who have adapted and secured DevOps environments.

RAPID RISK REDUCTION

A 30-Day Sprint to Protect Privileged Credentials

How do you avoid a data breach? Ultimately, you need to know what techniques attackers use and what security controls can stop them. This CISO View research report provides an inside look at the lessons learned from several high-profile data breaches, as well as recommendations and a 30 day sprint framework to guide rapid implementation of key controls.

THE BALANCING ACT

The CISO View on Improving Privileged Access Controls

This report provides practical guidance for CISOs to improve privileged access controls based on the first-hand knowledge of leading organizations. The guidance includes recommendations for establishing the balance between enabling and restricting high-levels of access to information assets.

ABOUT THE CISO VIEW RESEARCH APPROACH AND PANEL

Today, organizations face increasingly sophisticated and challenging cyber threats. At CyberArk, we believe that sharing insights and guidance across the CISO community will help strengthen security strategies and lead to better-protected organizations.

CyberArk has commissioned an independent research firm, Robinson Insight, to develop The CISO View which explores topics related to improving privileged access controls. The initiative brings together CISOs from leading organizations across the globe to share their insights into critical issues facing security leaders with the goal of establishing valuable peer-to-peer guidance and dialog. Contributors to current and past reports, and members of The CISO View Research Panel include the following individuals.

Alissa (Dr Jay) Abdullah

SVP and Deputy Chief Security Officer, Mastercard

Brad Arkin

SVP, Chief Security & Trust Officer, Cisco

Tim Bengson

VP, Global Chief Information Security Officer, Kellogg Company

Dawn Cappelli

VP, Global Security and Chief Information Security Officer, Rockwell Automation

Melissa Carvalho

VP, Enterprise and Customer Identity and Access Management,
Royal Bank of Canada (RBC)

Dave Estlick

Chief Information Security Officer, Chipotle

Peter Fizelle

Chief Information Security Officer, Asian Development Bank

Mike Gordon

VP and Chief Information Security Officer, Lockheed Martin Corporation (LMC)

Omar Khawaja

VP and Chief Information Security Officer, Highmark Health

Olivier Perrault

Cyber Security Officer, Orange Business Services

Emma Smith

Global Security Director, Vodafone

Daniel Tse

Head, Cyber Security, Information & Technology Risk, GIC Private Limited

Contributors to Prior Reports Include the Following Individuals

Rob Bening

Chief Information Security Officer Emeritus, ING Bank

David Bruyea

Senior Vice President & Chief Information Security Officer, CIBC

Jim Connelly

Vice President & Chief Information Security Officer, Lockheed Martin

Khadir Fayaz

Vice President, Global Security Strategy, Engineering & Architecture, Pearson

John Gelinne

Managing Director, Advisory Cyber Risk Services, Deloitte & Touche

Fred Gibbins

Senior Vice President & Chief Information Security Officer, American Express Company

Charles Gillman

Chief Security Officer, NTT Communications - Cloud Infrastructure Services

Steve Glynn

Global Head of Information Security, ANZ

Mark Grant

PhD, CIPP Chief Information Security Officer, CSX Corporation

Gary Harbison

Chief Information Security Officer, Monsanto Company

Jim Motes

Vice President & Chief Information Security Officer, Rockwell Automation

Kathy Orner

Chief Risk Officer, CWT

JD Rogers

Chief Information Security Officer, American Financial Group

John Schramm

CISA, CISSP, VP Global Information Risk Management & CIRO, Manulife

Chun Meng Tee

Vice President and Head of Information Security, Singapore Exchange

Thomas Tschersich

Senior Vice President, Internal Security & Cyber Defense, T-Systems International

Munawar Valiji

Head of Information Security, News UK

Mike Wilson

Vice President & Chief Information Security Officer, McKesson

*Represents role at time of contribution.

GET STARTED

Leverage the expertise of the industry’s most innovative CISOs to help you build an effective cybersecurity program today.