CyberArk leads by example and sets the identity security standard

How Cybersecurity Company Sets the Identity Security Standard for Others to Follow.

employee focused working on his computer

CyberArk (NASDAQ: CYBR) is the leading Identity Security provider, helping organizations secure access to critical business data and infrastructure, protect a distributed workforce, and accelerate business in the cloud. Built on a foundation of Privileged Access Management and powered by Artificial Intelligence-based behavior and risk analytics, the CyberArk Identity Security Platform enforces least privilege and enables access across any device, anywhere, at just the right time.

  • Employees: 2,000


Instead of a day for festive celebrations, thousands of business owners woke up on the United States Independence Day of 2021 to face a ‘colossal’ cyber-attack on their IT service provider Kaseya. The source of the attack was a remote monitoring and management application used by many of the Florida-based IT company’s 10,000-plus global customers. One victim, a Swedish supermarket chain, had to close 800 stores for a week and rebuild all of its systems from scratch.

Sadly, such events are all too common. But what sent shivers down the spines of many cybersecurity professionals was the fact that the victim was an IT company with access to security expertise and experience unavailable to most other organizations. Incidents such as this emphasize the need for a thorough and comprehensive cyber security defense plan says Sigalit Shavit, chief information technology officer for CyberArk, a company renowned for its leadership in Identity Security.

Notwithstanding the cost, time and resources needed to tackle an attack, perhaps the biggest concern is the impact on a security company’s reputation. The key point is what a market leader like CyberArk does to protect the integrity of its own digital assets.


CyberArk is a trusted partner to many of the world’s leading organizations because it enables them to effectively defend against attacks, enable the digital business, drive operational efficiencies, and satisfy audit and compliance requirements. The CyberArk approach to Identity Security embraces a Zero Trust strategy that helps cement its security posture and enhances the experience of its customers.

One of the reasons why CyberArk has become such a sought-after provider of Identity Security is the company’s understanding of a fundamental change in the global security landscape. At one time, a strong perimeter defense was typically enough to deal with most cyber attacks because users, assets and data remained on-premises and inside the secure boundary. However, the shift to cloud computing and remote working has effectively broken that wall of protection. Enterprise-wide perimeter defenses are still important, but now the focus is on protecting the access to applications, data and infrastructure irrespective of location. Thus, identity has in effect become the new perimeter.

Shavit underscored the point, “The whole model has been turned on its head. The front line always used to be the firewall and other network-related security measures, with users residing behind many layers of defense. But now every single user is on the front line, with attackers aggressively trying to exploit identity and credential weaknesses.”

Understandably, CyberArk uses its own products and Shavit emphasized why, “At CyberArk, we believe our own products offer the most secure and reliable protection. But there is more to it: By utilizing them ourselves we immediately gain invaluable feedback that is constantly used to optimize performance and capabilities. It is this first-hand knowledge and experience that perfects our product and professional services: a knowledge that we are always sharing with our customers and partners in order to ensure product deployment success.”

Picking from its own portfolio, the CyberArk IT team deployed one of its latest offerings – CyberArk Identity: An industry-recognized Identity as a Service (IDaaS) solution that unifies all the essential identity and access management services. CyberArk Identity enables Shavit’s team to deliver simplified access management with single sign-on, protect user credentials and devices with adaptive multi-factor authentication, and automate on-boarding and offboarding processes for the company’s employees and contract staff.

Despite the complexity and global scope of its own infrastructure, the inherent simplicity of CyberArk Identity enabled protection to be rapidly deployed across the company’s environment. The integration of CyberArk Identity with the broader CyberArk Identity Security Platform supports the tailored enforcement of least privilege access from any identity across any device and at any location. Built on a foundation of Privileged Access Management, the Identity Security Platform leverages advanced AI capabilities to dynamically apply the needed Identity Security controls enabling CyberArk to protect its widely distributed workforce and secure access to its own critical business data.

The CyberArk Identity Security Platform works by authenticating each identity, dynamically authorizing the least amount of privilege required, secures credentials, and thoroughly audits the entire cycle – giving the company peace of mind to drive its own businesses fearlessly forward.

“We believe that using the same products internally that we offer to our own customers truly demonstrates the level of confidence we have in the quality of protection being delivered.”

– Sigalit Shavit, Chief Information Technology Officer CyberArk


Shavit highlighted one of the ground-breaking benefits of CyberArk Identity: “With CyberArk Identity there are several straightforward ways to adjust and customize the implementation. So, if we have specific requirements or multiple applications to simultaneously connect, CyberArk Identity gives us the flexibility, speed and simplicity to accommodate exactly what we need to be done.” She added, “CyberArk Identity took us just a few weeks to deploy. It was a fast and smooth deployment across hundreds of business applications.”

The deployment team used the CyberArk Identity Security Blueprint best practice framework to facilitate the expedited implementation. The Blueprint process enables companies, including CyberArk itself, to rapidly pinpoint and address the greatest Identity Security risks while simultaneously building a world class security program. The Blueprint is vendor-agnostic and is based on live security incidents and cutting-edge research by the CyberArk Labs team.

“When I speak with other CIOs, they want to know how quickly and easily a solution can be implemented. Then followed by what the expected learning curve is for their team to become proficient and confident in using the new capabilities. We’ve experienced it first-hand, and on all counts, we absolutely know that CyberArk Identity is extremely straightforward and easy to operationalize. Indeed, we had people comfortably using it within hours,” explained Shavit.

For the company, CyberArk Identity represents an important building block in its Zero Trust approach to security because it polices identities and applies additional sophisticated layers of conditional access. For example, CyberArk Identity will ensure that a user is recognized and is utilizing a trusted device before initiating a deeper process of identification. Having this capability is critical because identity is much more than just single sign-on and multi-factor authentication.

“CyberArk Identity offers a comprehensive approach to protecting all users, irrespective of location. The significance of having access and privileged access management capabilities in a single solution, combined with oversight and governance, is absolutely huge.”

– Sigalit Shavit, Chief Information Technology Officer CyberArk

Shavit described, “For all companies, CyberArk Identity is playing an increasingly substantial role in delivering comprehensive protection across the entire threat landscape. The significance of having access and privileged access management capabilities in a single solution, combined with oversight and governance, is absolutely huge.”

She concluded, “We believe that using the same products internally that we offer to our own customers truly demonstrates the level of confidence we have in the quality of protection being delivered.”

Key benefits

  • Delivers robust identity security for CyberArk and its customers
  • Deployed company-wide in just a few weeks
  • Acts as the foundation of Identity Security and Zero Trust strategy

Talk to an expert

Understand the key components of an Identity Security strategy

Get a first-hand look at CyberArk solutions

Identify next steps in your Identity Security journey