The CyberArk Blog

The definition of privilege is changing, and this changes everything. Identities of all types — not just IT team members, but any employees — are gaining access to sensitive data, infrastructure...

In recent years, cybersecurity has become a board-level issue resulting in several executives taking greater responsibility in cybersecurity-related decisions. As a result, the CISO is no longer a...

The idea of removing local administrator rights from Every. Single. User. across your organization is likely to spark strong reactions. Search popular online forums for the phrase “remove local...

The U.S. Department of Defense (DoD) is going all in on Zero Trust. In late 2022, the Pentagon released its long-anticipated Zero Trust strategy and roadmap for migrating “trusted” perimeter-based...

Data breach headlines are daily reminders that cyberattackers keep innovating. While constant research to uncover threats and share crucial intelligence with defenders is far less visible, the...

The recent CircleCI breach highlights the risk of storing secrets in places like private code repositories (GitHub), scripts, configuration files, files encrypted at rest, CI/CD pipeline code or...

2022 ransomware attack learnings can inform 2023 cybersecurity strategies, helping organizations combat threats and reduce risk with greater confidence. The CyberArk 2022 Identity Security Threat...

 “If we can control identity, we can stop most modern attacks. And if you control identity, then you control every perimeter, application, container – effectively every part of the environment.” –...

Cyber defenders need timely, accurate threat intelligence to protect their organizations. This is what drives our CyberArk Labs team to produce innovative research, expose new attack methods and...

Since launching last spring, the CyberArk Trust Issues Podcast has covered a range of top-of-mind cybersecurity subjects. Whether you’re interested in CISO perspectives, cutting-edge threat...

Before we ring in the new year, we’re reflecting on some of the biggest cybersecurity events of 2022. It’s been a stressful 12 months for security teams, to say the least. Many open cybersecurity...

Cybersecurity doesn’t happen in a vacuum. Evolving attack trends, world events, regulatory changes, shifting organizational priorities and many other factors influence enterprise programs. With...

Uber is back in the spotlight, this time for a breach involving a third-party vendor. According to reports, an attacker accessed the vendor organization’s public cloud backup server, obtaining and...

With its new and improved Network and Information Security Directive, NIS2, the European Union joins a growing list of governments around the world that are enacting stronger cybersecurity...

On November 28, 2022, NIS2 officially replaced the European Union’s Network and Information Security (NIS) Directive, heralding significant compliance changes for many EU businesses. This...

The public cloud is empowering organizations to do incredible things, from exploring new realms in space to transforming cultures. This week at AWS re:Invent in Las Vegas, these real-world cloud...

The world of Internet of Things (IoT) devices is both fanciful and ubiquitous, from routers and smart appliances popular at home to intelligent building systems and self-monitoring industrial...

The 2022 holiday online shopping season is shaping up to be a busy one. An estimated 63.9 million people will shop this Cyber Monday, while global eCommerce transactions are expected to climb 15%...

It’s been an eventful 2022 and, based on what our CyberArk Labs team is observing, 2023 will introduce yet another chapter of cybersecurity threats and challenges, along with some new...