The rapidly expanding partner network of CyberArk provides customers with strategic resources to address the growing sense of urgency surrounding securing the rise of human and machine identities as a result of faster investments in digital transformation.
“Our brand equity is backed by our commitment to R&D because it enables us to offer the latest technologies in the market.”
Rohan Vaidya, Regional Director, India & SAARC, CyberArk
As cyber-attacks increasingly become more complicated and focused, businesses all over the world are opting for cyber insurance to adapt to a difficult and demanding theatscape. While the hype around ChatGPT and AI is growing rapidly, security threats linked to this new disruptive technology is also projected to rise in the near future.
Against this alarming backdrop, CyberArk, a leader in Identity Security, is providing the most comprehensive security offering, centered on privileged access management, for any identity – human or machine – across business applications, distributed workforces, hybrid cloud workloads and throughout the DevOps lifecycle. The company is helping leading business organizations to secure their most critical assets.
Rohan Vaidya, who is currently Regional Director, India & SAARC, for CyberArk spoke to SME Channels. Passionate about customer success, Rohan is deeply focused on leading sustainable business growth to deliver on innovative business outcomes.
Armed with over 18 years of solid experience in successfully building brands and businesses in India and the wider Asian region Rohan is responsible for managing sales operations and profitability of the business in the sub-continent. He has served in a variety of capacities in an expansive career including sales, marketing operations, technical consulting and business management with mostly multinational organisations in India, Southeast Asia and the Middle East. His track record for engaging deeply and productively with clients has delivered measurable success in industries including telecommunications, financial services, publishing, media, IT and IT enabled services (ITES).
In this exclusive chat, Rohan Vaidya, Regional Director, India & SAARC, CyberArk, discusses how CyberArk is leveraging the current hike in demand for security solutions worldwide; his key forecasts for the security market; key focus areas of CyberArk’s Channel Business; India in CyberArk ‘s overall global channel marketing strategy; Growth Blueprint for 2023, and much more. Edited Excerpts…
As a pioneering cybersecurity brand, how have you been leveraging the recent uptick in demand for cybersecurity services?
CyberArk has been leveraging the increased demand for cybersecurity services by adapting to the changing security landscape, strengthening partnerships with other security providers, and increasing brand awareness.
- Expanding solutions portfolio: CyberArk has been continuously updating its cybersecurity solutions to meet evolving threats. While we have built a strong repute in PAM over the years, this year, we have started to position ourselves as the leader in Identity Security, because customer needs are no longer just limited to PAM. Our aim is to position ourselves as the owner, leader and innovator in this space. We unveiled our strengthened unified Identity Security Platform at our annual global event, Impact, in Boston in July, following up globally with the Impact World Tour series of events to educate our customers and partners in each key market in EMEA and APJ, as well as the Americas.As part of our commitment to R&D, we opened an R&D centre in Hyderabad, India in March 2023.
- Collaborating with other tech companies: CyberArk’s C3 Alliance Global Technology Partner Program brings together key enterprise and security software companies to deliver integrated, tested solutions to protect our shared customers. C3 Alliance members represent enterprise software, infrastructure and security solutions, including security information and event management (SIEM), identity and access governance, asset and vulnerability discovery, security management and authentication services that benefit from tighter integration with CyberArk.
Is your current channel strategy properly aligned with the current market trends?
With hundreds of partners worldwide, CyberArk has one of the largest networks of security-focused partners in the business. The rapidly expanding partner network of CyberArk provides customers with strategic resources to address the growing sense of urgency surrounding securing the rise of human and machine identities as a result of faster investments in digital transformation.
Based on industry trends and best practices, CyberArk’s channel strategies have been aligned with market trends and client needs to maximise profitability and growth. In the current cybersecurity industry, there are several emerging market trends related to channel strategies, including:
- The increasing importance of partnerships: As cybersecurity threats become more complex, clients are looking for comprehensive solutions that integrate multiple technologies. Building partnerships with other cybersecurity providers offers CyberArkan opportunity to extend more complete solution to clients.
- The rise of cloud adoption: With more companies adopting cloud-based technologies, there is an increasing demand for cloud-based cybersecurity solutions. CyberArk’s channel strategies include cloud-focused solutions to meet this growing need.
- The need for specialised expertise: As cybersecurity threats become more complex, clients are looking for partners who not only provide solutions but also possess deep expertise in cybersecurity. CyberArk hasincluded training and education programs to help partners develop specialised expertise.
Given these trends, CyberArk’s current channel strategy is aligned to meet client needs and stay competitive in the market. By fostering partnerships with complementary providers, offering cloud-based solutions, and providing training for specialised expertise, CyberArk stays close to customers and their requirements.
What sort of partner upskilling programs do you run to empower partners on your cyber security solutions into the market?
CyberArk has a variety of learning environments including hands-on labs and also offers the education, training, and skills validation needed to implement and administer CyberArk solutions. Partners can consume our Online Tutorials that they have access to, which include short and free tutorials to supplement courses and provide quick references. CyberArk University offers a comprehensive range of online courses, instructor-led training, and certification programs for CyberArk products. Partners can access the university’s resources to train their employees and develop specialised expertise. Thepartner portal offers a range of sales and technical enablement tools, including presales resources, marketing materials, whitepapers, and webinars. These resources can help partners to identify new opportunities and deliver successful cybersecurity solutions to clients.
CyberArk’s upskilling programs are designed to empower partners to deliver high-quality cybersecurity solutions to our clients. These programs offer a variety of resources and training to help partners continually develop their skills and expertise in the identity security industry.
Where does India figure in your overall global marketing strategy?
In November 2022, we increased our marketing commitment to leading and defining the Identity Security space with a logo and rebrand, backed with high-profile advertising.
Our brand equity is backed by our commitment to R&D because it enables us to offer the latest technologies in the market. Our Identity Security Platform is a good example and a result of this commitment, as it enables secure access for any identity — human or machine — to any resource or environment from anywhere, using any device.
CyberArk adopts an integrated, 360 approach to marketing. We invest in owned earned and paid media to ensure our digital presence in the market not just in English but in local languages. We adopt a consistent voice across all channels, including web, social, email, events and more.
Regardless of their role within the organization, each of our employees are provided the training and tools to enable them to articulate our brand value and proposition to the external audience, making them our very own brand ambassadors.
Our customer testimonial program allows customers to share their CyberArk experience through various ways – by speaking at an event, through an online case study, or even through influencer (press/analyst) engagement.
How do you leverage AI/ML in your cybersecurity products?
CyberArk uses AI/ML primarily for behaviour analytics, threat intelligence, and automation.
- AI/ML is used to analyse user behaviour and detect anomalies that could indicate a potential security threat. With behaviour analytics, cybersecurity teams can detect insider threats, compromised credentials, and other types of advanced attacks. CyberArk’s Privileged Access Security Solution leverages AI/ML for to identify potential threats before they can cause damage.
- AI/ML is also used for threat intelligence gathering and analysis. By analysing threat data from various sources, AI/ML algorithms can identify emerging trends and patterns that could indicate a potential cyber-attack. CyberArk’s Threat Analytics solution uses AI/ML to gather and analyse threat intelligence data in real time, enabling cybersecurity teams to respond more quickly to emerging threats.
- AI/ML is used to automate tasks that would otherwise require human intervention. CyberArk’s Privileged Account Security Solution includes AI/ML-powered automation features such as automatic detection of privileged accounts and automatic rotation
of passwords for privileged accounts. These automated processes help to reduce the risk of human error and speed up response times.
How do you look at the emergence of Security-as-a-service? Do you also offer Security-as-a-service to your clients?
As early as 2020, CyberArk began the transition of the business to a recurring subscription model to better align with customer buying patterns and deliver expanded, long-term value for customers.
What would be the top five industry best practices that you would advise your partners to pass over to the customer?
Rapid digital expansion has created new environments and hundreds of thousands of new human and machine identities per firm, and this has been accompanied by new and innovative attack methods as attackers seek to exploit the identities associates with these environments and thereby circumvent security efforts.
Without the skills or resources to effectively operate what is often a large patchwork of point solutions, what we now see is an end-user driven ‘consolidation of trust’, where risk reduction and resilience are seen as critical outcomes. Enterprises are increasingly looking to work with a smaller set of trusted cybersecurity vendors and partners that effectively solve large and related portions of the cybersecurity problem with integrated technologies and expertise. So, scalability and long-term partnerships are one part of the answer.
A second best practice is to do with adopting a risk-based approach. Less than half of organisations surveyed had a risk-based approach to securing critical data and assets, but this is key, especially in a constrained environment: Firms should identify the data and assets that would be most problematic if they were compromised and build security strategy from here. Failure to do so leads to security overspend in some areas and creates security poverty in others and is often a reason that breaches, when they happen, are significant events. We encourage end-users to adopt this ‘think like an attacker’ methodology.
Third, not enough firms are far enough down the complete Zero Trust journey to “trust nothing, verify everything”, but there are components of Zero Trust that provide relatively quick wins in reducing identity-centric exposure. Start with identity management and endpoint security to reduce risk.
Finally, while for the most part security practitioners have been trying to invisibly protect organisations and avoid impacting user experience, people and their identities form such a large part of today’s threat surface that this is no longer a realistic goal. Instead, we must bring customers, partners and employees along with us on the security journey, which in some cases will mean removing capabilities from them that they have grown used to, but are not required for them to perform their function.