CyberArk and CNA Introduce Cybersecurity Insurance
June 13, 2019

CyberArk introduced a cybersecurity insurance offering that prioritizes privileged access security to reduce business risk.

CNA selected CyberArk to provide its policyholders with access to a range of world-class services that will improve education and awareness about privileged access-related risk. This includes tools to identify where the riskiest accounts and credentials exist within an organization and guidance for prioritizing protection and management of privileged access to improve security and compliance.

“The costs of data breaches caused by malicious attackers, human error or simple technology glitches have never been higher,” said Andrew Lea, vice president, head of Commercial E&O, Cyber & Media Liability, CNA. “We understand that privileged access security significantly reduces risk, and we want to make sure CNA policyholders have access to the best services and technology the industry has to offer. CyberArk is an industry leader in privileged access security and offers a depth of experience and expertise that will deliver great value to our policyholders.”

The program begins with a complimentary CyberArk Privileged Access Security Assessment, which identifies current privileged access security risk posture and enables organizations to understand how they compare to industry peers.

Once an evaluation is completed, CNA policyholders have access to a range of additional privileged access-related services including:

- Discovery and Audit (DNA Workshop): A review of organizational requirements and drivers to identify objectives, success criteria, priorities and use cases of a privileged access security solution. With CyberArk, customers will conduct an in-depth review of critical controls and timelines using recommended CyberArk frameworks and tools such as the CyberArk Privileged Access Security Cyber Hygiene Program and Discovery and Audit (DNA) tool.

- CyberArk Red Team Tools, Tactics and Procedures (TTP): An engagement with the CyberArk Red Team will educate organizations on the common techniques utilized by attackers to compromise security controls and put companies at significant risk. Security teams will receive the hands-on experience they need to understand popular attack techniques and defense strategies.

- CyberArk Security Services Intensive: Gain the building blocks for developing or accelerating an effective privileged access security program with implementation planning, architecture design and consulting.

“Global organizations understand that in order to reduce the most business risk, they must prioritize privileged access security as a long-term program,” said Adam Bosnian, EVP, Global Business Development, CyberArk. “This first-of-its-kind program will deliver superior education and training to improve overall cybersecurity awareness, and give CNA policyholders the tools they need to prioritize privileged access security in ways that are quantifiable and compliance driven.”

Created by CyberArk, the Privileged Access Security Assessment systematically addresses organizations’ privileged access security risk and directs them toward actions that will yield the greatest improvement in their overall privileged access security posture. Evaluations are based on seven critical areas such as protecting against irreversible network takeover and securing application credentials. A customized risk score enables the organization to benchmark their privileged access security maturity against peers using a reference group defined by industry, employee count, annual revenue and region. This detailed, comparative analysis also provides remediation guidance based on CyberArk’s experience, allowing organizations to best optimize their time and resources on processes that reduce the most privileged access security risk.

Share this

Industry News

September 24, 2020

NetApp announced the availability of Elastigroup for Microsoft Azure Spot Virtual Machines (VMs).

September 24, 2020

CloudBees announced a robust new set of DevSecOps capabilities for CloudBees CI and CloudBees CD. The new capabilities enable customers to perform early and frequent security checks and ensure that security is an integral part of the whole software delivery pipeline workflow, without sacrificing speed or increasing risk.

September 24, 2020

Pulumi announced the release of a Pulumi-native provider for Microsoft Azure that provides 100% coverage of Azure Resource Manager (ARM), the deployment and management service for Azure that enables users to create, update and delete resources in their Azure accounts.

September 23, 2020

Puppet announced new Windows services, integrations and enhancements aimed at making it easier to automate and manage infrastructure using tools Windows admins rely on. The latest updates include services around Group Policy Migration and Chocolatey, as well as enhancements to the Puppet VS Code Extension, and a new Puppet PowerShell DSC Builder module.

September 23, 2020

Red Hat announced the release of Red Hat OpenShift Container Storage 4.5, delivering Kubernetes-based data services for modern, cloud-native applications across the open hybrid cloud.

September 23, 2020

Copado, a native DevOps platform for Salesforce, has acquired ClickDeploy.

September 22, 2020

CloudBees announced general availability of the first two modules of its Software Delivery Management solution.

September 22, 2020

Applause announced the availability of its Bring Your Own Testers (BYOT) feature that enables clients to manage their internal teams – employees, friends, family members and existing customers – and invite them to test cycles in the Applause Platform alongside Applause’s vetted and expert community of testers.

September 22, 2020

Kasten announced the integration of the K10 data management platform with VMware vSphere and Tanzu Kubernetes Grid Service.

September 21, 2020

PagerDuty entered into a definitive agreement to acquire Rundeck, a provider of DevOps automation for enterprise.

September 21, 2020

Grafana Labs announced the release of Grafana Metrics Enterprise, a modern Prometheus-as-a-Service solution designed for the scale, architecture, and security needs of enterprises as they expand their observability initiatives.

September 21, 2020

Portshift's Cloud Workload Protection platform is now available through the Red Hat Marketplace.

September 17, 2020

env0, a developer of Infrastructure-as-Code (IaC) management software, announced the availability of its new open source solution for Terraform users, Terratag.

September 17, 2020

Push Technology announced a partnership with Innova Solutions, an ACS Solutions company, specializing in global information technology services.

September 17, 2020

Alcide achieved the AWS Outposts Ready designation, part of the Amazon Web Services (AWS) Service Ready Program.