CyberArk and CNA Introduce Cybersecurity Insurance
June 13, 2019

CyberArk introduced a cybersecurity insurance offering that prioritizes privileged access security to reduce business risk.

CNA selected CyberArk to provide its policyholders with access to a range of world-class services that will improve education and awareness about privileged access-related risk. This includes tools to identify where the riskiest accounts and credentials exist within an organization and guidance for prioritizing protection and management of privileged access to improve security and compliance.

“The costs of data breaches caused by malicious attackers, human error or simple technology glitches have never been higher,” said Andrew Lea, vice president, head of Commercial E&O, Cyber & Media Liability, CNA. “We understand that privileged access security significantly reduces risk, and we want to make sure CNA policyholders have access to the best services and technology the industry has to offer. CyberArk is an industry leader in privileged access security and offers a depth of experience and expertise that will deliver great value to our policyholders.”

The program begins with a complimentary CyberArk Privileged Access Security Assessment, which identifies current privileged access security risk posture and enables organizations to understand how they compare to industry peers.

Once an evaluation is completed, CNA policyholders have access to a range of additional privileged access-related services including:

- Discovery and Audit (DNA Workshop): A review of organizational requirements and drivers to identify objectives, success criteria, priorities and use cases of a privileged access security solution. With CyberArk, customers will conduct an in-depth review of critical controls and timelines using recommended CyberArk frameworks and tools such as the CyberArk Privileged Access Security Cyber Hygiene Program and Discovery and Audit (DNA) tool.

- CyberArk Red Team Tools, Tactics and Procedures (TTP): An engagement with the CyberArk Red Team will educate organizations on the common techniques utilized by attackers to compromise security controls and put companies at significant risk. Security teams will receive the hands-on experience they need to understand popular attack techniques and defense strategies.

- CyberArk Security Services Intensive: Gain the building blocks for developing or accelerating an effective privileged access security program with implementation planning, architecture design and consulting.

“Global organizations understand that in order to reduce the most business risk, they must prioritize privileged access security as a long-term program,” said Adam Bosnian, EVP, Global Business Development, CyberArk. “This first-of-its-kind program will deliver superior education and training to improve overall cybersecurity awareness, and give CNA policyholders the tools they need to prioritize privileged access security in ways that are quantifiable and compliance driven.”

Created by CyberArk, the Privileged Access Security Assessment systematically addresses organizations’ privileged access security risk and directs them toward actions that will yield the greatest improvement in their overall privileged access security posture. Evaluations are based on seven critical areas such as protecting against irreversible network takeover and securing application credentials. A customized risk score enables the organization to benchmark their privileged access security maturity against peers using a reference group defined by industry, employee count, annual revenue and region. This detailed, comparative analysis also provides remediation guidance based on CyberArk’s experience, allowing organizations to best optimize their time and resources on processes that reduce the most privileged access security risk.

Share this

Industry News

May 21, 2020

Exadel announced the Grand Prize winner of the “Appery.io COVID-19 Virtual Hackathon.”

May 21, 2020

CloudBees announced significant advances for its Software Delivery Management (SDM) platform – integrations with additional continuous integration and continuous delivery (CI/CD) engines, including Google Cloud Build and Tekton, and extension of the availability of CloudBees’ SDM Preview Program.

May 21, 2020

OutSystems is announcing over 70 development accelerators that ensure web and mobile applications created on the OutSystems low-code development platform can comply with the highest accessibility standards and regulations.

May 20, 2020

Styra announced that Styra Declarative Authorization Service (DAS) now supports microservices and extends context-based authorization to the service mesh.

May 20, 2020

Optimizely announced that its free feature flagging plan for development teams, Rollouts, now also includes A/B testing and feature configuration.

May 20, 2020

StackRox announced new runtime security features in the latest release of the StackRox Kubernetes Security Platform.

May 19, 2020

Docker has partnered with Snyk to deliver the first, native vulnerability scanning of container images in Docker.

May 19, 2020

Rancher Labs announced the launch of Rancher Academy.

May 19, 2020

Datical, a provider of database release automation solutions, has rebranded and will be conducting operations under the name Liquibase.

May 18, 2020

D2iQ introduced the D2iQ Shortcut to Success promotion. The cost-effective package of technology, training, professional services and support ensures successful Day 2 production operations for Kubernetes at a price point that makes it affordable for companies of all sizes to get started.

May 18, 2020

Altran announced the release of a new tool available on GitHub that predicts the likelihood of bugs in source code created by developers early in the software development process.

May 18, 2020

DigitalOcean closed a $50 million Series C funding round led by Access Industries, with participation from Andreessen Horowitz.

May 14, 2020

Venafi announced a definitive agreement to acquire Jetstack, a provider of open source machine identity protection software for Kubernetes and cloud native ecosystems.

May 14, 2020

SonarSource announced the acquisition of RIPS Technologies, a German startup from Bochum known for its leading code security analyzers.

May 14, 2020

IT Revolution announced The Idealcast — a new podcast series to share insights and solutions for how organizations can thrive during the age of digital disruption.