CyberArk’s channel chiefs discussed cyber insurance, Australian adoption and business outcomes in an interview with CRN at the company’s Impact World Tour 2022 this week.
The event saw over 200 attendees learn about the company’s identity security strategy and how to navigate the evolving IT and threat landscapes. Keynotes were delivered by CyberArk’s senior vice president, privileged access management and identity security, Barak Feldman, ANZ regional director Thomas Fikentscher and VP DevOps Uzi Ailon.
CyberArk’s global subscription revenue grew by 144 percent to US$66 million in the second quarter compared to the year prior. Its second-quarter sales jumped to US$142.3 million, up 21 percent from the same period the year before.
Senior director, global partnerships, Cindy Baptiste told CRN that CyberArk has shifted “from being known for privilege access management (PAM) to a broader identity, security, story and platform and message” and “moved from being a perpetual software provider to subscription and SaaS”.
In 2020, CyberArk purchased identity and access management solution Idaptive for US$70 million to extend its ability to manage and protect identities across hybrid and multi-cloud environments.
The following year, it brought in more channel partners in Australia after ramping up its software-as-a-service offerings. The same year, it appointed DNA Connect as its newest Australian distributor.
CRN sat down for an interview with Baptiste, who CyberArk says has helped grow its overall channel business by more than 35 percent year over year. Joining her for the interview was ANZ co-channel chief Ben Brown and Dr Stephenie Andal, who was appointed ANZ co-channel chief earlier this year.
What is CyberArk’s channel strategy?
Baptiste: As we think about expanding the portfolio and as we think about moving into SaaS, that opens up new possibilities for partners. The work that the partners are doing around success and ensuring that adoption and renewal and expansion motions are successful. We call that more value creation, you're creating value throughout the entire lifecycle.
It's engaging in different ways with partners, either through managed services or through more system integration where they're helping us influence opportunities. They're responsible for doing delivery and implementation, ensuring success, so that we can move through the entire lifecycle of the adoption, renewal and expansion.”
I understand that CyberArk’s strategy will focus on GSI, MSPs and the cloud in 2023. Why?
Baptiste: If you think about, with reselling a service there's not a lot of margin in that for partners. Adding value on top of that service, adding their own intellectual property and incorporating that with other technology stack vendors to provide a full-blown service, as opposed to reselling a subscription of an existing server software. That's where the real value is. We're doing more with product management and research and development to create additional technology features that will enable managed service providers to help get time to value quicker.
The GSI is true for every system integrator, global or regional. There's the opportunity to participate in the customer success motion.
Every customer is moving to the cloud. We're providing new capabilities with our platform around ensuring cloud entitlements and you know, being able to lock down those cloud environments and provide privilege in the same way we would with any other type of application.
Cyber insurance is a key concern for some businesses and security partners. Are there any considerations there for CyberArk?
Baptiste: One of our most common use cases is solving for cyber insurance. We do have some partnerships with cyber insurance vendors. The identity security platform is foundational to being able to get cyber insurance. We've got a lot of partners who are who are utilising Cyber Ark as part of the full stack to solve this problem.
Many security companies are moving the conversation from a traditional security standpoint to a more business-oriented approach. Is CyberArk doing this?
Baptiste: We're definitely moving in that direction where we want to talk about business outcomes, and customers that are successful in preventing breaches. What we offer to the partners is a series of use cases or good market plays that we provide a lot of content and collateral as to how Cyber Ark can help in solving this problem, this use case, whether it's cyber insurance or ransomware, or zero trust or audit and compliance.
Are there any trends in CyberArk adoption in Australia?
Andal: If we wanted to get more of a broad picture perspective in the sector, we've had the new critical infrastructure legislation and that’s taken four sectors to eleven sectors across the economy. So, a vast swath of the economy now encompasses critical infrastructure legislation. What that means for a company like CyberArk, is we've got particular industry verticals we've had really strong coverage in the past who are quite strong in their cybersecurity controls, but we've now got less mature sectors for example, healthcare and university, that are now encompassed in the critical infrastructure legislation. They're looking for ways that they can be meeting cybersecurity obligations and regulations - and that's where cyber can come into the picture. Where previously, we were really solidly covered on this particular industry verticals, but we're now branching out into those. If you're asking from an awareness perspective, across the economy, and maturity around CyberArk solutions and positioning there's a change in that perspective.
Brown: I think it is pretty tied to regulation and compliance - critical infrastructure act, essential 8, cyber insurance, those sorts of things - they're kind of a driver that’s broadening what we're seeing in the market, opening up more verticals and industries that have to obviously align to those compliance mechanisms. That’s sort of where we're seeing more of the uptake and more of the awareness happening, and then as a result will be more action and customers coming up.
-1.jpg&w=100&c=1&s=0)
.png&w=100&c=1&s=0)
.jpg&h=237&w=349&c=1&s=1)
