Back in 1999, Petah Tikva-headquartered CyberArk Software Ltd. decided it wanted to be the go-to information security company for corporate clients who were “afraid of internal attackers,” according to co-founder, chairman and CEO Udi Mokady. After initially offering its products to businesses in the financial sector, the target market kept expanding as regulation was added and attacks became more targeted.
For daily updates, subscribe to our newsletter by clicking here.
The company’s “big-break” happened when executives at enterprises finally realized that in the age of advanced persistent attacks, just how a hacker was able to get through was less important than what he or she was able to get their hands on, Mokady said in an interview with Calcalist held earlier this month.
The company’s products manage access to critical data points across the organizational network. “An attacker who manages to gain privileged access can take over almost the entire organization and cancel other security technologies installed,” Mokady explained.
CyberArk’s software knows what type of clearance employees have, and raises an alarm when an employee steps out of line, or when an attacker is trying to use employee credentials. The base assumption is that attacks spread within organizations once there is a breach. This compromise of more and more systems after the initial breach is what Cyberark’s software is intended to stop.
“Almost always, some employee will open the wrong email and click on the wrong link,” Mokady said.
Now, CyberArk seeks to grow by offering small and medium businesses a “light” version of its services via the cloud, Mokady said. While big cloud vendors invest in cybersecurity, they pass the responsibility of keeping the data safe to customers, Mokady said.
“That means that if you lacked security and transferred your database to the cloud, the problem remained,” he said.
CyberArk listed on Nasdaq in 2014 according to a company valuation of $500 million. The company reported annual revenues of $66.2 million for 2013. For the third quarter of 2018, the company reported revenues of $84.7 million. The company’s stock has risen by 146% since the float, despite the recent beating of tech stocks.
The company made four acquisitions since listing.
In August 2015, it announced it had acquired Israel-based cyber threat detection company Cybertinel Ltd. In October the same year, CyberArk paid $30.5 million in cash for Waltham, Massachusetts-based Viewfinity Inc. Founded by two Israelis, Viewfinity enables organizations to remove local administrator privileges from users. It has an Israeli branch.
In May 2017, CyberArk paid $42 million in cash for Newton, Massachusetts-based Conjur Inc., a provider of DevOps security software. In March 2018, CyberArk paid an undisclosed sum for cloud security company Vaultive Inc., which, though Boston-based, was founded by Israelis and has a research and development center in Tel Aviv.
While not all of the companies it bought were based out of Israel, all had deep links to the Israeli market, Mokady said.
Of the company’s 1,100 employees, around 400 are currently based in Israel, including most of the company’s research and development team.
Human capital gives Israeli companies an edge, Mokady explained. Due to the nature of the Israeli tech ecosystem—a relatively small pool of people, many of which received initial training and formed interpersonal connections while in military service—the country is in a unique position, especially when it comes to research and development.
“The collaboration between companies, and the employees that move between those companies enrich everyone,” he said.