Adopting a market approach that involves leveraging partners, CyberArk is strengthening its Channel Partner Ecosystem amidst the ongoing digital transformation
The pandemic triggered massive digitisation and an unprecedented migration to the cloud, led to a tremendous uptake in demand for cybersecurity solutions across the industry. With attackers also becoming more innovative and persistant, security has become an important topic that it is a key subject matter at board meetings today.
“We typically engage with approximately 100 or more partners in each of our key markets and our strategy involves identifying three to five partners in each major market who desire to collaborate and invest with us.”
Jason Choong, Senior Director, Partner, and Inside Sales APJ at CyberArk
In an exclusive interaction with SME Channels, Jason Choong, Senior Director, Partner, and Inside Sales APJ at CyberArk along with Ajit Ramnath – Senior Partner Manager – India and SAARC at CyberArk, share insights on CyberArk’s Channel Partner Ecosystem.
How is CyberArk leveraging this higher demand for cybersecurity solutions?
We see our role as akin to Marvel heroes, defending customers from various threats. Each time we assist a customer in safeguarding themselves, we contribute to making the world a better place.
We find joy in helping our customers, and from CyberArk’s perspective, as part of the channels team, our approach involves leveraging partners. India is such a geographically diverse place with so many people, there is no way we can cover the market ourselves. Hence, partnerships become essential as an extended arm to cover the entire market and assist more customers. These partners are always the onesclosest to the customers and will always be the ones helping the customers. With the close proximity, our partners are often the ones the customers will call first.
Our existing partners are crucial, and we empower them by ensuring they understand our solutions thoroughly so that they can better assist customers. Simultaneously, we are expanding our reach by onboarding new channel partners. These partners include Managed Service Providers offering security services, global advisories supporting large enterprises, and cloud service providers with substantial customer bases. The goal is to reach more customers and help them defend against bad actors. At CyberArk, we are on a mission to help clients safeguard themselves against malicious actors.
“Our organisation is laser-focused on identity security and since we originated as a PAM company, our capabilities have evolved to manage any identity within an IT footprint.”
Ajit Ramnath – Senior Partner Manager – India and SAARC at CyberArk
When it comes to the APAC market, you feel it is quite a promising market compared to any other regions in the world. What is the nature of your partner network in this region? What is its size and how are you planning to boost and enhance it?
For CyberArk, the Asia Pacific region spans from Australia and New Zealand to China, Japan, Hong Kong, Taiwan, and India. The region here is very diverse – the landscape in Australia or anyother country is very different from the landscape in India. IT adoption, manpower and the economy are all very different.
We typically engage with approximately 100 or more partners in each of our key markets. These partnerships are established in our major markets. Our strategy involves identifying three to five partners in each major market who desire to collaborate and invest with us. We engage with them in joint business planning sessions, discussing segments to target, setting mutual targets, supporting activities, and allocating resources. This planning extends to the next fiscal year, with regular quarterly reviews to track progress. This focused approach is not only implemented in Asia Pacific but is also globally.
In India, for instance, the four chosen partners have seen positive business growth. We emphasise that the partner’s investment should reach beyond the sales team to include other aspects like marketing. Meetings with business owners ensure alignment in growing the business together, forming a core strategy to enhance our partner relationships and contribute to business expansion.
Are you planning any major investment towards channel expansion in the Indian market?
We actively invest in both the Indian and broader Asia Pacific markets each year, allocating incremental amounts to drive business growth. One key initiative is our Marketing Development Fund, which is specifically designed for our partners.
As mentioned earlier regarding focus partners, we collaborate on joint marketing activities by providing financial support to promote our solutions in the market. Despite our strong legacy in the Privileged Access Management (PAM) market, we are keen on conveying a broader identity security message with our partners. While some still associate us solely with PAM, we aim to collectively communicate our expanded offerings.
Moreover, in line with our strategy to engage more with managed service providers, cloud service providers, and global advisory partners, we are dedicating additional resources. Recognising the distinctive nature of partnerships—from traditional resellers and distributors to global system integrators and managed service providers—we are proactively hiring individuals familiar with each of these partners and how they go-to-market. This ensures effective communication and alignment with their operational models and financial structures. In essence, our investments extend beyond financial support to encompass a deep understanding and collaboration with our diverse range of partners.
Whrn it comes to the India market, what are your key focus areas in establishing a channel strategy and more importantly, successfully running it?
While we have a global strategy for our partners, we recognise the importance of tailoring our programs to the unique characteristics of each region. Within APJ, the regional operations differ significantly. In the context of India, our focus has been on boutique partners and tier – 2 communities, particularly those associated with the distribution route to market.
In alignment with emphasis on exploring multiple routes to market, we are actively investing in areas such as Managed Service Providers (MSPs) and Advisories. These markets hold great promise, and we are strategically directing investments to foster growth in these segments. Importantly, this focus on new markets is designed to complement rather than disrupt the existing channel business. We recognise that traditional channels have their established customer base, and we aim to strike a balance in our approach.
Following a global trend that we have recently intensified in India, we are allocating dollars and resources to a select group of partners. This approach involves nurturing focused partnerships where we aim to maximise the impact of our investments. The goal is to achieve more with limited, yet highly engaged, partners. This nuanced strategy outlines our plan for the upcoming years, emphasising efficiency and impactful collaboration, mirroring our global initiatives.
MSPs are emerging as a very critical segment when it comes to running a business. How is CyberArk approaching this business segment? And do you have a definitive strategy for this or a specific MSP division that you run to cater to the requirements of these MSPs? Please shed some light on this.
We are deeply committed to the MSPspace. CyberArk has a dedicated global team focused on driving MSP partnerships along with specialised business development and technical resources. Across the Asia Pacific region, we already have MSP partners established, with some markets exhibiting greater readiness for MSP adoption than others. In certain markets, we have had successful, long-standing partnerships with MSPs, and we are also engaging with telcos that function as MSP providers.
In the case of India, we are on the verge of finalising agreements with major MSPs. The discussions with them are at an advanced stage, and we are excited about the imminent launch. We believe this initiative will open up a robust route to market for us. Interestingly, as we engage with our existing MSP partners, we are observing a shift where some are expressing interest not only in maintaining their MSP role but also in the ability to resell our solutions.
This evolving trend is intriguing for us, as it signifies traditional MSP partners recognising an opportunity to extend their services. They are encountering customers who prefer to purchase directly from them due to established trust. In response, we are actively exploring the resell motion with these partners. Remarkably, in India, MSPs are expressing interest in a multi-touch engagement, emphasising the importance of not just MSP capabilities but also the ability to resell. This strong market interest aligns with our commitment, and we are fully dedicated to this dynamic and evolving market segment.
There is a trend amongst most of the cybersecurity vendors that they are increasingly embracing a platform approach to security in the cybersecurity landscape. I would like to understand if CyberArk is adopting and embracing something similar to this?
Last year, we launched our Identity Security Platform at our global signature customer event, Impact. Within that platform, we have all the different solutions such as PAM, endpoint management and workforce management.
We are positioning our Identity Security Platform to our current customers and the market. And so far, when we talk to customers and partners, they get very excited about what we have to offer. Our platformcan address customers’ identity security requirements end to end. When we talk to the customer, they see the benefit of this and integrate it themselves. And this is something that the market has picked up as well.
Cybersecurity is a very tech intensive segment. I probably would not have known nor heard of any tech segment which is more tech-intensive than this. Given the fact that it is such a tech-intensive segment, it needs very specific and upskilled training for most of the partners. Here, partner upskilling becomes integral to the success of your business.
What partner upskilling programs are you running to churn out more effective solutions to the market and better educate your partners to serve the market better?
Jason: I have been with CyberArk for about seven years. I still remember on day one when I joined, I asked my manager, who is the APJ president for CyberArk: what is your number one priority for the partner ecosystem? Do we have enough partners? Do we need to sign up more? Are we lacking in some regions? The answer he came back with was very clear – it is enablement. Enablement for the partners is number one. For instance, imagine if a partner is able to sell, talk about our value proposition, do a demo, provide proof of concept, and deliver our solutions. To me, that partner really adds value to the ecosystem. Those are the partners that CyberArk andevery other vendor out there would love to have—an independent value-adding partner. Also, cybersecurity is a fairly technical solution, not just plug-and-play. We need partners who have the right skillset.
We have been pushing and getting our partners to get themselves upskilled as much as possible. Traditionally, we have a lot of partners who are very skilled in our PAM solution. We are also getting them to ensure they are skilled-up in the identity security solution. We typically ensure that our partner gets training and certification done, too. This is the number one priority. And to me, a partner, who can not only sell our solutions and make a margin, but also sell the services, is when they are growing. And as part of that, we have deliberately kept our services team to a minimum to ensure that we do not take away any of the services the partner can deliver to the customer. If we depend on our partners to deliver the services, we want to ensure they are certified and deliver at a benchmark level to meet customers’ requirements.
Ajit: I would like to elaborate on the programs we have implemented to enable our partners. All our partners have access to our comprehensive partner portal, which serves as a centralised resource hub. Notably, the training content on the portal, covering everything from sales to presales and delivery, is free. This allows our partners to train their teams efficiently through self-paced content, enabling them to achieve certification and training on our portal. This facet of enablement is a fundamental benefit for our partners upon joining our ecosystem.
In addition to the online portal, we actively engage in regional enablement initiatives. These efforts are conducted in collaboration with our distributors and strategic partners, delivering tailored content and programs. Our commitment extends to mentorship programs designed explicitly for key partners and individuals.
Furthermore, we facilitate clubs that serve as forums for mentoring certified individuals who have reached a certain level. The goal is to elevate their skills and knowledge to the next level. This multi-pronged approach spans diverse variations across the board, where we selectively identify and mentor individuals, ensuring comprehensive coverage across our partner ecosystem. We aim to empower our partners to effectively communicate and engage with our customers, making enablement an integral part of our partnership philosophy.
Jason: I would like to further elaborate on enablement and collaboration. Traditional enablement often involves a one-way flow of information, much like attending school to learn fundamental concepts. For instance, to implement CyberArk, you need to understand specific concepts and processes, leading to certification.
We have the CDE Club. This club is designed for individuals who have already achieved certification. Instead of a one-way dissemination of information, we facilitate deep-dive topics and encourage participants to share their experiences with each other and our experienced engineers. Sharing practical insights and tricks helps them and creates a collaborative learning environment. This exchange of experiences raises the collective knowledge and skill level of everyone involved. Moreover, the club becomes a valuable resource for troubleshooting scenarios. This sense of community within the CDE club empowers individuals to help each other navigate tricky situations. Whether it is solving technical issues or sharing best practices, this collaborative community enhances the overall skill set of its members.
In the realm of cybersecurity, where technical proficiency is paramount, fostering a community of skilled individuals not only benefits CyberArk but also the customers. The more adept our partners become, the better the outcomes for everyone involved.
Is CyberArk foraying into emerging areas like IoT, SASE, ZT/GT, MDR/XDR?
Jason: IoT is definitely a topic on our radar. We recently had a discussion with our Global Chief Revenue Officer, and he emphasised the importance of sharing more IoT experiences within our organisation. IoT is particularly strong in the manufacturing segment, and we have already secured significant opportunities in certain European markets with a robust manufacturing base. As we engage with customers in these markets, the key question becomes: how do we replicate this success in other parts of the world, including India.
Ajit: Our organisation is laser-focused on identity security. While we originated as a PAM company, our capabilities have evolved to manage any identity within an IT footprint. Our holistic approach to identity management is our primary focus. We do not compete with these technologies. Instead, we view them as complementary technologies. We collaborate with various security players, and many technologies seamlessly integrate with our offerings. Our expertise lies in understanding the focus area: the comprehensive management and security of identities.
Looking at emerging tech like AI or ML or other areas that are coming up, I would like to understand how CyberArk is leveraging this AI. More specifically, generative AI, which is acquiring a lot of capabilities of play and is almost supercharging data analytics.
How are you leveraging generative AI to read data better and to help you better serve the market in terms of cyberattack prevention, detection and mitigation?
AI and ML have been integral to many of our products for quite some time. Most of our current offerings feature a comprehensive AI/ML framework that empowers us to control identities precisely, dictating what they can do.
Regarding generative AI, we acknowledge its burgeoning significance in the market. While it is still early days for us to fully leverage generative AI, we are actively exploring how to harness its power. AI, in a broader sense, is a component deeply integrated into our overall offering, continuously enhancing the technological capabilities we deliver to our customers.
However, it is crucial to recognise that AI is not only a tool for defenders; it also aids attackers. Creating malicious code using AI has become increasingly accessible for attackers. As an organisation, our philosophy aligns with thinking like an attacker. We extensively utilise AI to simulate potential attacker behaviors and understand how they might perceive customers, enterprises, and the larger digital landscape. This approach fuels our innovation strategy, guiding the development of cutting-edge technologies based on a deep understanding of how attackers operate. This utilisation of AI is a vital part of our ongoing innovation efforts.
In the dynamic realm of cybersecurity, CyberArk leads the charge against evolving threats amid digital transformation. With the significance of cybersecurity taking centerstage in boardrooms, CyberArk is delivering a strategic response to the surging demand for cybersecurity solutions. CyberArk sees itself as a defender, contributing to a safer world with each client safeguarded. We leverage partnerships as extended arms, empowering existing partners and expanding ourreach in the vast Indian market. In the tech-intensive landscape, partner upskilling takes precedence through robust enablement programs. As CyberArk pioneers emerging areas like IoT and explores the power of AI, including generative AI, it cements its leadership role in shaping the future of secure digital environments.
