We are excited to bring Transform 2022 back in person July 19th and virtually July 20th – 28th. Join AI and data leaders for informative talks and exciting networking opportunities. Register today!
Cyolo, a provider of zero-trust network access 2.0 (ZTNA 2.0) solutions for IT and operational technology (OT), says the demand for data has increased dramatically in recent years and VPNs and other methods could not meet organizations’ demands not. The company added that organizations now need a safer way to connect individuals to the distributed resources that are essential to their work.
ZTNA offers an alternative to VPNs to restrict access to remote servers. According to Gartner, 60% of organizations will switch from VPNs to ZTNA by 2023.
Almog Apirion, CEO and co-founder of Cyolo, said ensuring digital transformation is largely an identity issue. According to Apirion, enterprises can provide comprehensive identification-based access for all users, applications and assets when providing a solid digital identification.
Identity, he said, is the new access key as it allows users to access the resources they need without disclosing all of an organization’s digital assets. Gartner predicts that by 2024, 30% of large businesses will implement new identity proof tools to address common weaknesses in workforce identity life cycle processes.
Proof and secure digital trust
Cyolo claims that it securely connects all organizational users (remote and on-site, third-party, OT and so on) to all their work environments (on-premises, cloud, hybrid), enabling them to be more productive while protecting the network of access-based hazards. Apirion claims that Cyolo addresses issues with high-risk access and third parties. He argued that while third-party users, such as salespeople and contractors, are often essential to an organization’s success, they also pose a significant risk.
In addition, Apirion said the lack of strong verification is one of the problems Cyolo wants to solve. He said many traditional local and outdated applications do not have modern authentication, such as multifactor authentication (MFA) and single sign-on (SSO). I added that Cyolo allows organizations to expand cloud SSO and customizable MFA to traditional applications, quickly, easily and cost-effectively. I have argued that the result is stronger security and greater compliance readiness.
Apirion claims Cyolo can also solve the use of generic and shared accounts. He said that to deal with operational complexity, businesses are often required to manage multiple user accounts for each application and may be required to use generic accounts (share access credentials with many users).
This behavior, he said, leads to a lack of traceability, increases the risk of transgressions and disregards important compliance obligations. I added that the business uses SSO to provide centralized secure user access and connectivity to resources and applications, enabling more control and visibility.
Cyolo also aims to strengthen businesses’ OT remote and on-site access. According to Apirion, most firms find it challenging to secure remote access, but it becomes even more challenging when OT environments are involved.
The Cyolo solution, he claims, is specifically designed to bring secure digital trust to OT systems. This includes compliance and oversight features, such as ongoing and timely identity-based authentication and MFA authentication, as well as time-of-day and location-based user validation, session recording, and controlled access to resources and applications.
According to the company, it enables organizations to build their own distributed clouds based on infrastructure-as-as-service (IaaS), software-as-a-service (SaaS) and the existing world (DCs, campuses, co- location facilities and industrial locations) using a single solution, a single policy and a consistent user interface. Cyolo claims that because it does not care where applications and users are located, it offers cloud benefits such as infrastructure abstraction.
Through robust identity-based access restrictions, Apirion says that Cyolo enables businesses to connect geographically dispersed users to their local, IaaS or SaaS applications. The technology can also integrate with numerous IDPs to enable third parties or M&A activities, as well as gain visibility and control over who joins which resource and what happens.
Cyolo’s Agentless First Strategy gives users a streamlined web-based procedure for accessing their resources. With this, bandwidth restrictions and VPN agent issues are no longer issues, according to Apirion. Organizations can use Cyolo to integrate their existing point solutions for IT and OT resources, MFA, SSO and other things and build consistent controls from a single dashboard.
By hiding their infrastructure behind Cyolo and blocking all public network access, organizations can reduce their overall attack surface. Apirion says that by doing so, organizations can apply complete, real-time user access and control to applications, as well as hide application credentials for connected users, both trusted and untrusted.
Distinguish between the zero-trust network access market
As a CISO, Apirion teamed up with two ethical hackers to establish Cyolo. According to Apirion, they decided to shake up the market by taking an original grip on the architecture that would support an organization’s ongoing digital transformation. He says this is why Cyolo’s identity-based access control is exclusive to the market.
Cyolo features an untrustworthy architecture in which the company does not see or maintain access keys, only the customer does. Cyolo can provide MFA and SSO capabilities to offline systems and works in all contexts, including cloud, on-premise and hybrid models. Apirion added that Cyolo’s compliance and reporting features include session recording, supervised access and full visibility on who accessed where and what happened.
One of its competitors, Zscaler, has an operation that depends on GRE tunnels, agents or PAC files. Another competitive service, Appgate, has a complex architecture, which according to Apirion has limited support for low-bandwidth connections due to its agent-based design. NetScope, another competitor,’s traffic passing through its cloud is repeatedly encrypted and decrypted, significantly reducing performance, Apirion said.
According to the Cyolo CEO, the company has developed a security architecture where all data always stays with the customer, unlike other cloud-based security technologies that store or process consumer information internally. He said that consequently, unlike other ZTNA providers, Cyolo has no access to or insight into customer data, which effectively eliminates the possibility of data exposure.
Cyolo has also just announced a $ 60 million B-Series B financing led by National Grid Partners, National Grid’s Enterprise Investment and Innovation Arm. That brings the company’s total funding to $ 85 million, including a series of A-rounds completed in 2021.
VentureBeat’s mission is to be a digital town square for technical decision makers to acquire knowledge about transforming enterprise technology and conduct transactions. Learn more about membership.