Nov 3, 2020
6 min read

From CISO to Founder: How We Built A Truly Secure Access Solution

Written By

Almog Apirion

I started Cyolo with a deep understanding that secure access should be simple. After two decades in cyber security including an extended service in the Israeli Navy and assuming the role of the CISO of a large global corporate, I was on a mission. I was going to build the secure access solution that would answer the pain points I myself experienced as a CISO in creating secure remote access.

CISOs have to deal with a delicate balance of maintaining the company’s security posture and protecting its assets against sophisticated cyber-criminals, without disrupting the business with too many operational requirements. Often, this leads to internal friction resulting in red tape and exasperation, or worse – data breaches.

But I knew there could be a way to make secure connections easy to manage and transparent to use, by making them network and platform agnostic. By removing the burden from the shoulders of the IT Managers and CIOs and pushing the Zero Trust model to the edge, we succeeded – and created a security solution based on simple access services that would not stall business connectivity or performance.

It all started out with China. No, it’s not what you’re thinking. This was “The Great Firewall of China”. When I was the CISO & IT Technologies Director at a global corporate in the hardware industry, we had 20 offices in The Great Dragon. So you can understand they were a valuable geography for us. These offices were in constant communication with the rest of our global offices.

All traffic coming in and out of China goes through a national firewall. Every once in a while, China caps this communication. For example, when they hold national Communist Party conventions. Suddenly, our 20 offices could not connect to our corporate network and communicate with us. As you can probably guess, this caused quite some panic upstairs.

Removing Network Security Constraints

That’s when I understood that secure connection could not be based on corporate network access, via VPNs or LANs. Relying solely on the company network creates too much of a strain on a business, and defeats the whole concept of business continuity and agility. The challenges of maintaining a corporate network place CISOs and CIOs in the hubbub of balancing out the business need to communicate and progress, with the business need to keep systems and assets safe. Unjustifiably, security and IT are perceived as a unit that puts spokes in the wheels of the business. 

Two more events that cemented this realization were two M&As we went through. We acquired one company and were acquired by another. In both cases, we had to connect without being connected. By our networks I mean. We merged entities but could not merge our networks. And yet, the executives needed to connect to the ERP pronto, not in six months, and without compromising our attack surface.

So I had to come up with a secure connectivity and access solution that was not network bound. Everything I knew about providing access to employees, suppliers, contractors and partners through a corporate network – went out the window. The solution had to be Trusted IDs, the user ID and device ID. These were the first steps of implementing Zero Trust.

Aligning Zero Trust with Business Goals

Our network situation at this corporate was not unique. The new working environment is distributed across different networks, environments and platforms. These include on-prem data centers, Cloud, PaaS, IaaS, and co-location services. The borders between personal environments and work environments are being diffused. Endpoint devices are going mobile and using various operating systems. The “perimeter” is fuzzy and the crown jewels need to be accessed from a mobile device built by an esoteric manufacturer at 5am on a Sunday from a location far far away.

Securing such networks requires a solution that operates with the goals and objectives of the company. It has to be aligned with the security policy, resilience and user experience required by the business. Above all, agility is a key factor as it’s impossible to forecast the future so we need to ensure existing technologies will support them without the need for expanding the toolset further. If the way we secure the network does not align with our business goals, we don’t change the business, we change the security.

Therefore, the implemented security platform needs to provide a security layer that connects different users and their devices to information assets regardless of the network they are coming from. In addition, it has to be simple to use, cost-effective and easy to implement and maintain.

Introducing Cyolo

Cyolo is the answer for businesses who wish to overcome network connectivity challenges  while maintaining business activities. Cyolo enables connecting both onsite and remote users to resources, applications, files, servers and desktops and any required component in the network, without enlarging your attack surface…being bound to organizational networks like VPNs or LANs. Continuous user and device identification and validation is key, while focusing on reducing the risks of malware and data leakages. 

It’s a new way of implementing security, based on the principles I outlined above. Cyolo transfigures and remodels corporate networks. Geographies and existing infrastructure are no longer relevant. Users can seamlessly connect from China, Ecuador, Colorado or France, from any network, be it the public network or a partner’s network on AWS. Businesses can create their own organizational cloud, according to their needs, without being restricted to VPNs. For the users it’s transparent. For the business it means they can keep going in a cost-effective way while taking the most advanced security measures.

In the case of an M&A, for example, organizations need little more than a 5 minute installation of Cyolo to get employees from any of the entities access to assets and systems. This saves a lot of time and hassle, helps integrate and intertwine the company and the products, lets both companies hit the ground running and creates a sense of union for employees of both companies.

For CISOs and IT Managers, Cyolo reduces a lot of the heavy lifting. Using Cyolo means less integrations, less coordinations, less management upkeep, less overhead and more flexibility. It means enjoying all the advantages of a cloud network, minus the actual building. CISOs can manage remote users and privileged ones, control access and above all – to be focused and do more with less.

But Cyolo is more than any Zero Trust access solution. It’s a truly secure Zero Trust provider. Our architecture is the safest because no encryption keys, policies or directories are kept in our cloud. You always have to trust your Zero Trust provider with your crown jewels, but in our case, you keep them to yourselves.

In addition, Cyolo also monitors the network while the users are inside, covering aspects like session recording, auditing and logins. Finally, as promised, Cyolo is a simple solution, with one unified platform that integrates into any environment and provides privileged access management solutions to all devices and systems.

Cyolo became the answer to my own needs as a former CISO. Sign up for a demo to see how it can become the answer to yours.

Almog Apirion


Almog Apirion is CEO and co-founder of Cyolo. He is an experienced technology executive, a "recovering CISO," and the founder of the Israeli Navy Cyber Unit. Almog has a long history of leading the cybersecurity and IT technologies domain, with a background that includes building and securing critical infrastructures at large organizations, and leading teams to success.

Subscribe to Our Newsletter