Dear Mrs. Schriefer, how would you describe IMPERVA in 3 quick-witted words?
Reliable. Innovative. Resilient
Please introduce yourself briefly and tell us something about your background.
My career took me straight abroad, starting in the software industry and quickly evolving towards cybersecurity. I am inspired by the dynamic environment, the fast pace, the collaboration in an international context, and the sense of truly making an impact.
I primarily work with large German corporations, advising and supporting them in developing security concepts and strategies. At the same time, I am a passionate advocate of lifelong learning and have completed both an MBA and an MSc in Cybersecurity in recent years. My passion and mission are to inspire more women to join this exciting field.
Additionally, I’m always ready to climb any mountain and explore as many countries around the world as possible.
What distinguishes IMPERVA from other providers?
Imperva has its roots in Israel and, since its acquisition by the French Thales Group, has become a Europe-based company. Imperva stands out with its unique approach to integrated application security and data security. We offer a comprehensive platform that ensures holistic protection for web applications, APIs, and databases.
Our solutions are powered by advanced AI-driven threat intelligence, enabling faster detection and mitigation of cyber threats. Additionally, our global presence and 24/7 support ensure that businesses are protected anytime, anywhere. Our mission is to safeguard data and all access to it.
How does IMPERVA help other companies?
Imperva helps businesses by providing robust security solutions that protect their most critical assets—data and applications. From securing websites and APIs against attacks to protecting sensitive customer information stored in databases, our solutions are designed to reduce risks, ensure compliance, and maintain the integrity of businesses. Whether a company needs protection from DDoS attacks, data breaches, or insider threats, Imperva’s suite of security solutions provides peace of mind and operational resilience.
What do you see differently from prevailing opinions in the field of cyber security?
A common belief in cybersecurity is that perimeter protection alone is sufficient to safeguard data. At Imperva, we see things differently: we believe a data-centric and flexible approach is essential, one that adapts to today’s hybrid IT environments. As data is increasingly stored across a mix of on-premises, cloud, and hybrid systems, it is critical to align security strategies with the agility and diversity of this data.
Furthermore, we believe that automation and artificial intelligence play a key role. However, we advocate for a balanced model that combines AI-driven threat detection with the flexibility andexpertise of human analysis. This interplay ensures not only rapid responses to threats but also strategic decisions that account for the specific needs of businesses.
How does IMPERVA’s AI-powered Attack Analytics and Data Risk Analytics improve detection capabilities?
Attack Analytics enhances our Web and API threat detection capabilities by leveraging global threat intelligence feeds and behavioral analysisIt aggregates and analyzes all security alerts, identifies common characteristics, and groups them into meaningful security incidents.. Imperva’s Data Risk Analytics leverages AI-driven analytics to understand how our customer’s sensitive data is used to provide actionable insights, ensuring swift risk mitigation and reducing false positives. It helps uncover suspicious data activity and prioritize critical incidents among billions of audit events.
What role does Imperva’s API security play in modern cloud environments?
Our API Security solution is crucial for protecting the growing number of APIs that companies rely on in their cloud environments. It secures both internal and external APIs, monitoring traffic for suspicious activities and ensuring that data transfers are secure and compliant with regulatory standards.
Can you explain Imperva’s focus on Zero Trust Architecture?
At Imperva, we embrace the Zero Trust model by monitoring the authentication and access activity. For a Zero Trust security model to succeed, organizations must create a suitable environment that includes specific fundamental functionality to ensure the implemented Zero-Trust controls are enforced and not misused. This starts with visibility on how the data is used which requires rigorous data activity monitoring (DAM) of all data repositories. The model must also feature strong analytics, automated threat detection to reduce the risk of account hijacking, and orchestration to make verification easier and affect faster responses to data misuse.
How does Imperva ensure compliance with global data protection regulations like GDPR or CCPA?
Imperva’s data protection solutions are designed to help organizations meet stringent regulatory requirements such as GDPR and CCPA. We provide automated compliance reporting and monitoring tools that ensure sensitive data is identified, classified, and protected. Our solutions enable real-time data activity monitoring, ensuring that access to sensitive data is tightly controlled, logged, and compliant with both local and international data privacy laws.
What makes Imperva’s DDoS Protection solution unique in mitigating attacks?
Our DDoS Protection is unique due to its ability to handle massive-scale attacks, with a network capacity of over 13 Tbps. We provide always-on protection, meaning that businesses can operate without interruption, even during an attack. Furthermore, our DDoS solution is backed by a global network of over 60 scrubbing centers, which detect and neutralize attacks in real time, ensuring no performance degradation and full uptime during attacks. Additionally, Imperva is the only vendor that guarantees a 3-second SLA for detection and remediation through our licensing agreement.
What’s next – what’s on your technical roadmap, what are your plans for 2024 and beyond?
For 2024, we focused on enhancing our AI capabilities and automation in threat detection and response. We also expanded our range of API security solutions to support the rapidly growing API ecosystem. Additionally, we plan to further develop our cloud-native security solutions and deepen integration into multi-cloud environments to provide unified and seamless protection. Another key focus will be on automating compliance processes to help businesses meet regulatory requirements without compromising security.
If you could send an email to all CISOs to address a security issue, what would you choose?
Our message to all CISOs would be: Make data security your top priority. Of course, protecting networks and systems is important, but ultimately, cybercriminals are after the data. Ensure that robust data protection measures, such as encryption, are in place, and continuously monitor the environment to respond to potential threats early. In a dynamic environment, CISOs should also strengthen their organization’s resilience by flexibly adapting strategies and processes, with a strong focus on disaster recovery and business continuity.
Imperva is part of the Provider Directory.
