Cyber Leaders of the World: Raz Karmi, CISO at SimilarWeb

Please tell us a bit about yourself, your background and your journey in SimilarWeb
I have over 20 years of experience in the fields of information technology and information security. In recent years I was mainly focused on SAAS based companies so I am very familiar with cloud technologies and cloud security.

I joined Similarweb 2 years ago when the pandemic started so the whole onboarding process was done remotely which was challenging. In addition, the company was in its pre IPO stages which required a lot of time and effort towards pre IPO related tasks which was also very challenging but on the other hand super interesting.

As the company’s CISO meaning I am responsible for all aspects of the company’s security which includes the corporate networks, cloud environments, SAAS applications, application security, governance and regulations, interacting with customers and prospects and many more.

Tell us about your business, what is the story behind SimilarWeb and what differentiates your platform from others in the market?
Similarweb’s SAAS platform empower users to discover and capture the best business opportunities and proactively respond to emerging threats to their business. 
These solutions are powered by Similarweb’s proprietary technology that analyzes billions of digital interactions and transactions every day, from millions of websites and apps, and turns these digital signals into actionable insights. 
The digital intelligence solutions address the needs of users across entire organizations, from entry-level employees to the C-suite. Similarweb solutions are easy to use and integrated into the users’ workflows for adoption and maximum business impact.

What are the top 3 cyber risks your company and customers face today?
Being a SAAS company, the main 3 risks we currently focus on are :
1. All aspects of cloud security which include, misconfigurations, access rights and many more.
2. As a data company, all aspects of data privacy and security are top of mind for us.
3. The supply chain can also present a threat through open source vulnerabilities, API’s, and third party vendors.

In terms of our customers, identity theft is a risk that we are monitoring on an ongoing basis with various technologies.

When it comes to information security, what do you think are the biggest pain points in the market in GRC?
Complexity in both implementing and maintaining an up to date GRC program and awareness of its importance across all company departments.

On a more personal note, what values are most important to you as a leader?

1. Have a clear vision of the goals and objectives and share them with the relevant parties
2. Transparency in order to build trust and respect amongst my co-workers
3. Empowerment and development of my team members
4. Dedication to the company and work related tasks