Winning the Cybersecurity Mode Market – Breadth and Depth

When I was a recent engineer graduating from graduate school and joining Cisco, I was often struck by former CEO John Chambers (now an investor in Balbix). He was describing the pursuit of large and growing markets where Cisco aspired to become No. 1 or No. 2 in the market. A decade later, and many more security products after, his clarity of thought and ambition to lead in new markets still lingers in my mind. If I were to describe why I joined Balbix, it would be for this reason – to be part of a company that is going to be #1 or #2 in a big growing market. Balbix is ​​a market leader that has been called by many names and, most recently, the cybersecurity mode market. But why is Balbix in the cybersecurity mode market? Allow me to explain…

What is the cybersecurity situation market anyway?

In its simplest definition, a cybersecurity situation is an assessment of how secure your organization is. For a more detailed definition, see over here.

From an end-user perspective, you can ensure your organization is positioned with an inventory and the foundation of what you have in terms of assets, weaknesses, and controls. This allows you to map your attack surface. It also helps you understand the risks in your assets.

Once you determine your base position, it should be continuously and automatically updated. Real-time visibility is certainly important, but the value of managing a cybersecurity situation is much more than that. Determining your security situation allows you to drive a large number of use cases with useful results, for example:

  1. Cyber ​​Asset Attack Surface Management (CAASM)
  2. Risk Based Vulnerability Management (RBVM)
  3. Cyber ​​Risk Quantification (CRQ) and Board-level Reporting

There are many other overlapping use cases and diamonds associated with the security situation, but Balbix focuses on these three cases that are number one on the minds of CISOs today.

It is a fragmented market today. who wants to play?

As you might have inferred from the above use cases, the market is crowded. and noisy. Today it is fragmented but that is rapidly changing. There are vendors – such as CMDB, asset management vendors, IoT/OT management vendors, and traditional vulnerability management vendors – playing in one use case and wanting to expand into another. Some cloud security vendors also want to provide a comprehensive view of on-premises and cloud assets. Meanwhile, endpoint discovery and response (EDR) and Extensible Discovery and Response (XDR) vendors are leveraging their endpoint fingerprint to move up the food chain and provide analytics and vulnerability insights.

Then there are Managed Security Service Providers (MSSPs) who are integrating different point products into broader offerings. And lest we forget, global systems integrators, who lead CRQ programs by solidifying their services with some of the previously mentioned categories of security products.

Finally, there are vendors I call the original situation: cybersecurity startups that are built from the ground up using a data-driven approach. They are building state-of-the-art technology stacks that look at both on-premises and in the cloud, of this size and that have automation at the center of what they do. No points for guessing which bucket the pecs are in!

Players in the Cybersecurity Mode Market
Players in the Cybersecurity Mode Market

Some of these players will go it alone, some will be a partner, some will be data sources or enabling technologies for others, and some may be a combination of these. For example, Balbix creates a standardized risk model by ingesting data from our customers’ existing IT and security systems (including those listed above) and then works directly with our customers or through service partners to help our customers manage and improve their cybersecurity situation.

Balbix’s unique approach – breadth and depth

Balbix has built its platform around an asset-centric risk model, where an asset can be a physical device, a virtual asset observed on a network, an application running on an asset, or a user observed on a network. Balbix can detect assets using API-based connectors in third-party sources or using their own native sensors. Balbix then uses advanced analytics to classify assets and fill in over 400 asset attributes, correlate and infer weaknesses, and calculate risk for each asset.

This first view of assets provides Balbix users with a risk model with the breadth and depth they need to see and manage security vulnerabilities and cyber risks.

Zoom out – solve for widening

Balbix dashboards enable CIOs and their teams to define their cyber risks in monetary terms (in dollars, yen, etc.) to improve how they report cyber risks to the CEO, CFO, and Board of Directors. With Balbix, CISOs can provide data-driven insights and quickly improve the position of cyber risks by focusing on the most critical weaknesses first. Balbix is ​​the only platform that can process CAASM, RBVM, and CRQ use cases in a single view.

Minimization and reporting of cyber risks by business unit and location
Minimization and reporting of cyber risks by business unit and location

Zoom – Depth Solution

At the core of Balbix’s vision is the ambition to use data to solve some of the toughest problems in security. Being data-driven allows Balbix to dig into minute details with precision. Customers can segment and slice asset and vulnerability data for more patchy information and reporting. Balbix customers can also use this data to work at high speed when critical issues arise. For example, Balbix helps its clients identify thousands of applications that use log4j including thousands of custom applications.

Zoom in and analyze vulnerabilities (above) and assets in fine detail
Zoom in and analyze vulnerabilities (above) and assets in fine detail

To me, the breadth and depth of its risk model is what will allow Balbix to win in the cybersecurity mode market, and why I’m excited to be part of the team.

Leave a Comment