Tony Velleca, CEO
With the recent wind of ‘digitalisation,’ the IT ecosystem has undergone a considerable number of transformations. Enterprises are consequently buying more cybersecurity products and spending a lot of money to patch each of their vulnerabilities. Even then, there are finding it difficult to prioritise their best course of action between the two.
Today, many enterprises are indicating that they spend too much time firefighting and dealing with false positives. Businesses are also often crippled by a significant shortfall of security experts across cyber operations from assessment, containment, and post-breach remediation. Stemming from these setbacks, the array of potential risks, involving phishing, social engineering, malware, user error, malicious insiders, and more, can make enterprise security convoluted. It was a similar situation for a large financial institution, which faced a hard time overcoming the challenges of ransomware attacks. The “friend in need” for the financial institution was CyberProof. With a risk-based assessment approach, CyberProof helped the client prevent a potentially disastrous ransomware attack by addressing the most important vulnerabilities first in addition to helping to work down the backlog by adding engineers.
CyberProof offers a sound cybersecurity solution by analyzing the biggest breach risks and focuses its resources on managing vulnerabilities, building detection rules, and improving responsiveness when an attack occurs. CyberProof leverages AI technologies to collate, contextualise, and analyze alerts and vulnerabilities to allow quick response in a pre-defined, prioritised, judicious, and automated manner. To this end, CyberProof has developed SeeMo—a learning bot that takes an active part in threat detection, analysis, and response tasks and optimises them further in every iteration.
“With SeeMo, a customer can automatically enrich event data, identify the most important alerts and accelerate incident response time,” says Tony Velleca, CEO of CyberProof. In case of any incoming alert, SeeMo automatically provides context. For example, the IP address may be defined as a user, the network, and as part of a system to help determine its “risk” and prioritise them. The platform then creates digital playbooks aligned to these smart alerts based on its priority and thereby minimises response time.
With SeeMo, a customer can automatically enrich event data, identify the most important alerts and accelerate incident response time
While enterprise CISOs often uses Managed Security Solution Providers (MSSPs) to sift through a large number of events and escalate alerts, the pertinent problem is that most operate as a black box. There is a lack of transparency and context that limits the proper response. To address this, CyberProof offers customers visibility into their security operations and gives them the ability to improve the effectiveness of their cyber defence. The company has created a custom-built orchestration platform that correlates data to enrich alerts with additional information and enable visibility into vulnerability management, detection, and response. “We help our customers to understand the impact of their cyber spend while continuously reducing their risk. This ensures that risk is crystal clear and their cyber investments make sense,” says Velleca.
Velleca envisions a future where SeeMo and the CyberProof platform evaluate cyber risks in relation to the well-known kill chain and provide clear measures of cybersecurity risk that are used by board members to understand and make the right decisions on how to manage this risk most effectively—with the residual risk being addressed with cyber insurance. “Cybersecurity is a fast-changing, cold-war-like problem. We believe that working with the top CSOs, SeeMo can learn and adapt quickly and provide a capability to focus resources in the best way to reduce risk,” says Velleca on a concluding note.