Cybersecurity concerns continue to grow among enterprise decision-makers, as companies invest in new technologies to defend their businesses against ever-evolving cyberthreats. One survey of cybersecurity providers by McKinsey discovered an almost-sevenfold increase in spear-phishing attacks since the pandemic began. Another article by McKinsey said the COVID-19 pandemic has forced rapid changes on corporate cybersecurity functions.
While the pandemic accelerated digital transformation across the global enterprise ecosystem, it also widened the enterprise attack surface — leaving room for malicious actors to strike organizations with sophisticated attacks. Most popular on a long list of attacks that have impacted several sectors in recent years are the SolarWinds and Kaseya supply chain attacks, as well as the Colonial Pipeline ransomware attack.
CYE, a Herzliya, Israel-based cybersecurity company that provides organizations with data-driven cybersecurity solutions at scale, has launched a new group called Critical Cyber Operations to provide what it calls a “data-driven and mathematically-proven cybersecurity investment optimization capability that allows rapid, accurate and efficient cybersecurity maturity construction.”
Reuven Aronashvili, founder and CEO at CYE, believes cybersecurity is broken, as big companies already have too many weaknesses — therefore making it difficult to take control over all of them. While budgets are growing for security, according to Aronashvili, the revenue of offensive attackers hit $1.5 trillion from offensive activities in 2018 alone. He said CYE’s Critical Cyber Operations will offer data forensics and incident response (DFIR), threat hunting and computer threats intelligence (CTI) assessment, advanced cyber architecture solutions and executive cyber and physical protection.
How CYE’s platform works
CYE’s Critical Cyber Operations is all integrated into the company’s Hyver platform which delivers business insights and optimizes the reduction of cyber exposure by analyzing contextual security data over the organizational risk profile.
The platform is cloud-based and works in three levels:
- Attack route visualization: This offers a fully automated attack route mapping that conducts comprehensive cybersecurity assessment covering the entire organization, creates full visualization of the attack surface and displays complete attack routes and vulnerabilities that are able to be assessed in real time.
- Risk quantification: This level uses automated route modeling and machine learning capabilities to accurately quantify the risk that each vulnerability possesses. It translates technical risks into business risks by correlating attack routes, exploitability, business asset importance, cost and other parameters. Risk quantification also uses threat intelligence, hunting capabilities as well as community and expert knowledge to help security teams track, report, benchmark, and optimize their security effectiveness.
- Mitigation optimization: At this level, the platform creates an optimized mitigation plan by weighing potential business impact against the exploitability of a threat and cost of mitigation. It also provides actionable steps to mitigate relevant threats, starting with those that present the highest risk to business assets — all while enhancing organizations’ security postures and enabling efficient allocation of resources and remediation efforts.
Aronashvili said the purpose of the platform is to provide comprehensive decision-making capabilities after thorough analysis executed by considering things like the vulnerabilities of an organization, how likely they are to happen, threshold for each vulnerability, cost in case of a breach and more.
“This provides clear decision making parameters for decision makers, they can see the numbers and make the decisions based on their risk appetite, budget, etc. The whole point of the platform is to help decision-makers make decisions with data,” he said.
AI and ML capabilities
Aronashvili said CYE uses AI and ML in different parts of its platform, for things like predicting risk, cost and the likelihood for exploitation. The future of AI and ML will help in curating the data, improving predictions and being able to anticipate the modus operandi of attackers, he said.
“Attackers are also using AI and ML and improving their evasion capabilities. Our solution will improve but also the attackers at the same time will. It’s going to be an endless game, but the scientific approach that we are providing is changing the way that cybersecurity is perceived from reactive/passive to something that’s more predictive and prescriptive,” said Aronashvili.
He also said CYE will consider new features that can further benefit from AI and ML, with plans to improve its discovery, data collection and prediction capabilities on a continuous basis.
CYE is active in several cybersecurity categories, but Aronashvili said it’s difficult to name direct competitors. He said while there are entire companies that address each feature that CYE offers, the company provides a comprehensive approach that’s difficult to find elsewhere.
“Consulting firms are similar to us in the sense that they provide a strategic solution based on financial analysis, but we have the platform to provide the complete solution. Our platform is real-time, which provides an instant, easy-to-understand, and timely solution,” he said.
Market opportunity for Critical Cyber Operations
Aronashvili noted that CYE’s customers are exposed to attacks from a wide range of actors, from cybercrime to superpowers. He said these attacks can be for various purposes like CNE, CNA & CNI, or even CN-ALL and supply chain attacks.
The digital footprint of organizations is growing and causing the attack surface to grow exponentially while visibility and quantification remain a problem, said Aronashvili. “CISOs are struggling with too many service providers, tools and vendors. Multiple vendors are leading to confusion and errors, noisy environments and strong dependency on multiple niche products, causing a difficult decision process.”
He noted Critical Cyber Operations solves this challenge for CISOs who are looking to get a single tool that gathers all their critical assets and findings.
According to Aronashvili, Critical Cyber Operations operates based on an intelligence-oriented behavioral approach and consists of experienced cybersecurity professionals with an in-depth knowledge of technical operations. He said they have proven experience confronting and/or executing state-level cyberattacks, and capabilities to guide, lead, and perform defense, technology and cyber operations.
Aronashvili declined on stating the exact number of CYE’s customers, but said the company has customers across all industries — many in security, finance and health care, as well as those in several multinational organizations and Fortune 500 companies. The company saw a 150% growth in customers in 2021, according to Aronashvili.
CYE has a current headcount of 130 and expects to double the number in the next 12 months. The company has raised $140 million in total funding to date. Following this launch, cybersecurity expert Shmulik Yehezkel joined CYE to lead the Critical Cyber Operations group. The company also added tech industry veteran, Steve Midgley, to its leadership team as Chief Revenue Officer. CEO and founder, Reuven Aronashvili, was a founding member of Israeli army’s Red Team and Incident Response Team.