Startup takes cybersecurity out of IT department, into C-suite
By Rodika Tollefson, ThirdCertainty
Traditionally, cybersecurity has been the domain of a company’s chief information officer or someone else in the IT area. But as major cyber attacks, such as those on Target and Sony Pictures, have demonstrated, cybersecurity is very much a concern for the CEO, top managers and even the board of directors.
When Shay Zandani, founder and CEO of Cytegic, a cybersecurity resource management startup based in Tel Aviv, Israel, noticed that cybersecurity was no longer simply a technical matter, he saw a trend.
“A few years ago, this was an issue for the CIO. These days, it can’t be left out of the boardroom,” he says. “The board of directors needs a language they can understand—the language of risk, the language of assets.”
And it needs to be quick, he says.
Security & Privacy Weekly News Roundup: Stay informed of key patterns and trends
The problem, he says, is that traditionally there’s been a disconnect between the C-suite and the IT department. So Zandani—who founded the information warfare department for the Israeli Air Force and served as CEO for PricewaterhouseCoopers GRMS—saw an opportunity.
Together with Elon Kaplan, a strategy and organizational psychology expert, Zandani launched a company to fill that gap, while giving CEOs, boards and top managers an easy way to understand their company’s cyber risks.
Cytegic, came out of stealth mode in January after launching in 2012. With several major customers in Israel, Europe and Mexico, the goal is to expand into the U.S. market this year. Once a few “reference customers” are secured here, the company will seek a round of venture investment.
The startup’s offerings include three products. CyMA, or Cyber Maturity Assessment, is a platform that collects and analyzes internal data to assess the company’s cyber defense controls.
DyTA, or Dynamic Trend Assessment, is an intelligence analytics platform that uses external data—everything from information on threats and attackers to geopolitical and industry insights—to identify threats. CyMA and DyTA can be used separately or together as part of the third product, Cyber Decision Support System or CDSS.
The CDSS is not only predictive, but also enables “what-if” scenarios.
“You can see how the needle will move—if you are going to invest into this defense or that defense, what should you do?” Zandani says.
Woman-powered dev team
One of the aspects that makes Cytegic unique is its all-female development team. At its helm is Keren Gabber, vice president of research and development.
Trained as a developer in the Israeli army, Gabber has been involved with Cytegic almost from inception and has had her hands in all things related to the technology, deployment and other major decisions.
“We clicked,” she says of her reason for joining Cytegic.
While serving in the army for six years, Gabber, whose top rank was lieutenant, developed command-and-control systems for the army headquarters.
Among the projects she worked on was an award-winning system designed for decision-making and high-level data—much like Gabber’s current work at Cytegic.
“The army training was much better than university,” says Gabber, who also studied psychology and computer science at the Open University of Israel.
The launch of Cytegic’s product suite was only the first phase for Gabber and her team. In addition to working on new features, she’s involved with scaling and expanding the products into the new markets.
As with many startups, Cytegic’s environment is more collaborative than hierarchical.
“All ideas are thrown into the air, and I collect them and make stories out of them,” she says. “We prioritize them and look for ways to make them into solutions … based on market needs.”
Taking it to the U.S.
Zandani says one of the reasons he has set his sights on the United States is because about 50 percent of the cybersecurity market is here—a market that’s estimated to grow to about $120 billion in the next few years.
He plans to move to the United States with his family, and Cytegic already is in the process of opening offices in New York City, with the West Coast on the drawing board.
The reason for the rush to get established in the American market this year is Zandani’s belief that what Cytegic offers is a new way to approach cybersecurity.
“It’s going to be there in two to three years, and we want to be the big player,” he says.
“It was very clear that there’s a need to move away from the old, traditional way of writing reports, doing surveys into something that was agile, quick—something meaningful in business terms,” he says. “This is what we do.”
More on emerging best practices
5 data protection tips for SMBs
What SMBs need to know about CISOs
Protecting your digital footprint in the post privacy era