Startup takes cybersecurity out of IT department, into C-suite

Share on FacebookShare on Google+Tweet about this on TwitterShare on LinkedInEmail this to someonePrint this page

By Rodi­ka Tollef­son, ThirdCertainty

Tra­di­tion­al­ly, cyber­se­cu­ri­ty has been the domain of a company’s chief infor­ma­tion offi­cer or some­one else in the IT area. But as major cyber attacks, such as those on Tar­get and Sony Pic­tures, have demon­strat­ed, cyber­se­cu­ri­ty is very much a con­cern for the CEO, top man­agers and even the board of directors.

When Shay Zan­dani, founder and CEO of Cyte­gic, a cyber­se­cu­ri­ty resource man­age­ment start­up based in Tel Aviv, Israel, noticed that cyber­se­cu­ri­ty was no longer sim­ply a tech­ni­cal mat­ter, he saw a trend.

A few years ago, this was an issue for the CIO. These days, it can’t be left out of the board­room,” he says. “The board of direc­tors needs a lan­guage they can understand—the lan­guage of risk, the lan­guage of assets.”

And it needs to be quick, he says.

Secu­ri­ty & Pri­va­cy Week­ly News Roundup: Stay informed of key pat­terns and trends

The prob­lem, he says, is that tra­di­tion­al­ly there’s been a dis­con­nect between the C-suite and the IT depart­ment. So Zandani—who found­ed the infor­ma­tion war­fare depart­ment for the Israeli Air Force and served as CEO for Price­wa­ter­house­C­oop­ers GRMS—saw an opportunity.

Togeth­er with Elon Kaplan, a strat­e­gy and orga­ni­za­tion­al psy­chol­o­gy expert, Zan­dani launched a com­pa­ny to fill that gap, while giv­ing CEOs, boards and top man­agers an easy way to under­stand their company’s cyber risks.

Cyte­gic, came out of stealth mode in Jan­u­ary after launch­ing in 2012. With sev­er­al major cus­tomers in Israel, Europe and Mex­i­co, the goal is to expand into the U.S. mar­ket this year. Once a few “ref­er­ence cus­tomers” are secured here, the com­pa­ny will seek a round of ven­ture investment.

Cyte­gic thinking

The startup’s offer­ings include three prod­ucts. CyMA, or Cyber Matu­ri­ty Assess­ment, is a plat­form that col­lects and ana­lyzes inter­nal data to assess the company’s cyber defense controls.

DyTA, or Dynam­ic Trend Assess­ment, is an intel­li­gence ana­lyt­ics plat­form that uses exter­nal data—everything from infor­ma­tion on threats and attack­ers to geopo­lit­i­cal and indus­try insights—to iden­ti­fy threats. CyMA and DyTA can be used sep­a­rate­ly or togeth­er as part of the third prod­uct, Cyber Deci­sion Sup­port Sys­tem or CDSS.

The CDSS is not only pre­dic­tive, but also enables “what-if” scenarios.

You can see how the nee­dle will move—if you are going to invest into this defense or that defense, what should you do?” Zan­dani says.

Woman-pow­ered dev team

One of the aspects that makes Cyte­gic unique is its all-female devel­op­ment team. At its helm is Keren Gab­ber, vice pres­i­dent of research and development.

Trained as a devel­op­er in the Israeli army, Gab­ber has been involved with Cyte­gic almost from incep­tion and has had her hands in all things relat­ed to the tech­nol­o­gy, deploy­ment and oth­er major decisions.

We clicked,” she says of her rea­son for join­ing Cytegic.

While serv­ing in the army for six years, Gab­ber, whose top rank was lieu­tenant, devel­oped com­mand-and-con­trol sys­tems for the army headquarters.

Among the projects she worked on was an award-win­ning sys­tem designed for deci­sion-mak­ing and high-lev­el data—much like Gabber’s cur­rent work at Cytegic.

The army train­ing was much bet­ter than uni­ver­si­ty,” says Gab­ber, who also stud­ied psy­chol­o­gy and com­put­er sci­ence at the Open Uni­ver­si­ty of Israel.

The launch of Cytegic’s prod­uct suite was only the first phase for Gab­ber and her team. In addi­tion to work­ing on new fea­tures, she’s involved with scal­ing and expand­ing the prod­ucts into the new markets.

As with many star­tups, Cytegic’s envi­ron­ment is more col­lab­o­ra­tive than hierarchical.

All ideas are thrown into the air, and I col­lect them and make sto­ries out of them,” she says. “We pri­or­i­tize them and look for ways to make them into solu­tions … based on mar­ket needs.”

Tak­ing it to the U.S.

Zan­dani says one of the rea­sons he has set his sights on the Unit­ed States is because about 50 per­cent of the cyber­se­cu­ri­ty mar­ket is here—a mar­ket that’s esti­mat­ed to grow to about $120 bil­lion in the next few years.

He plans to move to the Unit­ed States with his fam­i­ly, and Cyte­gic already is in the process of open­ing offices in New York City, with the West Coast on the draw­ing board.

The rea­son for the rush to get estab­lished in the Amer­i­can mar­ket this year is Zandani’s belief that what Cyte­gic offers is a new way to approach cybersecurity.

It’s going to be there in two to three years, and we want to be the big play­er,” he says.

It was very clear that there’s a need to move away from the old, tra­di­tion­al way of writ­ing reports, doing sur­veys into some­thing that was agile, quick—something mean­ing­ful in busi­ness terms,” he says. “This is what we do.”

More on emerg­ing best practices
5 data pro­tec­tion tips for SMBs
What SMBs need to know about CISOs
Pro­tect­ing your dig­i­tal foot­print in the post pri­va­cy era


Posted in Cybersecurity, Featured Story