Companies should assess their risk profile and align it to a security solution

One key is ensuring everyone in the business knows they must actively protect network data

Share on FacebookShare on Google+Tweet about this on TwitterShare on LinkedInEmail this to someonePrint this page

San Fran­cis­co-based Bay Dynam­ics bills itself as a cyber risk ana­lyt­ics com­pa­ny focused on help­ing large enter­pris­es mea­sure, com­mu­ni­cate and reduce cyber risk. The com­pa­ny is a ris­ing con­tender in the “threat intel­li­gence” space.

Found­ed in 2001 as a secu­ri­ty and IT con­sult­ing firm, Bay Dynam­ics shift­ed in 2006 to cre­at­ing its own secu­ri­ty prod­ucts, and in 2013 launched its cur­rent flag­ship prod­uct offering—Risk Fabric.

Relat­ed: How vir­tu­al ana­lysts boost net­work defense

I had the chance to sit down with Steven Gross­man, vice-pres­i­dent of pro­gram man­age­ment, to dis­cuss how Bay Dynam­ics’ cus­tomers are using Risk Fab­ric to iden­ti­fy and under­stand vul­ner­a­bil­i­ties more pro­duc­tive­ly and thus improve robust­ness of net­work defenses.

Steven Grossman, Bay Dynamics vice president of program management
Steven Gross­man, Bay Dynam­ics vice pres­i­dent of pro­gram management

Risk Fab­ric is designed to help com­pa­nies “con­tex­tu­al­ize, pri­or­i­tize and mit­i­gate high sever­i­ty threats and vul­ner­a­bil­i­ties to their most val­ued assets,” Gross­man says. It takes the approach of mak­ing cyber threats everyone’s busi­ness, from line work­ers to board mem­bers and every­one in between.

We dis­cussed how cyber­se­cu­ri­ty is no longer an arcane techie task focused on block­ing and quick­ly mit­i­gat­ing live attacks. The com­plex and com­pli­cat­ed dig­i­tal world we live in is get­ting more so each day. Bay Dynam­ics and oth­er ven­dors focused on extract­ing use­ful intel­li­gence from exist­ing secu­ri­ty sys­tems advo­cate tak­ing a risk-focused approach toward oper­at­ing a com­pa­ny network.

Oth­ers pur­su­ing this line of defense include user and enti­ty behav­ior ana­lyt­ics (UEBA) ven­dors, like Exabeam and Securonix, and vul­ner­a­bil­i­ty ana­lyt­ics ven­dors, includ­ing RiskVi­sion and RiskSense.

Gross­man con­tends Bay Dynam­ics is the only ven­dor that pro­vides a “holis­tic view of cyber risk, with threats, vul­ner­a­bil­i­ties and assets tied togeth­er with the ana­lyt­ics to make it all make sense.”

Busi­ness is grow­ing because cus­tomers are real­iz­ing the val­ue of “sim­pli­fy­ing cyber risk man­age­ment through ana­lyt­ics, automa­tion and pri­or­i­ti­za­tion,” and “mak­ing cyber risk every­bodys busi­ness,” he says.

Give a lis­ten to our full dis­cus­sion in the accom­pa­ny­ing podcast.

More sto­ries relat­ed to risk and infor­ma­tion security:
Under­writ­ers, InfoS­ec offi­cers must close gap on risk management
Orga­ni­za­tions must see cyber­se­cu­ri­ty as a busi­ness risk, not just a tech­nol­o­gy issue
A network’s ‘vital signs’ offer insight into secu­ri­ty risks