Up view in financial district Up view in financial district

March 1, 2022

Cybersecurity Is a Board-Level Issue

I’m excited to share that JC2 Ventures has increased its investment in Balbix as part of the company’s Series C funding round. Balbix is the cybersecurity posture automation company that uses AI to help organizations reduce their risk of cyberattacks and breaches. I believe in Balbix’s future as a disruptive player in the cybersecurity sector because they ensure that senior business leaders, such as CEOs, CFOs and board members, have a way to accurately understand their cyber risk, make the right cybersecurity decisions, and deploy automation to reduce their cyber risk.

The Role of the CISO Needs to Change

A few years ago, CEOs and boards of Fortune 500 organizations relied on their CISO to have a complete picture of their cyber risk. They could ask them to share detailed knowledge of all tasks and actions necessary to manage cyber risk. Today, digital attack surfaces have become very complex, and security teams are unable to discover all vulnerabilities and struggle to accurately quantify cyber risk. The advent of cloud has made this even harder with siloed technical approaches for cloud and non-cloud risk management. The “best” cyber risk reports that CISOs have available offer incomplete views of risk potential, often do not quantify risk in dollars, and may not be directly actionable. As a result, many times the right decisions are not made, critical mitigation tasks are not prioritized or performed in a timely fashion, and, ultimately, organizations remain open to attack and expensive breaches.

There is an urgent need to automate the continuous discovery, prioritization, and mitigation of vulnerabilities across the entire enterprise. There is also a clear need to accurately quantify cyber risk in monetary units in order to better bridge the gap and improve understanding between the technical efforts of operational cybersecurity teams and the risk management decisions made by senior leaders, like the CIO, CFO, CEO and board members.

To achieve these objectives, the role of security leaders needs to change. It no longer makes sense to think of the job of the CISO as one focused on preventing breaches by implementing the right technical security controls. Instead, CISOs need to facilitate the quantification of cyber risk in business terms and help drive the rest of the leadership team towards speedy cyber risk remediation/mitigation efforts before a breach even happens. The CISO’s job today is to help risk owners, senior leadership, and the board deliver on their fiduciary responsibilities to all stakeholders by minimizing cyber risk as much as possible.

Enter Balbix.

“Dollarizing” Cyber Risk

Last August, Balbix released its cyber risk quantification (CRQ) solution to allow CISOs to accurately measure and quantify their cyber risk in dollars, euros, pounds or whichever currency they prefer, so they can report that risk to C-level leadership and their boards in a language that everyone can understand. Unlike qualitative estimates of cyber risk, Balbix also provides traceability to the underlying security issues and actionable insights for risk mitigation. Senior leadership can quickly decide how much, and what types, of cyber risks are acceptable, and CISOs can quickly reduce exposure by prioritizing mitigation tasks and security investments.

AI-Powered Cybersecurity Posture Automation

Balbix has been the pioneer when it comes to using specialized AI models to map enterprises’ massive attack surfaces. Balbix has a larger mission to extend its AI-powered cybersecurity posture automation solution to new use cases, which includes the recent announcement that it has extended cybersecurity posture automation to AWS environments. With an automated and integrated approach to cyber risk management, enterprises gain real-time visibility into emerging security issues and actionable risk dashboards, allowing Balbix customers to take steps to mitigate vulnerabilities before attackers can weaponize them. As a business leader myself, I know having access to these capabilities will be critical to companies across industries and geographies.

Rapid Growth and Huge Potential

Over the last 12 months, we have seen Balbix’s message of automating cybersecurity posture resonate very well with organizations across the globe. It has been a pleasure mentoring Balbix Founder and CEO, Gaurav Banga, as he continues to disrupt how businesses and leaders approach cyber prevention and recovery. Under his leadership, Balbix successfully navigated some tough challenges and gained significant momentum due to their differentiated approach and offerings. I look forward to continuing to work with Gaurav and his leadership team in this next phase of their journey, where the Series C funding will be put towards more innovative capabilities, with a focus on engineering investments.