|By Xenia von Wedel||
|February 21, 2014 02:03 PM EST||
Thanks for taking the time to answer my questions. Please tell us, what is Risk I/O all about and what do you do?
Ed Bellis: To really understand a company's risk, you can't look at threats and vulnerabilities separately; you have to bring them together in context. This is exactly what we've done at Risk I/O. We emerged in 2012 as the first SaaS platform to use big data security analytics to tell a security pro two important things: number one: which vulnerabilities pose the greatest risk to their organization, and number two: their likelihood of experiencing a breach. Our platform finds the most critical security issues within an organization and prioritizes what's most important.
What are you launching at RSA?
Bellis: Risk I/O has fully updated its user interface and streamlined the process from identifying a critical vulnerability to remediation in a single click. We're now offering a free a risk profile to anyone through our public RiskDB application, which takes into account the threat data that we're collecting and gives you a technology risk profile of your organization.
Additionally, we're bundling in perimeter scanning, so we've become a one-stop-shop for identifying the most critical risks. Customers no longer require additional security tools in order to identify these risks.
Who is your target audience and how do you intend to reach them? What is the biggest challenge you face right now in telling your story and winning over new clients?
Bellis: For Risk I/O, while our customers span from the Fortune 10 all the way down to SMB, our primary target has been the mid-markets and small enterprise. Our customers/users are typically in information security or have information security responsibilities. So, it could range from being a Chief Security Officer in a large organization to a Network Administrator in smaller organizations.
The biggest challenge we face, is educating the market that the existing way of doing business simply doesn't work. What I mean by this, is traditionally, to assess security risks and prioritize what is most important, this usually falls on teams of people sorting through the data, spreadsheets, and writing their own scripts. As an emerging tech company, we're branding ourselves in this new space.
I'd be curious to hear any general thoughts you have on market trends...
Bellis: Specifically, talking about vulnerability management, the first evolution was vulnerability assessment, or, to put it another way, customers wanted to know where are all my vulnerabilities? Now, we've got to the stage, where they know where their vulnerabilities are, and they're everywhere. The next problem to solve is what do I do next? What do I fix first? How do I fix them?
At Risk I/O, we believe that using real-world and real-time data is going to help in the decision-making process and prioritization will become key to this segment.
What's the business model? How will you make money?
Bellis: As a business model, Risk I/O operates as a Software as a Service, and we sell subscriptions to our product. We offer subscriptions that are monthly or annually and are based on the number of technology assets an organizations is managing. We start our pricing at $1 per asset, per month, and offer bulk discount as the number of assets go up.
Who are your competitors?
Bellis: Far and away, the current way of doing business, which, again, are teams of people going through spreadsheets and writing their own scripts, and trying to figure out through lots of time and people resources, what's a priority. The reality is, the current way of doing business just isn't working.
How do you differentiate from your competitors?
Bellis: What really sets Risk I/O apart is that we give you the visibility outside your network, outside of your firewall, to let you know what the threat landscape looks like and what are the most important issues you have internally. So, we use real-world, real-time data to help you make better security decisions.
Who founded the company, when? What can you tell me about the story of the company's founding?
Bellis: In 2010, I cofounded Risk I/O with our CTO Jeff Heuer. A little background on me, I was a former Chief Information Security Officer at Orbitz for about six years, where I was dealing with the very problem that we're solving at Risk I/O. Originally, I reached out to peers at Orbitz thinking there would had to be a solution in market, only to find that they were dealing with the same issue I was. So, that's when I gave my Cofounder Jeff a call and expressed the need to build a solution to solve this very real, very big problem.
What is your distribution model? Where to buy your product?
Bellis: We're a SaaS model, and you can sign-up directly on website and everyone gets a 30-day free trial. More information here, https://www.risk.io/
What's next on your product roadmap?
Bellis: We're looking to expand the amount of threat sources that we use both internally and externally. We'll continue to work through additional distribution partners and add integrations into more vulnerability assessment tools as well as remediation management tools.
What else would you like to add?
Bellis: Check out our white paper on Adopting A Real-Time, Data-Driven Security Practice
Risk I/O is a threat management platform that processes external Internet breach and exploit data with an organization's vulnerability scan data to monitor, measure and prioritize vulnerability remediation across their IT environment. As a result, organizations know their likelihood of experiencing a breach and what vulnerabilities pose the greatest risk. Risk I/O processes over a billion vulnerabilities a month against Internet breach data for its users. Risk I/O is used by over 800 companies, including multiple Fortune 500 companies and two from the Fortune 10. Backed by US Venture Partners, Tugboat Ventures, Costanoa Venture Capital, and Hyde Park Angels, Risk I/O is headquartered in Chicago, IL. More information about Risk I/O can be found at www.risk.io
The Internet of Things is in the early stages of mainstream deployment but it promises to unlock value and rapidly transform how organizations manage, operationalize, and monetize their assets. IoT is a complex structure of hardware, sensors, applications, analytics and devices that need to be able to communicate geographically and across all functions. Once the data is collected from numerous endpoints, the challenge then becomes converting it into actionable insight.
Sep. 1, 2015 01:00 PM EDT
With the proliferation of connected devices underpinning new Internet of Things systems, Brandon Schulz, Director of Luxoft IoT – Retail, will be looking at the transformation of the retail customer experience in brick and mortar stores in his session at @ThingsExpo. Questions he will address include: Will beacons drop to the wayside like QR codes, or be a proximity-based profit driver? How will the customer experience change in stores of all types when everything can be instrumented and a...
Sep. 1, 2015 12:45 PM EDT Reads: 473
SYS-CON Events announced today that HPM Networks will exhibit at the 17th International Cloud Expo®, which will take place on November 3–5, 2015, at the Santa Clara Convention Center in Santa Clara, CA. For 20 years, HPM Networks has been integrating technology solutions that solve complex business challenges. HPM Networks has designed solutions for both SMB and enterprise customers throughout the San Francisco Bay Area.
Sep. 1, 2015 12:30 PM EDT Reads: 909
This Enterprise Strategy Group lab validation report of the NEC Express5800/R320 server with Intel® Xeon® processor presents the benefits of 99.999% uptime NEC fault-tolerant servers that lower overall virtualized server total cost of ownership. This report also includes survey data on the significant costs associated with system outages impacting enterprise and web applications. Click Here to Download Report Now!
Sep. 1, 2015 12:30 PM EDT Reads: 255
Enterprises can achieve rigorous IT security as well as improved DevOps practices and Cloud economics by taking a new, cloud-native approach to application delivery. Because the attack surface for cloud applications is dramatically different than for highly controlled data centers, a disciplined and multi-layered approach that spans all of your processes, staff, vendors and technologies is required. This may sound expensive and time consuming to achieve as you plan how to move selected applicati...
Sep. 1, 2015 12:30 PM EDT
Consumer IoT applications provide data about the user that just doesn’t exist in traditional PC or mobile web applications. This rich data, or “context,” enables the highly personalized consumer experiences that characterize many consumer IoT apps. This same data is also providing brands with unprecedented insight into how their connected products are being used, while, at the same time, powering highly targeted engagement and marketing opportunities. In his session at @ThingsExpo, Nathan Trel...
Sep. 1, 2015 12:15 PM EDT Reads: 248
Whether you like it or not, DevOps is on track for a remarkable alliance with security. The SEC didn’t approve the merger. And your boss hasn’t heard anything about it. Yet, this unruly triumvirate will soon dominate and deliver DevSecOps faster, cheaper, better, and on an unprecedented scale. In his session at DevOps Summit, Frank Bunger, VP of Customer Success at ScriptRock, will discuss how this cathartic moment will propel the DevOps movement from such stuff as dreams are made on to a prac...
Sep. 1, 2015 12:00 PM EDT Reads: 237
In 2014, the market witnessed a massive migration to the cloud as enterprises finally overcame their fears of the cloud’s viability, security, etc. Over the past 18 months, AWS, Google and Microsoft have waged an ongoing battle through a wave of price cuts and new features. For IT executives, sorting through all the noise to make the best cloud investment decisions has become daunting. Enterprises can and are moving away from a "one size fits all" cloud approach. The new competitive field has ...
Sep. 1, 2015 11:51 AM EDT
Through WebRTC, audio and video communications are being embedded more easily than ever into applications, helping carriers, enterprises and independent software vendors deliver greater functionality to their end users. With today’s business world increasingly focused on outcomes, users’ growing calls for ease of use, and businesses craving smarter, tighter integration, what’s the next step in delivering a richer, more immersive experience? That richer, more fully integrated experience comes ab...
Sep. 1, 2015 11:45 AM EDT Reads: 672
SYS-CON Events announced today that Pythian, a global IT services company specializing in helping companies leverage disruptive technologies to optimize revenue-generating systems, has been named “Bronze Sponsor” of SYS-CON's 17th Cloud Expo, which will take place on November 3–5, 2015, at the Santa Clara Convention Center in Santa Clara, CA. Founded in 1997, Pythian is a global IT services company that helps companies compete by adopting disruptive technologies such as cloud, Big Data, advance...
Sep. 1, 2015 11:45 AM EDT Reads: 318
Organizations from small to large are increasingly adopting cloud solutions to deliver essential business services at a much lower cost. According to cyber security experts, the frequency and severity of cyber-attacks are on the rise, causing alarm to businesses and customers across a variety of industries. To defend against exploits like these, a company must adopt a comprehensive security defense strategy that is designed for their business. In 2015, organizations such as United Airlines, Sony...
Sep. 1, 2015 11:45 AM EDT Reads: 489
Culture is the most important ingredient of DevOps. The challenge for most organizations is defining and communicating a vision of beneficial DevOps culture for their organizations, and then facilitating the changes needed to achieve that. Often this comes down to an ability to provide true leadership. As a CIO, are your direct reports IT managers or are they IT leaders? The hard truth is that many IT managers have risen through the ranks based on their technical skills, not their leadership ab...
Sep. 1, 2015 11:15 AM EDT Reads: 369
eCube Systems has released NXTmonitor, a full featured application orchestration solution. NXTmonitor, which inherited the code base of NXTminder, has been extended to support multi-discipline processes and will act as a DevOps utility in a heterogeneous enterprise environment. Previously, NXTminder was packaged with NXTera middleware to configure and manage Entera and NXTera RPC servers. “Since we are widening the focus of this solution to DevOps, we felt the need to change the name to NXTmon...
Sep. 1, 2015 11:15 AM EDT
As more and more data is generated from a variety of connected devices, the need to get insights from this data and predict future behavior and trends is increasingly essential for businesses. Real-time stream processing is needed in a variety of different industries such as Manufacturing, Oil and Gas, Automobile, Finance, Online Retail, Smart Grids, and Healthcare. Azure Stream Analytics is a fully managed distributed stream computation service that provides low latency, scalable processing of ...
Sep. 1, 2015 11:15 AM EDT Reads: 227
In today's digital world, change is the one constant. Disruptive innovations like cloud, mobility, social media, and the Internet of Things have reshaped the market and set new standards in customer expectations. To remain competitive, businesses must tap the potential of emerging technologies and markets through the rapid release of new products and services. However, the rigid and siloed structures of traditional IT platforms and processes are slowing them down – resulting in lengthy delivery ...
Sep. 1, 2015 10:45 AM EDT Reads: 605