Welcome!

Related Topics: Cloud Security, Java IoT, Linux Containers, Agile Computing

Cloud Security: Blog Post

Risk I/O Is a One-Stop-Shop for Identifying the Most Critical Risks

RSA Interview with Ed Bellis, CEO and Cofounder of Risk I/O

Thanks for taking the time to answer my questions. Please tell us, what is Risk I/O all about and what do you do?

Ed Bellis: To really understand a company's risk, you can't look at threats and vulnerabilities separately; you have to bring them together in context. This is exactly what we've done at Risk I/O. We emerged in 2012 as the first SaaS platform to use big data security analytics to tell a security pro two important things: number one: which vulnerabilities pose the greatest risk to their organization, and number two: their likelihood of experiencing a breach. Our platform finds the most critical security issues within an organization and prioritizes what's most important.

What are you launching at RSA?

Bellis: Risk I/O has fully updated its user interface and streamlined the process from identifying a critical vulnerability to remediation in a single click. We're now offering a free a risk profile to anyone through our public RiskDB application, which takes into account the threat data that we're collecting and gives you a technology risk profile of your organization.

Additionally, we're bundling in perimeter scanning, so we've become a one-stop-shop for identifying the most critical risks. Customers no longer require additional security tools in order to identify these risks.

Who is your target audience and how do you intend to reach them? What is the biggest challenge you face right now in telling your story and winning over new clients?

Bellis: For Risk I/O, while our customers span from the Fortune 10 all the way down to SMB, our primary target has been the mid-markets and small enterprise. Our customers/users are typically in information security or have information security responsibilities. So, it could range from being a Chief Security Officer in a large organization to a Network Administrator in smaller organizations.

The biggest challenge we face, is educating the market that the existing way of doing business simply doesn't work. What I mean by this, is traditionally, to assess security risks and prioritize what is most important, this usually falls on teams of people sorting through the data, spreadsheets, and writing their own scripts. As an emerging tech company, we're branding ourselves in this new space.

I'd be curious to hear any general thoughts you have on market trends...

Bellis: Specifically, talking about vulnerability management, the first evolution was vulnerability assessment, or, to put it another way, customers wanted to know where are all my vulnerabilities? Now, we've got to the stage, where they know where their vulnerabilities are, and they're everywhere. The next problem to solve is what do I do next? What do I fix first? How do I fix them?

At Risk I/O, we believe that using real-world and real-time data is going to help in the decision-making process and prioritization will become key to this segment.

What's the business model? How will you make money?

Bellis: As a business model, Risk I/O operates as a Software as a Service, and we sell subscriptions to our product. We offer subscriptions that are monthly or annually and are based on the number of technology assets an organizations is managing. We start our pricing at $1 per asset, per month, and offer bulk discount as the number of assets go up.

Who are your competitors?

Bellis: Far and away, the current way of doing business, which, again, are teams of people going through spreadsheets and writing their own scripts, and trying to figure out through lots of time and people resources, what's a priority. The reality is, the current way of doing business just isn't working.

How do you differentiate from your competitors?

Bellis: What really sets Risk I/O apart is that we give you the visibility outside your network, outside of your firewall, to let you know what the threat landscape looks like and what are the most important issues you have internally. So, we use real-world, real-time data to help you make better security decisions.

Who founded the company, when? What can you tell me about the story of the company's founding?

Bellis: In 2010, I cofounded Risk I/O with our CTO Jeff Heuer. A little background on me, I was a former Chief Information Security Officer at Orbitz for about six years, where I was dealing with the very problem that we're solving at Risk I/O. Originally, I reached out to peers at Orbitz thinking there would had to be a solution in market, only to find that they were dealing with the same issue I was. So, that's when I gave my Cofounder Jeff a call and expressed the need to build a solution to solve this very real, very big problem.

What is your distribution model? Where to buy your product?

Bellis: We're a SaaS model, and you can sign-up directly on website and everyone gets a 30-day free trial. More information here, https://www.risk.io/

What's next on your product roadmap?

Bellis: We're looking to expand the amount of threat sources that we use both internally and externally. We'll continue to work through additional distribution partners and add integrations into more vulnerability assessment tools as well as remediation management tools.

What else would you like to add?

Bellis: Check out our white paper on Adopting A Real-Time,  Data-Driven Security Practice

Risk I/O is a threat management platform that processes external Internet breach and exploit data with an organization's vulnerability scan data to monitor, measure and prioritize vulnerability remediation across their IT environment. As a result, organizations know their likelihood of experiencing a breach and what vulnerabilities pose the greatest risk. Risk I/O processes over a billion vulnerabilities a month against Internet breach data for its users. Risk I/O is used by over 800 companies, including multiple Fortune 500 companies and two from the Fortune 10. Backed by US Venture Partners, Tugboat Ventures, Costanoa Venture Capital, and Hyde Park Angels, Risk I/O is headquartered in Chicago, IL. More information about Risk I/O can be found at www.risk.io

More Stories By Xenia von Wedel

Xenia von Wedel is a Tech blogger and Enterprise Media Consultant in Mountain View, serving clients in a variety of industries worldwide. She is focused on thought leadership content creation and syndication, media outreach and strategy. She mainly writes about Enterprise, B2B solutions, social media and open source software, but throws the occasional oddball into the mix. Buy her a coffee if you like her article: http://xeniar.tip.me

Latest Stories
Information technology is an industry that has always experienced change, and the dramatic change sweeping across the industry today could not be truthfully described as the first time we've seen such widespread change impacting customer investments. However, the rate of the change, and the potential outcomes from today's digital transformation has the distinct potential to separate the industry into two camps: Organizations that see the change coming, embrace it, and successful leverage it; and...
SYS-CON Events announced today that Sheng Liang to Keynote at SYS-CON's 19th Cloud Expo, which will take place on November 1-3, 2016 at the Santa Clara Convention Center in Santa Clara, California.
In his keynote at 18th Cloud Expo, Andrew Keys, Co-Founder of ConsenSys Enterprise, provided an overview of the evolution of the Internet and the Database and the future of their combination – the Blockchain. Andrew Keys is Co-Founder of ConsenSys Enterprise. He comes to ConsenSys Enterprise with capital markets, technology and entrepreneurial experience. Previously, he worked for UBS investment bank in equities analysis. Later, he was responsible for the creation and distribution of life sett...
Video experiences should be unique and exciting! But that doesn’t mean you need to patch all the pieces yourself. Users demand rich and engaging experiences and new ways to connect with you. But creating robust video applications at scale can be complicated, time-consuming and expensive. In his session at @ThingsExpo, Zohar Babin, Vice President of Platform, Ecosystem and Community at Kaltura, will discuss how VPaaS enables you to move fast, creating scalable video experiences that reach your ...
One of biggest questions about Big Data is “How do we harness all that information for business use quickly and effectively?” Geographic Information Systems (GIS) or spatial technology is about more than making maps, but adding critical context and meaning to data of all types, coming from all different channels – even sensors. In his session at @ThingsExpo, William (Bill) Meehan, director of utility solutions for Esri, will take a closer look at the current state of spatial technology and ar...
SYS-CON Events announced today that SoftLayer, an IBM Company, has been named “Gold Sponsor” of SYS-CON's 18th Cloud Expo, which will take place on June 7-9, 2016, at the Javits Center in New York, New York. SoftLayer, an IBM Company, provides cloud infrastructure as a service from a growing number of data centers and network points of presence around the world. SoftLayer’s customers range from Web startups to global enterprises.
The vision of a connected smart home is becoming reality with the application of integrated wireless technologies in devices and appliances. The use of standardized and TCP/IP networked wireless technologies in line-powered and battery operated sensors and controls has led to the adoption of radios in the 2.4GHz band, including Wi-Fi, BT/BLE and 802.15.4 applied ZigBee and Thread. This is driving the need for robust wireless coexistence for multiple radios to ensure throughput performance and th...
In his General Session at DevOps Summit, Asaf Yigal, Co-Founder & VP of Product at Logz.io, will explore the value of Kibana 4 for log analysis and will give a real live, hands-on tutorial on how to set up Kibana 4 and get the most out of Apache log files. He will examine three use cases: IT operations, business intelligence, and security and compliance. This is a hands-on session that will require participants to bring their own laptops, and we will provide the rest.
SYS-CON Events announced today that Bsquare has been named “Silver Sponsor” of SYS-CON's @ThingsExpo, which will take place on November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. For more than two decades, Bsquare has helped its customers extract business value from a broad array of physical assets by making them intelligent, connecting them, and using the data they generate to optimize business processes.
In this strange new world where more and more power is drawn from business technology, companies are effectively straddling two paths on the road to innovation and transformation into digital enterprises. The first path is the heritage trail – with “legacy” technology forming the background. Here, extant technologies are transformed by core IT teams to provide more API-driven approaches. Legacy systems can restrict companies that are transitioning into digital enterprises. To truly become a lea...
Internet of @ThingsExpo, taking place November 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA, is co-located with 19th Cloud Expo and will feature technical sessions from a rock star conference faculty and the leading industry players in the world. The Internet of Things (IoT) is the most profound change in personal and enterprise IT since the creation of the Worldwide Web more than 20 years ago. All major researchers estimate there will be tens of billions devices - comp...
SYS-CON Events announced today the Enterprise IoT Bootcamp, being held November 1-2, 2016, in conjunction with 19th Cloud Expo | @ThingsExpo at the Santa Clara Convention Center in Santa Clara, CA. Combined with real-world scenarios and use cases, the Enterprise IoT Bootcamp is not just based on presentations but with hands-on demos and detailed walkthroughs. We will introduce you to a variety of real world use cases prototyped using Arduino, Raspberry Pi, BeagleBone, Spark, and Intel Edison. Y...
Just over a week ago I received a long and loud sustained applause for a presentation I delivered at this year’s Cloud Expo in Santa Clara. I was extremely pleased with the turnout and had some very good conversations with many of the attendees. Over the next few days I had many more meaningful conversations and was not only happy with the results but also learned a few new things. Here is everything I learned in those three days distilled into three short points.
What are the new priorities for the connected business? First: businesses need to think differently about the types of connections they will need to make – these span well beyond the traditional app to app into more modern forms of integration including SaaS integrations, mobile integrations, APIs, device integration and Big Data integration. It’s important these are unified together vs. doing them all piecemeal. Second, these types of connections need to be simple to design, adapt and configure...
Why do your mobile transformations need to happen today? Mobile is the strategy that enterprise transformation centers on to drive customer engagement. In his general session at @ThingsExpo, Roger Woods, Director, Mobile Product & Strategy – Adobe Marketing Cloud, covered key IoT and mobile trends that are forcing mobile transformation, key components of a solid mobile strategy and explored how brands are effectively driving mobile change throughout the enterprise.