Related Topics: SYS-CON MEDIA, Cloud Security


Agiliance Offers Context-Aware, Scalable Risk Management Infrastructure

Interview with Torsten George, Vice President Worldwide Marketing and Products, Agiliance Inc.

Thanks for taking the time to answer my questions. Please tell us, what is Agiliance all about and what do you do?

Torsten George: Cyber-attacks, insider threats, monetary fraud, and data breaches - affecting some of the world's most renowned organizations - make headlines every day. At the same time, the worst economic downturn since the 1930s has focused intense attention on inadequate risk management and the effectiveness of governance practices. The key to addressing these complex, interlocking problems is implementing a context-aware, scalable risk management infrastructure that makes risk visible, measurable, and actionable across financial, operational, and security domains.

That's where Agiliance® comes into play. We're known as the Big Data Risk CompanyTM and leading independent provider of integrated solutions for operational and security risk programs. Our mission is to help organizations to unlock and use their knowledge of risk to optimize business investments and performance.

As the pioneer of the Big Data Risk Management category, we're disrupting the established practice of performing risk management as continuous consulting, replacing it with continuous, automated software-based monitoring.

What are you launching at RSA?

George: Agiliance is launching RiskVisionTM 7, which redefines the management of enterprise and supplier risk, regulatory compliance, security, and incidents using a big data-driven model. RiskVision 7 performs near real time analysis of petabytes of governance and security risk data to accelerate incident response actions, identify cross-domain threats, automate process change, speed user productivity, scale operational efficiency, and ultimately assess risk based on business impact.

Organizations are operating in a dynamically changing risk ecosystem, which is characterized by mushrooming government regulations (e.g., UK FSA, Singapore MAS) that scrutinize inadequate, assessment-based risk management and governance practices, as well as new cyber-attack vectors such as bring-your-own-devices (BYOD) and an organization's supply chain. As a result, it has become imperative to strategically align datacenter operations, cloud operations, and supplier services with accurate risk prioritization, remediation, and audit reporting.

RiskVision 7 addresses these market requirements by enabling continuous diagnostics and remediation on more than one million assets and correlating threats, vulnerabilities, controls testing, and policies for near real-time risk management. It is also the only commercial integrated risk management system in production for enterprise and supplier incident response with a ten-thousand practitioner deployment.

Who is your target audience and how do you intend to reach them?

George: Agiliance's priority target segments are Global 2,000 companies and government agencies in North America, Europe, Singapore, and Australia. These organizations face complex threats and compliance requirements, have mature security defenses, and typically have implemented failed silo-based departmental approaches to risk management. Target buyers for Agiliance solutions are the Chief Information Security Officer, or their superior, normally the Chief Information Officer or Chief Risk Officer.

I'd be curious to hear any general thoughts you have on market trends...

George: For 2014 we predict five major trends: #1 Organizations will finally transition away from a compliance, check-box mentality and adapt a risk-based, pro-active approach. This trend is primarily driven by the realization that you can schedule an audit, but you cannot schedule a cyber security attack. Furthermore, we are foreseeing as the #2 trend that legislation and industry standards will shift their focus from providing mandates for preventive measures to risk awareness and remediation response. Early examples in this context are MAS, OCC Guidance, and PCI DSS 3.0. For instance, introducing set response times in Singapore MAS is challenging  organizations to change their culture. #3 We foresee that threats will finally be recognized as one of the main factors that determine risk. In support of the adoption of threat modeling and intelligence feeds, standards such as VERIS and STIX will emerge. Confirmation for this trend can be seen by the growing number of threat intelligence feed vendors; notably four out of the ten RSA Sandbox Innovation Awards finalists are tied to threat intelligence. #4 Based on the uptick in cyber-attacks targeting the supply chain, we predict that vendor risk management will completely change. The days where end user organizations relied on vendor risk assessments via questionnaires are coming to an end. Instead end user organizations will turn the table on their suppliers and in case of software vendors require an independent accreditation certification before allowing the technology to be deployed in the enterprise. And last, but not least we anticipate 2014 to be the break-through year for Managed Security Services. This is simply based on the fact that the data volume, velocity, variety, and complexity is overwhelming many organizations. Thus, outsourcing of threat diagnostics and remediation responses will be highly accepted service.

What is the viral aspect of your product?

George: It's only February and we've already experienced several massive data breaches at Target and Neiman Marcus. Any time that there is a data breach intense attention is being put on inadequate risk management and the effectiveness of governance practices, offering Agiliance ways to provide public commentary and then take these media clips viral.

What's the business model? How will you make money?

George: Agiliance's business model is best described as Managing Risk-as-a-ServiceTM (M-RaaS). The RiskVision solution is delivered by a broad range of organizations, both on-demand and on-premise, across a mix of physical and virtual environments. This flexibility allows customers to purchase according to their organizational maturity and scale; allowing them to extend usage as their maturity increases.

RiskVision pricing is based on number of applications, connectors, and managed assets. The platform and the majority of content are covered by annual subscriptions. Pricing starts at $25,000 per application per year with cumulative volume discounts for all applications, connectors, and managed assets purchased.

More Stories By Xenia von Wedel

Xenia von Wedel is a Tech blogger and Enterprise Media Consultant in Mountain View, serving clients in a variety of industries worldwide. She is focused on thought leadership content creation and syndication, media outreach and strategy. She mainly writes about Enterprise, B2B solutions, social media and open source software, but throws the occasional oddball into the mix. Buy her a coffee if you like her article: http://xeniar.tip.me

Latest Stories
In his session at Cloud Expo, Robert Cohen, an economist and senior fellow at the Economic Strategy Institute, will provide economic scenarios that describe how the rapid adoption of software-defined everything including cloud services, SDDC and open networking will change GDP, industry growth, productivity and jobs. This session will also include a drill down for several industries such as finance, social media, cloud service providers and pharmaceuticals.
DevOps is speeding towards the IT world like a freight train and the hype around it is deafening. There is no reason to be afraid of this change as it is the natural reaction to the agile movement that revolutionized development just a few years ago. By definition, DevOps is the natural alignment of IT performance to business profitability. The relevance of this has yet to be quantified but it has been suggested that the route to the CEO’s chair will come from the IT leaders that successfully ma...
The Internet of Things (IoT), in all its myriad manifestations, has great potential. Much of that potential comes from the evolving data management and analytic (DMA) technologies and processes that allow us to gain insight from all of the IoT data that can be generated and gathered. This potential may never be met as those data sets are tied to specific industry verticals and single markets, with no clear way to use IoT data and sensor analytics to fulfill the hype being given the IoT today.
@ThingsExpo has been named the Top 5 Most Influential M2M Brand by Onalytica in the ‘Machine to Machine: Top 100 Influencers and Brands.' Onalytica analyzed the online debate on M2M by looking at over 85,000 tweets to provide the most influential individuals and brands that drive the discussion. According to Onalytica the "analysis showed a very engaged community with a lot of interactive tweets. The M2M discussion seems to be more fragmented and driven by some of the major brands present in the...
SYS-CON Events announced today that Interface Masters Technologies, a leader in Network Visibility and Uptime Solutions, will exhibit at the 19th International Cloud Expo, which will take place on November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. Interface Masters Technologies is a leading vendor in the network monitoring and high speed networking markets. Based in the heart of Silicon Valley, Interface Masters' expertise lies in Gigabit, 10 Gigabit and 40 Gigabit Eth...
As the world moves toward more DevOps and Microservices, application deployment to the cloud ought to become a lot simpler. The Microservices architecture, which is the basis of many new age distributed systems such as OpenStack, NetFlix and so on, is at the heart of Cloud Foundry - a complete developer-oriented Platform as a Service (PaaS) that is IaaS agnostic and supports vCloud, OpenStack and AWS. Serverless computing is revolutionizing computing. In his session at 19th Cloud Expo, Raghav...
Fact: storage performance problems have only gotten more complicated, as applications not only have become largely virtualized, but also have moved to cloud-based infrastructures. Storage performance in virtualized environments isn’t just about IOPS anymore. Instead, you need to guarantee performance for individual VMs, helping applications maintain performance as the number of VMs continues to go up in real time. In his session at Cloud Expo, Dhiraj Sehgal, Product and Marketing at Tintri, wil...
DevOps is being widely accepted (if not fully adopted) as essential in enterprise IT. But as Enterprise DevOps gains maturity, expands scope, and increases velocity, the need for data-driven decisions across teams becomes more acute. DevOps teams in any modern business must wrangle the ‘digital exhaust’ from the delivery toolchain, "pervasive" and "cognitive" computing, APIs and services, mobile devices and applications, the Internet of Things, and now even blockchain. In this power panel at @...
As software becomes more and more complex, we, as software developers, have been splitting up our code into smaller and smaller components. This is also true for the environment in which we run our code: going from bare metal, to VMs to the modern-day Cloud Native world of containers, schedulers and microservices. While we have figured out how to run containerized applications in the cloud using schedulers, we've yet to come up with a good solution to bridge the gap between getting your conta...
If you had a chance to enter on the ground level of the largest e-commerce market in the world – would you? China is the world’s most populated country with the second largest economy and the world’s fastest growing market. It is estimated that by 2018 the Chinese market will be reaching over $30 billion in gaming revenue alone. Admittedly for a foreign company, doing business in China can be challenging. Often changing laws, administrative regulations and the often inscrutable Chinese Interne...
Enterprise IT has been in the era of Hybrid Cloud for some time now. But it seems most conversations about Hybrid are focused on integrating AWS, Microsoft Azure, or Google ECM into existing on-premises systems. Where is all the Private Cloud? What do technology providers need to do to make their offerings more compelling? How should enterprise IT executives and buyers define their focus, needs, and roadmap, and communicate that clearly to the providers?
You have great SaaS business app ideas. You want to turn your idea quickly into a functional and engaging proof of concept. You need to be able to modify it to meet customers' needs, and you need to deliver a complete and secure SaaS application. How could you achieve all the above and yet avoid unforeseen IT requirements that add unnecessary cost and complexity? You also want your app to be responsive in any device at any time. In his session at 19th Cloud Expo, Mark Allen, General Manager of...
SYS-CON Events announced today that Streamlyzer will exhibit at the 19th International Cloud Expo, which will take place on November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. Streamlyzer is a powerful analytics for video streaming service that enables video streaming providers to monitor and analyze QoE (Quality-of-Experience) from end-user devices in real time.
Without lifecycle traceability and visibility across the tool chain, stakeholders from Planning-to-Ops have limited insight and answers to who, what, when, why and how across the DevOps lifecycle. This impacts the ability to deliver high quality software at the needed velocity to drive positive business outcomes. In his general session at @DevOpsSummit at 19th Cloud Expo, Eric Robertson, General Manager at CollabNet, will discuss how customers are able to achieve a level of transparency that e...
SYS-CON Events announced today that Pulzze Systems will exhibit at the 19th International Cloud Expo, which will take place on November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. Pulzze Systems, Inc. provides infrastructure products for the Internet of Things to enable any connected device and system to carry out matched operations without programming. For more information, visit http://www.pulzzesystems.com.