Why I left Gartner for a Startup

By Eric Ouellet at 1/12/2015 5:39 PM
Filed Under: Big Data Analytics, cybersecurity, Risk Fabric, Risk Management

For the last six months since leaving Gartner, the most common question I get is “Why did you leave Gartner for a startup?” Over the course of the decade I spent at Gartner, I was exceptionally blessed with being part of a great team that was at the cutting edge of information security trends and market research. The unfettered opportunities to learn about the leading issues impacting our clients and helping them develop core approaches and solutions to address their needs provided a very unique viewpoint, specifically as it related to the fast-evolving world of information security. In fact, that is how I was introduced to Bay Dynamics.


Our industry is at the dawn of what I call the “Contextually-Aware Era” of information security. Never before have we been in a position to be able to truly answer some of the most important and deceptively simple-sounding (but exceptionally difficult) questions in security. Questions like “Where are my risks?”, “What should I worry about the most today?”, “Do I have any bad actors in my environment?” and so many more.


To answer these questions in a meaningful way requires the synthesis of massively large and ever-growing data sets merged from dozens of isolated solutions that speak their own language and have their own personalized view of the security world. But that is not enough. The answers must also leverage the most advanced technologies available to help organizations identify what they are truly looking for, not just what they think they should be looking for. And lastly the answers must be prioritized, directly actionable and, most importantly, contextualized to each member of the security audience – from the hands-on technical staff to the business managers to the board members.


While solutions exist that tap into and manually codify organizational experiences of past good and bad security behaviors, the most important tenet to them lies in understanding the “why” and “how” behind each experience before an organization can leverage them.  


Despite its potential virtues, the reality is that codifying prior experience is a severely flawed approach because when most people are asked about good and bad security behaviors, beyond the most basic scenarios, the answer inevitably becomes “I’ll know when I see it.” It is impossible to codify an “I’ll know when” experience and as a result tools become severely limited because they can only codify the knowns that are well understood. This leaves the door wide open to unknown and unanticipated threats that are now the preferred attack vectors in our modern cyber threat landscape.


What if there was another way?  An automated way? One that didn’t require any manual configuration? One that was automatically self-learning using all available data? One that was infinitely flexible and could speak the language used across an entire organization – from the hands-on technical users to business manager users and even board members? And lastly, one that provided actual actionable results in less than five days?


Perhaps that would also get you motivated to make a startup your new home and see how you could change the security world in your own way, just a little. 

Big Names, Big Security and Big Data – a Reflection on SINET Innovation Summit 2014

By Ryan Stolte at 8/14/2014 11:11 AM
Filed Under: Big Data, Big Data Analytics, Context, cybersecurity

In recently attending the SINET Innovation Summit 2014 in New York, I was impressed with the quality of speaker/panel participants the event continues to showcase. This included Admiral Michael S. Rogers, Commander of U.S. Cyber Command and Director of the National Security Agency/Chief of Central Security Service.


And if you sat in on a panel session or two, you’d notice that very few of the panelists were security vendors that had a message to sell. The conversations were led by insight from chief information security officers (CISO) and Cybersecurity heads from the highest levels of the military, Department of Homeland Security (DHS), additional federal agencies, financial institutions and other esteemed private organizations. This afforded to me an invaluable opportunity to hear about the trends and challenges they’re seeing first-hand.


While a variety of topics were discussed, there were two issues that really stood out for me and those were 1) The massive cyber security undertakings required of the large government and financial institutions and 2) How organizations are using Big Data.


While on their own, these two topics may seem pretty common, but as they were discussed and I reflected on them, some key points stuck out in my head.


1) If the ‘big guys’, with their massive investments in cybersecurity, are still very concerned about stopping the bad guys, what does that mean for everybody else?  Not surprising, many of the leaders at these large organizations discussed the staggering challenges of implementing effective security strategies and focusing /managing resources and personnel to execute and stay ahead of the latest attacks on a daily basis. And even with these massive efforts, more often than not, they are still concerned about their security posture.


If these hardened enterprises, which are at the top of their game when it comes to cybersecurity, are working this hard, what does that mean for all the other companies? Retailers and other corporations – not to mention smaller companies – usually don’t command the same attention and resources when it comes to cybersecurity. It doesn’t take long to find real-life examples of this.


Just look at Target, from which 40 million customer credit card numbers and 70 million addresses, phone numbers and additional items of information were stolen late last year due to a breach. The Michaels store chain also dealt with a major breach this year, affecting data linked to 3 million of its customers’ payment cards .


It only takes one successful exploit by an attacker to inflict months – even years – of losses and reputational damage. This is why it’s important for enterprises to partner with a vendor who can bring the required cybersecurity expertise and talent to the game, allowing them to focus on core competencies such as merchandise, sales, customer service, etc.


At Bay Dynamics, we work with some of the world’s largest organizations, including financial services companies, to deploy solutions that help them reduce the “noise” from their security tools, identify threats and effectively safeguard their systems. If we can produce effective results for these customers, think of the results we can produce for other brands.


2) Congrats, you have a giant Big Data repository!  How did it make you more secure?  Big Data is a hot topic in most industries and especially in security where some enterprises have up to 100 different security tools producing mountains of data daily. So, it was no surprise that Big Data was part of the discussions at SINET.  As I put more thought into this topic in general, I feel we as an industry have lost sight of the ultimate goal of Big Data and fail to ask ourselves, “Is my Big Data strategy tied directly to a measurable security improvement?” 


The trap many fall into is directing all of their data resources into one big repository and hiring  ‘experts’ to try to make sense of it, while not focusing on impact-generating systems for using it. Today, many enterprises are entrusting data scientists with operational responsibilities to uncover and act on insights from security data. I see two serious issues with this:


  •  As data and repositories continue to grow, organizations will have to keep adding more and more ‘Big Data’ people
  •  These people aren’t subject matter experts in the problem they’re responsible for solving


Throwing more data experts at a security problem is not a sustainable – or secure - solution


Enterprises need to understand the data they should be going after and the context in which that data can be useful. Ultimately, striving to deliver the right data directly to the security teams (not the data scientists), so they can quickly and effectively remediate security incidents.   


Prioritizing investigations goes a long way. When dozens or even thousands of possible threats are coming at you every day, you need a solution that allows you to rank incoming incidents in order of urgency: Which ones have the capacity to do the most harm? Then, after you tackle those, you move on to the next on the list. Never spending too much time prioritizing events because the solution does that for you.


At Bay Dynamics, we take customers to this optimal state of preparedness every day by helping them unlock the vast potential of Big Data. We take pride in bringing them to the point where they’re empowered by data, instead of engulfed in it. If that sounds like something you’d like to talk about, then please contact us.



The Era of Prevention-only Security is Over

By Feris Rifai at 7/23/2014 5:04 PM
Filed Under: Context, IT Analytics, Risk Fabric, Risk Management

I recently participated in a panel at the Gartner Security & Risk Management Summit: “Security Startups: Leading the Way to Success.” As panelists, it was important for us to address the current state of IT security tools and market dynamics, in order to talk about the path to success in today’s crowded market.  As the conversation started, it was clear that the Era of Prevention-only Security is over and this gave way to multiple, large investments in monitoring and detection solutions.


Security teams are drowning in false positives as they deal with a barrage of information coming from siloed security tools, trying to manually piece things together by hopping from solution to solution and ultimately leading to a lack of confidence in the data. Today, enterprises need to align their data and provide context through behavior analysis – so security practitioners and investigators have a clear focus.


As we look at innovations in the security industry and the path to success, it’s becoming increasingly clear that IT security teams need tools to help them focus on what’s important. 

And that’s where Bay Dynamics steps in. With Risk Fabric, we deliver superior context – leveraging real user behavior and data from our clients’ point solutions – to enable IT security teams to prioritize their actions for faster remediation.


If you are struggling with a siloed approach to IT security and going crazy with the  data your point solutions produce, contact us and we can talk more about how to bring sanity – through  context –back to your IT security team.