The Cyber Startup Observatory

Innovation - Insight - Leadership

Leave a Comment

Yotam Ben Ezra

Cyber Security Leaders - Yotam Ben Ezra, Chief Product Officer at SafeBreach

Yotam Ben Ezra is the VP Products at SafeBreach. Prior to joining SafeBreach in 2018, Yotam held research, development, and leadership positions for eight years with Radware (RDWR). Before that, he led the security research teams at Check Point Software (CKPT). Yotam holds a B.Sc Degree in Physics and Computer Science from King’s College London.

What is your overall approach to information security?

The most important challenge for security organizations today is focus. We live in a world where many changes happen at very high speed, and business requirements dictate short time to market for new capabilities and technologies. At the same time, the number and complexity of threats and vulnerabilities keeps increasing dramatically. With so much complexity, so many alerts, and so many security vendors to manage, the reality is that 100% protection does not exist. Organizations must find ways to focus cybersecurity efforts on what is most critical to them.

Our approach as a company is to push into an era of proactive security management. Our specialty is knowing what security controls work, which do not and how to remediate. We help companies concentrate on the controls, the vulnerabilities and threats that really matter to their business, so they can better protect the data assets and infrastructure that are most important for them.

How do you convey to the board the inconvenient truth that - with regards to cybersecurity - a CISO can minimize the risk but you are never going to be 100 percent secure?

This is a challenge for CISOs, but it can be solved with a data-driven approach to communicate the risks the organization faces. It relies on testing and measuring three main aspects - the threats the organization should be concerned about, the overall measured vulnerability for those threats and the impact to the business should those threats be realized. Tying all that together and showing how it’s working to drive down risk - with consistent metrics - the CISO can educate the board and enable constructive discussion.

How can a CXO help the CISO better understand a business’ needs?

First, the pandemic and its ability to wipe out industries make such an understanding absolutely critical. Before, businesses had to be agile. Now, they must be more agile, ten times as fast, and safer - because bad actors are well aware that while rushing to adapt, businesses may leave themselves exposed.

Part of understanding the security impact to the business is to know how the CXO looks at key business areas. The CXO and CISO can align on KPIs - for the security operation - which reflect this impact. Once those are related to threats and vulnerability, this can help the CISO deliver and communicate a cybersecurity strategy which is aligned precisely with the company’s business goals - and will keep up with the abrupt changes that have hit this year.

CXOs, Security and IT professionals are bombarded with news about cybersecurity issues. How can they filter out the noise and determine what issues really matter to the company?

They can do that by building their cybersecurity operations based on threat analysis, continuous testing of attacks and vulnerabilities, validation of defenses, and prioritization based on business impact. They can focus on which threats, vulnerabilities, and data assets matter most to the business. They are also able to communicate their strategy well to other organizational functions and hence increase confidence and enable the business to move forward.

Highly regulated industries such as financial services or healthcare face strict expectations from regulators and consumers alike. They can expect serious reputational consequences if they let consumers down by suffering a data breach or by failing to innovate service offerings. How can this be addressed?

In regulated industries you need a high level of confidence that you are in compliance with regulations on data security and confidentiality of PII. Without that confidence, companies move too slow and lag on innovation. This is addressed by testing and validating for any change which may slow down progress considerably.

Conceptually, this problem had already been solved in the software field with CI/CD pipeline and automation. For security, this can be done with automated attack simulation in a very similar way to deliver the confidence required from a security perspective.

How has industry cooperation made an impact on cybersecurity?

Over the last decade the security infrastructure has become an ecosystem that includes many technologies which have to be managed as a collective. Instead of many gears, it is a Swiss watch. This represents a huge challenge in tuning the environment, so the pieces play together, and CISOs have limited staff to handle that. Being able to share information between platforms makes a huge difference in boosting efficiency in security operations.

In today’s security ecosystem, security tools and technologies are expected to integrate with each other and automatically work together. For example, here at SafeBreach we integrate with various security controls, SIEM platforms, Vulnerability Management tools, workflow and automation platforms and Threat Intelligence platforms.

Closing thoughts

With the pandemic upending business models in many industries, all the clichés about ‘moving fast in today’s competitive environment’ were suddenly multiplied by a factor of ten. It is unviable for a business to be held back in 2022 by info-security that lags.

A security program with interlocking methods that are continuously validated and adjusted, sharing data and prioritizing the vulnerabilities and threats that actually matter most - this will be the most successful in protecting critical assets and unshackling the business so it can be agile, and continue to be strong for a long time.

Cyber Security Leaders - Yotam Ben Ezra, Chief Product Officer at SafeBreach Yotam Ben Ezra
>
Send this to a friend