Partha Panda, CEO and co-founder of Cysiv, Inc, tells Anita Joseph, Editor, Security Advisor Middle East, how Cysiv combines SOC technology—including a cloud-native next-gen SIEM, data science, machine learning, threat intel and automation—with a team of experts, and delivers them as a subscription-based service that can be quickly implemented.
What is Cysiv all about?
Cysiv is a security software company. We provide 24/7 security operations center-as-a-service (SOCaaS) that combines our cloud-native, next-gen SIEM software with a team of experts, to provide threat detection and active response. We deliver all of this, as-a-service, with simple subscription-based monthly billing.
Cysiv is headquartered in Dallas, USA, and has offices in other countries, including now Egypt and UAE. We were incubated within Trend Micro, a global cybersecurity leader, and now operate as an independent company. We’re backed by the largest VC firm that focuses exclusively on cybersecurity, and in addition to Trend Micro, have an important strategic alliance with Google Cloud.
Cysiv is entering the Middle East market in a big way. What does this mean for the company?
We believe there’s a tremendous need for SOCaaS in the region. The average time to detect and contain a breach by organizations in the region is amongst the slowest, and the cost of a data breach amongst the highest, worldwide. So, the need is clearly there, and we’re excited to expand our global footprint and be able to help forward-thinking organizations better defend themselves.
We’ve been able to enter the market so quickly because in 2020 we acquired and re-branded SecureMisr, a leading, Cairo-based provider of managed SOC and red team / blue team services. Their superior expertise and established client relationships, which includes many Global 2000 organizations in banking, financial services and telecommunications, has allowed us to accelerate our investment in the region.
What can the Middle East market look forward to, from Cysiv?
Cysiv’s existing clients in the region will continue to receive the same expertise and service they’ve come to rely on over the past 12+ years. Our regional leadership team remains unchanged, and their deep knowledge, experience and understanding of the different industries and the regional threat environment, is central to our business and the value we provide. And we look forward to introducing them to the incremental benefits of SOCaaS.
We’ll also be investing heavily in the region, as we open additional offices, expand our regional SOC operation, and hire security experts, data engineers and sales professionals that further strengthen our local presence. We’re very excited by the talent pool in the region, and we understand how important it is to serve Middle East clients with local experts.
Ultimately, with Cysiv, CIOs and CISOs can reduce the risk of costly and damaging breaches and business disruptions, and more readily support regulatory compliance requirements. This in turn will inspire greater trust and business confidence from their end customers.
What exactly is SOC-as-a Service and why is it relevant today?
SOCaaS provides enterprises with all the benefits of having their own world-class 24/7 SOC, but without the tremendous costs, complexity or time required to build, staff and operate one themselves. With our cloud-native, next-gen SIEM, advanced use of data science and automation, and our ability to quickly and effectively leverage telemetry from across an organization’s entire IT environment, including on-premise and multi-cloud environments, we’re able to deliver value that traditional MSSPs and MDR providers simply cannot.
The reason SOCaaS is relevant today and why there’s such tremendous demand for it is that traditional approaches to security simply haven’t worked. Despite all of the investments that organizations have made in firewalls, IDS/IPS appliances, endpoint detection and response and other security solutions, threat actors are still able to readily to inflict massive damage by stealing valuable customer data and intellectual property and disrupting business operations.
Security leaders increasingly recognize that a 24/7 SOC is an essential part of a comprehensive and effective risk management strategy. But an effective SOC—one that combines the right technology, experts and processes, and is able to deal with terabytes of telemetry and data from across the enterprise, and not drown its analysts in false positives and too many alerts—is tremendously expensive, complex and time-consuming to build, staff and operate. And until now, it’s been beyond the reach of most organizations. Cysiv solves this problem.
How do you evaluate the threat landscape today?
Threat actors have gained the upper hand, and the proof is in the news headlines that have become all too common. Every industry in every country is under attack, around the clock. Threat actors, including disgruntled employees, hackers and hacktivists, organized cybercrime rings, and nation states are more sophisticated and motivated than ever. The attack surface they can target has grown dramatically as enterprises adopt IoT, mobile and cloud computing, and try to support pandemic-driven work-from-home policies. And the weapons and techniques threat actors now have access to have made it increasingly difficult to quickly detect and actively respond to ransomware, advanced malware, business email compromise and other cyber threats, before it’s too late.
What are the main cyber security challenges that the region is facing today?
They’re no different than the key challenges faced by organizations in every other country. First and foremost, advanced threat detection and response is now primarily a big data problem: the signals of an attack or compromise are there, but finding, correlating and responding to them in a timely manner, is extremely difficult.
But the other main challenge is the global shortage of cyberskills. To do what I’ve just described requires a team of highly skilled and collaborative data scientists and engineers, security analysts and incident responders, and threat researchers and hunters. Unfortunately, there aren’t nearly enough of these people to go around. Attracting, managing and retaining them is an expensive, time-consuming and difficult task. And operating a SOC is not a core competence for organizations. Nor should it be. Cysiv overcomes these challenges by combining SOC technology—including a cloud-native next-gen SIEM, data science, machine learning, threat intel and automation—with a team of experts, and delivering them as a subscription-based service that can be quickly implemented, and that operates as an extension to your IT and security team.