cytellix

5 BUSINESS VIEW MAGAZINE VOLUME 10, ISSUE 3 Offering a complete SaaS subscription solution, Berger says this is often the best option for small and medium enterprises, which he suggests is an underserved market. “They don’t necessarily have investments in cybersecurity technology themselves, so, we provide that turnkey to a customer as a SAS solution,” he reports. Cytellix will also work with those who have existing technology. “We are uniquely positioned so that we can allow a ‘bring your own license’ into our platform,” explains Berger. “If they’ve made an investment in, let’s say, Endpoint Detection or Response (EDR), and they don’t have a vulnerability service or capabilities, and they don’t have log management capabilities, like an SEM, SIEM, we can offer a hybrid approach for them, and then layer the GRC on top of that, for a complete holistic solution.” Assisting manufacturing companies to meet CMCC compliance requirements is another focus for Cytellix. Martha Daniel, CEO of IMRI, recounts, “Many of the manufacturing companies are being required to become CMMC compliant in order to do work for the defense industrial base. So, the solution that we have been rolling out has been directed to several of the manufacturing companies that have that requirement. We have a number of companies that we have migrated and helped to become compliant to this new regulation that has been mandated and will be enforced in 2023.” As for what types of cybersecurity risks customers face, it is more than just avoiding the common ransomware and malware attacks. “It really comes down to understanding whether an organization is taking a good approach to manage its risks and vulnerabilities,” Berger conveys. “These targeted attacks to small and medium businesses are really based on a correlation of information - user behavior, vulnerabilities that have not been patched inside of the organization, and the actual threat that’s coming in. It’s really about the hygiene of the organization or the training of the employee and the hygiene. Our capabilities identify in real-time those shifts or changes of behavior, so we can see it and shut it down before it becomes a big problem.” With an efficient onboarding process, Berger reports that most of Cytellix’s customers can be operational in under 4 weeks. The next step is monitoring, which includes looking at things from the log source level, user behaviors analytics (UBA), and endpoint behaviors. The Cytellix solution also looks at discovery, which is the ability to identify known and unknown digital devices and services that are coming on the network. He describes, “Having all those disparate sets of items, from a monitoring perspective, they need correlation to say, ‘What is the relationship from one to another, and does that equal a bad event?’ Our artificial intelligence, machine learning, does that correlation, to filter a false positive from a legitimate threat in real-time. This reduces the noise for our customers so that we can move to the next phase, which is the