Cytellix – Orange County, California

April 5, 2023

Cytellix

The Complete Cybersecurity Solution

With end-to-end capabilities, Cytellix Cyber Watch Platform stays ahead of cyber risk

In an increasingly digital world, organizations and businesses of all sizes are vulnerable to cyberattacks, exposing sensitive business and customer data. With more people working from home, migration to the cloud, and large numbers of connected devices, the threat of cybersecurity exposure is heightened. Add on ever-increasing compliance mandates to comply with, and the cybersecurity function becomes difficult to manage without outside help. As the only patented technology platform that brings compliance frameworks, cyber threats, weaknesses, and vulnerabilities together in one view, Cytellix has the next mainstream solution.

Founded inside of IMRI, a provider of cybersecurity, data center operation, and program management to the Federal Government and commercial entities. Cytellix Corporation has quickly evolved into an important cybersecurity solutions provider, serving small and medium enterprises and federal organizations.

Brian Berger, Cytellix President shares, “Our original charter was to develop a Cybersecurity Software as a Service (SaaS) capability that leveraged the experience and historical roots with IMRI, and bring a solution into the commercial market that would help small and medium businesses take advantage of some of the Cybersecurity best practices that are used for the government at a very affordable and consumable way for smaller enterprises.”

He adds that since Cytellix’s origins, it has morphed to offer a complete turnkey solution, with three issued patents and several pending patents for the groundbreaking technology they have developed inside of its SaaS offering, the Cyber Watch Platform. “We have combined several capabilities that the market is using or demanding today, around governance, risk, compliance, vulnerability management to managed detection and response. We have also developed in-house artificial intelligence and machine learning to ingest that information and provide near real-time insights to our customers about the cyber risks and threats facing their company.”

He notes that all clients, whether government or commercial, require a similar approach to mitigating cyber risk. “ At the end of the day, it is really about understanding the types of risk an organization is facing so they can better prioritize what to tackle first. This is especially vital given the resources and skills challenges hampering most industries.”

“We are uniquely positioned because our solution combines governance, risk, and compliance status along with threat data and intelligence to identify the true cyber risk posture of an organization. By taking a holistic view, organizations can better measure risk and prioritize those risks based on business objectives. The Cytellix Cyber Watch Platform makes that a reality in an affordable and easy-to-adopt that way,” he adds.

Cytellix - Orange County, Florida With this information, Cytellix configures the technology to, as Berger says, “harmonize the solution.” “That’s where we really separate ourselves as a cybersecurity services organization and a technology platform provider, being on the proactive side of risk and threat management for our clients, and being able to predict threats for the future, based on the technology we’ve built,” he relays.

Offering a flexible and turnkey SaaS subscription-based solution, Berger says this is often the best option for small and medium enterprises, which he suggests is an underserved market and one becoming more targeted for cyber incidents.

“They don’t necessarily have huge investment dollars to put towards cybersecurity technology or resources themselves, so, we provide a turnkey solution to a customer as a SaaS offering that delivers ROI quickly,” he reports.

Cytellix will also work with those who have existing technology. “We are uniquely positioned in that we can allow you to ‘bring your own license’ with our platform,” explains Berger. “If they’ve made an investment in, let’s say, Endpoint Detection or Response (EDR), and they don’t have a vulnerability service or governance capabilities, and they don’t have log management capabilities, like a SIEM. We can offer a hybrid approach for them, and then layer the GRC on top of that for a holistic solution.”Cytellix has been very successful in supporting the commercial supply chain needing to meet NIST and CMCC compliance requirements,” Martha Daniel, CEO of IMRI, recounts.

“Many of the manufacturing companies are being required to become NIST and CMMC compliant in order to do work for the defense industrial base and that trickles down to their supply chain. So, the solution Cytellix has rolled out has been critical to manufacturing companies that will need to adhere to that requirement. We have a number of companies that are using Cytellix and it has helped them to become compliant with the new CMMC rules that have been mandated and expected to be enforced in 2023.”

As for what types of cybersecurity risks customers face, it is more than just avoiding the common ransomware and malware attacks. “It really comes down to understanding whether an organization is taking a good approach to managing its risks and vulnerabilities,”

Berger conveys. “These targeted attacks to small and medium businesses are really based on a correlation of information – user behavior, vulnerabilities that have not been patched inside of the organization, and the actual threat that’s coming in. It’s really about the hygiene of the organization or the training of the employee. Our capabilities identify in real-time those shifts or changes of behavior, so we can see it and contain it as necessary before it becomes a big problem.”

With an efficient onboarding process, Berger reports that most of Cytellix’s customers can be operational in under 4 weeks. The next step is monitoring, which includes looking at things from the log source level, user behaviors analytics (UBA), and endpoint behaviors. The Cytellix solution also uniquely looks at discovery, which is the ability to identify known and unknown digital devices and services that are coming on the network.

Cytellix - Orange County, Florida

He describes, “Having all those disparate sets of items, from a monitoring perspective, they need correlation to say, ‘What is the relationship from one to another, and does that equal a bad event?’ Our artificial intelligence and machine learning layer does that correlation, to filter a false positive from a legitimate threat, and in real time. This level of intelligence reduces the noise for our customers so that they can move to the next phase, which is the remediation or the containment side of cybersecurity. I look at those three phases as critically important to the lifecycle of cybersecurity, and an ongoing capability that has to happen in real time. So it is continuous.

Although investment in cybersecurity may seem cost prohibitive, especially for SMBs at the outset, it’s becoming imperative in today’s threat landscape to stay operational. Cytellix can save an organization money by reducing the number of tools, technologies, and internal resources required for a robust cybersecurity program.

Berger acknowledges, “With our SaaS capabilities and as a solution provider, we’re able to reduce two critical vectors. One is the number of attacks that are false positives versus legitimate threats. We can reduce more than 90% which is pure-cost savings for our customers. Secondly, if you look at running a service like ours, if it was a DIY, it would cost several million dollars to do, and we can do it for a fraction with highly skilled subject matter experts 24x7x365. It’s big savings on both sides that are really significant, along with the resolution and the quality of service that we bring, it’s a night and day difference.”

Transparency is another key element of the Cytellix Cyber Watch Platform which includes a dashboard that shows the client a clear picture of all threats, vulnerabilities, and risks, while identifying gaps and the recommended path forward to improve their cyber posture. “Everything is aggregated into a single dashboard, and every application in that dashboard allows the customer to drill down and become more educated on their gaps and risks,” Berger asserts.

Cytellix has subject matter experts who work with clients to educate them on what they are seeing, as most SMBs do not have a dedicated cyber expert in-house. “It’s not just information. If you look at the SMB market, they may not have the expertise to understand what that information means to them. So, we have experts that provide that education as well,” Berger says.

He comments that Cytellix also has a customer advisory offering that includes reviewing reports with clients monthly and giving them full access to all insights and analyses. “On an ongoing basis, we are touching our customer, not only through the software and the technology, but also as part of our monthly service that we provide, so they receive a hands-on approach that is invested in their business,” he remarks.

In addition to that the company produces webinars as a source of education, some in partnership with the Department of Defense and others through the Manufacturing Extension Partnership Program (MEP), MSPs, MSSPs, and other partners with which Cytellix has a joint relationship with to educate the clients on cybersecurity awareness.

Other important integration partners for Cytellix include IBM, Tenable, FireMon, AWS, Amazon Web Services, Microsoft Azure, and Microsoft Sentinel. “We have close to 50 technology OEMs that have been integrated into our platform that we work really well with,” maintains Berger. “I think it’s really important to recognize that what Cytellix is developing as an organization, from a technology, intellectual property perspective, is not to replace those vendors. It’s to provide speed, convenience, higher resolution, higher visibility, and situational awareness for our customers leveraging those toolsets affordably.”

As for what Cytellix has on the horizon, Berger says, “Highly regulated markets are driving hard and fast to have better cyber practices and capabilities in their solutions. Supply chain compliance and security is a massive movement right now, especially toward visibility. We have issued a patent for something that provides complete supply chain visibility in a single pane of glass. That becomes a really significant shift for the entire ecosystem and a significant shift for the entire ecosystem and for those supply chains. I think that really has a big impact on what the future looks like.”

As a parting thought, Berger highlights, “We know that cyber is not going away. So, for the next two or three years we are accelerating our sales more into specializing in the cybersecurity rollout for highly-regulated industries because of the demand those businesses will see to be compliant and have a strong cybersecurity posture. We anticipate exceptional growth there.”