Automating Cybersecurity Posture and Cyber Risk Quantification
Curtis McKee March 16, 2022
The Enterprise Attack Surface has exploded over the last decade and exponentially so during the Covid-19 pandemic, with seemingly unlimited vulnerable enterprise assets (mobile, data center, cloud, remote, IoT, and more) and hackers launching myriad sophisticated attack vectors to compromise networks and nodes. Current cybersecurity decision making leverages siloed tools processing disparate data sets that have failed to deliver the most essential insights: information that quantifies cyber risk in terms of potential dollar ($) loss due to a cybersecurity breach. CISOs at large enterprises are unable to prioritize which assets require the most attention and sometimes rely on guesswork to predict when, where, and how they might get attacked next. Security professionals are hungry for a single platform solution to unify, consolidate and automate their cybersecurity posture in real time to quantify risk with traceability to operational metrics.
Third Point Ventures is thrilled to partner with Balbix, and participate in their $70M Series C financing. Balbix is an AI-powered SaaS platform for cybersecurity posture and risk management. Balbix ingests outputs from the various security tools within an organization and uses AI to combine them into a unified view of enterprise risk that is tied to potential dollar-cost. Balbix impressed us with their ability to analyze petabytes of asset inventory data in real time and help Fortune 100 companies reduce cyber risk by 95%, based on “mean time to resolve” (MTTR) security issues, while making security teams 10x more efficient. In these kinds of companies, it is not uncommon to encounter 100,000 assets x 1,000 attack vectors, resulting in 100M risk nodes to be understood in real time. As part of our diligence, we talked to several CISO users of the Balbix platform who confirmed its value. With potentially tens or one hundred disparate security tools, it becomes harder for CISOs to understand overall cyber risk in the enterprise. Balbix is the only platform that can turn alerts from these tools into actionable risk data and ultimately guide CISO’s decisions regarding which security issues to prioritize with quantifiable ROI ($) tied to each identified security risk.
During the pandemic, Balbix Founder/CEO, Gaurav Banga, correctly made the move to evolve Balbix’s platform into what is now a 100% SaaS, AI-enabled “brain” that ingests signals from all other security products and provides highly valuable insights into risk quantification. This has paid dividends for the company, generating strong 2.5x growth in ARR over the past 12 months, including four multi-million-dollar deals (rare for a startup in cybersecurity at this stage). We see Balbix poised to expand its leadership position in the rapidly growing Security & Vulnerability Management market, which is expected to be approximately $19B by 2026.
Third Point Ventures looks forward to partnering with Gaurav and the rest of the Balbix team and to joining the experienced board of Balbix, which includes representatives from Mayfield, JC2 Ventures, Redline Capital, and Mubadala Ventures. We’re confident Balbix has the right approach to automating cybersecurity posture and risk quantification and are excited for the next stages of its journey.