Introducing Cynomi: Enabling vCISO Services at Scale
Talkin’ bout a revolution
In cybersecurity, just as in real life, there is a massive difference between the “haves” and the “have nots.” Enterprises, for example, have access to the most advanced cybersecurity tools and expertise available, with whole teams dedicated to keeping the organization safe against cyber attacks.
SMBs, on the other hand, have been completely underserved when it comes to cyber protection – even though SMBs make up 99.9% of all US businesses. And if not for the brave efforts of MSPs, MSSPs, and industry consultants who passionately serve this market, the situation would be a lot worse.
What’s more, with enterprises investing huge resources into cybersecurity, attackers are focusing on the soft targets that SMBs present, creating a ticking time bomb. This is inherently unfair and needs to change.
This is the core problem we solve at Cynomi: leveraging best-of-breed technology and world-leading industry experience, to offer enterprise-grade cybersecurity solutions to SMBs through their trusted partnerships with consultants, MSPs, and MSSPs.
Why we’re here
David Primor, co-founder and CEO of Cynomi, tells the story of a friend who ran a medium-sized company that was hit with devastating cyber attacks three times in one year.
The first time, attackers took control of the company’s website. It was subsequently discovered that key website software had not been updated for around three years. While this is Security 101 for anyone with a cyber background, many people are not aware of the importance of frequent updates and patching – and there was no policy in place to enforce software updates.
The second attack came as a result of an open RDP port which led to a ransomware attack. Again, closing ports is security basics for a professional, but without that guidance, there is little awareness of such cyber hygiene.
The third attack culminated in a data leak, due to a combination of poor password management, and access management. Another basic component of security that was simply not up to scratch.
How can this be solved, and specifically, how can those tasked with protecting such businesses – such as MSPs and MSSPs – be empowered to provide the highest level of security?
Now it’s personal
The co-founders of Cynomi combined their unique experience and skill sets to build a product that would tackle this challenge head-on.
Now, it was personal. Roy Azoulay, the co-founder, and COO, was involved with numerous startups and small businesses, especially through his involvement with Oxford University’s startup incubator. David, as the other co-founder, had spent fifteen years in the IDF’s elite cyber intelligence unit 8200, and then four years as the Head of Technology at the Israel Cyber Security Authority.
Both had experienced this problem firsthand. Both had seen the damage that was being caused. Together, they resolved to make a difference.
Enter the vCISO
Let’s revisit David’s friend whose medium-sized company was successfully attacked three times in a year. What these attacks have in common is that having a security professional on the team such as a Chief Information Security Officer (CISO) would have easily prevented all of these attacks. Without the budget and resources available, however, this business paid the price.
David and Roy understood that there is a need in every business for someone who really understands security. Someone who would make sure the company not only has security tools deployed, but that it is actually secure (including having the right processes in place, setting up policies, and ensuring that security tools are being used correctly).
Instead of having a full-time CISO on board, many companies began engaging the services of a virtual CISO (vCISO) or a CISO as a Service (CISOaaS). This is a fractional relationship, where one vCISO can essentially consult numerous companies.
This task was also being handled by companies’ trusted partners when it comes to everything IT-related, especially MSPs and MSSPs.
However for actual vCISOs, MSPs, and MSSPs, scaling was (and still is) a massive – and up until now almost insurmountable – challenge. There are three main reasons for this:
- Talent: It’s difficult to attract these types of professionals; they are expensive, difficult to find, and the fact that enterprises with deep pockets and all the perks are also competing for the same talent makes it infinitely harder.
- Time: The time of these professionals is limited. They typically can’t delegate to those less skilled and experienced than them (delegating is something that Cynomi enables, but more on that later).
- Technique: Each professional who serves as a vCISO does so in a slightly different manner, with each often using their own methodologies. The lack of standardization makes it much more complicated to scale.
Cynomi enables managed service providers and consulting firms to leverage its AI-powered, automated vCISO platform to continuously assess client cybersecurity posture and compliance readiness, build strategic remediation plans and execute them to reduce risk.
At the same time, it removes the barriers to offering such a valuable service: circumventing constraints such as the manual work and deep expertise required to serve each and every client.
Essentially, Cynomi takes all the knowledge of the best human CISOs and combines it with deep tech, proprietary algorithms, and automation. It thus provides trusted partners with all the tools they need to grow their business, optimize their time, and most importantly, provide value to clients by offering the knowledge and expertise of the best CISOs in the world.
How exactly does it do this?
- Automated Cyber Profile: Starting with some initial discovery questions and an express scan, Cynomi automatically builds a unique cyber profile for an organization.
- AI-driven Assessment: The Cynomi engine then continuously parses the cyber profile of each client against relevant external resources such as the NIST Cybersecurity Framework, ISO 27001, and others, as well as industry benchmarks and external industry-based threat intelligence data.
- vCISO Operations Dashboard: MSPs and MSSPs can now access Cynomi’s real-time cybersecurity posture dashboard including gap analyses, compliance status, tailored and easy-to-follow policies, client-facing reports, and a customized remediation plan that includes prioritized, actionable tasks and the tools.
It’s like having the best CISO in the world on your team, giving their all to every single client.
Partnering for a stronger ecosystem
Our commitment to protecting SMBs and midmarket companies means that we have a deep understanding of their IT ecosystem. It’s because of this that go-to-market (GTM) is a big part of our story – we decided to solve the SMB security expertise gap by helping the MSPs, MSSPs, and consultancies that provide them with vCISO services to do that in an optimized way and scale their services.
We believe that service providers are the solution for the mid-market cybersecurity crisis. The Cynomi platform understands the challenges faced by MSSPs, and caters to them. The solution is “service provider first” and was built with this in mind.
MSPs, MSSPs and consultants can access:
- Full multitenancy
- Tailored security policies
- Prioritized remediation plans and tasks
- Vulnerability and exploit gap analysis
- Customer-facing reports
- Simple, automated billing
The all-star team
One of Cynomi’s key differentiators is our team. They are knowledgeable, passionate, and dedicated, with many of the team having successfully worked together at Israel’s Cyber Authority or Cyber Unit 8200.
The company was founded in Israel and the UK, meaning it was multinational from Day 1. It gives the company a unique international atmosphere, encourages diversity, and allows us to be closer to our customers. It also means that we are used to hybrid work, and have developed ways to embrace this type of environment.
We’re also very proud of the fact that we have a great representation of women in management positions: three out of five VPs are women.
Towards a safer tomorrow
We’re partnering with forward-thinking service providers – who are just as passionate as we are about offering enterprise-grade security and the best vCISO services to clients in the SMB space – to make the world more secure.
Together, we make professional security expertise accessible for SMBs, kicking off what is going to be a revolution for all small and medium-sized businesses that will finally be able to properly keep themselves cyber-safe.
To learn more about us and our quest to change the world of cybersecurity, drop us a line.