The Setting – Cybersecurity Needed in Cloud Environments
Our topic today is Security in Today’s Cloud Environment – What Smaller Organizations Can Do to Achieve It. We are delighted to be talking with Alon Mantsur, an expert in cybersecurity and founder and CEO of Cybrella, a firm that provides a unique set of security services.
Most businesses today rely on cloud infrastructure for a substantial portion of their operations, and many organizations are heading towards complete cloud-based operations. With this heavy utilization of cloud-based data, applications, and transactions, there are significant cybersecurity risks that need to be addressed—especially for small and medium businesses.
The majority of companies, particularly smaller companies, assume their cloud vendors will provide a safe environment for their data and transactions. But as we will hear from our guest today, that’s not necessarily a safe assumption. Alon states that “Data residing in the cloud is still owned by the business, and the business is responsible for securing it. If there’s a data breach, it’s the business that is liable, not the cloud provider.”
By way of introduction, Alon is a cybersecurity expert with a successful career of over two decades in cyberspace. He started his cyber career in the military where he was serving in the special technology unit. While working at Ness—the largest IT Company in Israel, Alon met Shahar Efal, the CEO and founder of Ness and a role model for him. Shahar’s leadership style has highly influenced Alon. Shahar gave personal attention to every employee and customer—the team being 25 employees or 3,000 employees the approach remained the same. Outlining one such incident, Alon asserts, “One night I was doing a support activity with my team at a big bank, the main system was allowed to shut down only on weekend nights, and we were missing a certain software driver. I called Shahar, and at 1:00 am he arrived with the missing driver and two pizzas for the team. I was very impressed by him and I’ve tried to emulate that same level of commitment and service throughout my life”
In 2003, Alon set out on his entrepreneurial journey with 2BSecure, which is one of the leading cybersecurity services companies in Israel. It was also the first MSSP, as well as the first application security consultancy provider in Israel. As a leader, Alon walked in Shahar’s footsteps and followed a personalized approach. By combining his extensive knowledge of the cyber world with peerless leadership, 2BSecure became one of the most successful Cybersecurity service providers in the region and was eventually acquired by Matrix, a leading IT company in Israel. In 2019, Alon established Cybrella to duplicate his success of 2BSecure in the US market.
Today, Cybrella is bringing high-end cybersecurity knowledge and experience with a customized value proposition to the SMB’s market in the US. The team of experts is equipped with experience and practical expertise in enterprises level cybersecurity activities, including building security operation centers for governments, banks, and big global fortune 500 companies.
Cybrella, as a young company in the American market, provides a professional yet family-like culture for employees and customers.
In our earlier conversations with you Alon, we caught a glimpse of your journey in the cybersecurity world, and some of your rare insights in this area. For example, you stated that for many small organizations, “unless they take specific steps to augment their security,moving critical operations to the cloud is like leasing a safe in the bank or a post office box and leaving the door open.”
You make a strong point that organizations of all sizes, even small ones, need to take responsibility for securing their cloud-based applications and data. However, they don’t need to, and in many cases can’t, do it themselves. Hence the need for companies like Cybrella.
Firstly, could you please tell us the mission behind the establishment of Cybrella?
When we created Cybrella, we saw many cybersecurity challenges for SMBs. There was a lack of knowledge and a shortage of talent compared to level of effort needed. Most professional cybersecurity providers don’t want to engage with SMB companies. They prefer working with the big wealthy customers. That’s why we at Cybrella decided to focus on this market. We also work with enterprises, but we put a lot of focus and proactively seek the SMBs.
Our approach is to bring the enterprises’ capabilities, vast expertise, knowledge, and experience, and adapt it as a service to fit the SMBs’ needs. We know how the big companies operate, and we provide those methods and techniques as a service for the SMB market.
Cybrella is a world-leading cybersecurity consulting company. Cybrella provides consulting services for all aspects of modern cybersecurity requirements – Risk Management, fraud & AML, Cloud Security, Technology, etc., provided in two-service bundles:
CISO as a Service – Cybrella’s Virtual CISO service supports customers to ensure a clear understanding of cybersecurity risks associated with their business and the actions needed to reduce risk. We provide the governance and leadership required to design the right controls and lead internal personnel and providers to ensure effective implementation.
Application Security as a Service – We help DevOps in any lifecycle stage that the application is in, from design/architecture to deployment. Cybrella works closely with the DevOps team to educate them in developing secure applications. We also build controllers and assess each system to identify and mitigate vulnerabilities. This helps our client’s confidence level, knowing that they are one step ahead of the hackers. Cybrella’s application security staff are all experts, with backgrounds in developing and coding in a broad range of applications and domains, including web, cloud, mobile, IoT, embedded, etc.
The pandemic created two major challenges. First, most customers moved from on-site to remote services. This created many new cybersecurity vulnerabilities that had to be addressed, but unfortunately most SMBs lack the resources in-house to do that so they had to reach out to organizations like us. Secondly, in order to get help from remote consultancy services, there needed to be a higher trust-base between companies and providers like Cybrella. As you can imagine, the ability to control and escalate is much more complex, so the relationship becomes key. Our professional yet family-like culture, that every employee embraces, has really helped us and our customers through these trials.
With the advent of COVID, cyber-attacks increased significantly, as did the need to guard against them. However, at the same time many companies were feeling uncertain about their business and began curtailing expenses. New projects were put on hold, even those required to improve security. Numerous companies also moved to a remote work force. However, the increased cyber-threats associated with remote workers created a lot of apprehension. Many organizations preferred using current suppliers and not engage with new ones.
For Cybrella, as a young and innovative company, this was very challenging for us. One of our immediate reactions was to change our Go-To-Market strategy. Instead of trying to contact customers directly, we have built strategic partnerships with well-established local companies with complementary services to ours. This move has highly proven itself, and to this day, a significant part of our activity is offered through collaborations.
I do not doubt that with the migration to the Cloud and remote work, the needs of SMB companies and application developers, especially SASS, will only continue to rise. We will establish ourselves as a leading company in CISO as a Service and Application Security as a Service to the US SMB market.
Cybersecurity (back then, it was called information security) always fascinated me. It is a chasing journey between the good guys and the bad guys. To be successful in any career, it helps if you become fascinated with what you do. It will also help if you are an entrepreneur with a creative character who doesn’t fear taking risks and dealing with challenges. You also need to be a dynamic person, results-oriented, and the most essential skill is interpersonal skills. Make sure to listen to and meet the needs of your customers, and motivate your teams to peak performance.