Just like your credit score, your security score is an important metric to track. Read on to see what’s happening in that realm.
Sramana Mitra: If one of you could give us some background about UpGuard as well as the two of you, that would be great to begin with.
Mike Baukes: We’re a company that basically focuses on making it easy to understand your digital posture and its digital resilience. I’m one of the Co-Founders, and I’m a Co-CEO alongside Alan Sharp-Paul.
Sramana Mitra: Are you both from the security space? What we see in the security companies is that the founders have been in the industry for a long time.
Mike Baukes: Alan and I come from a great pedigree in financial services. We spent about 15 years in a variety of large-scale organizations. We were dealing with a lot of problems directly related to security issues that we are seeing in today’s modern context. The reason we started the company was because we were increasingly delivering more and more solutions and we were finding it really difficult to get effective collaboration between security, business, and operations.
As we were progressively seeing these patterns in the course of our working lives, we progressively began to see an opportunity to focus on the core principles of knowing what you have and then extending that with the capability of understanding what your system is doing in the context of the business and more importantly, how people are using those systems across a fairly complex IT organization. That’s how we started the company – by giving people visibility into development and operational workloads. Over the last four years, we’ve been pulled more and more into the security story.
Understanding the building blocks is a necessary criteria to understanding the whole organization and its actual digital resilience. We take all of these signals, configurations and then we blend that with external factors that are being discovered through the Internet, for example. You’ve got this powerful internal capability of understanding what you have, blend it with this capability expert, and we unify that to a single score where it’s actionable. It allows organizations from the C-level all the way through to an IT worker to be able to make better and faster decisions around risk and, more importantly, continuous improvement and delivery.
Sramana Mitra: Since you are now pegged in the security industry space, so to speak, can you help me understand the ecosystem map around what you do and how you differentiate in that space?
Mike Baukes: There’s a lot of different applications and security vendors out there that have a very prescriptive way of dealing with security issues. For example, you may have FireEye. On the other end of it, you’ve got the existing organisations like Symantec that has a large portfolio of pretty much every type of security platform you can imagine. Then you’ve got all these emerging reputational companies that are helping companies understand the vendor risk framework.
They help understand what types of potential vulnerabilities could exist in their cloud workloads. Then you have the traditional integrity companies like SiteCore. The position that we see ourselves in is that in order to understand your digital posture and, increasingly, your ability to be able to weather digital transformation effectively and become more digitally resilient as a result, you really need to have an internal and external perspective alongside the data that are coming through.
You need to have a contextually aware security system that not only applies to production workloads but is also, more importantly, baked in from the core and from the development efforts onward. As part of the platform that we provide, we provide that external repetitional defence component which is looking at the nature of the nature and processes of the businesses. We also take those components on a reputational side and then the core of the organization internally, be it in the cloud or data centre locally, and then scan all of those items and add all of these layers that we’re managing to get together.
From that, we then unify it in a representative single score. It’s very similar to a FICO score. The beautiful thing about this is you can drill right into it and it will tell you exactly what to change in order to increase the score. It’s very actionable and contextually relevant. It’s also deeply integrated into the workfloworgan and processes that these large enterprises typically go through.