Marvin Wheeler, CEO
“Oops, your files have been encrypted.”
Such messages have become a common sight for businesses, especially Small – Medium Enterprises (SMEs) today. Until recently most SMEs believed they were not on the hackers’ radar, and that hackers only attack large enterprises for better gains. However, the scenario has changed. According to the Verizon 2019 Data Breach Investigations Report, 43 percent of cyber attacks today target small businesses.
But, what caused this change?
In the world of cybercriminals, a team of hackers often includes professionals with vast technical expertise. Certainly, this ‘highly experienced team’ is created at a high cost. To compensate for this cost and stay profitable, hackers traditionally targeted large organizations that would pay out huge amounts as ransom, giving the hackers large profits at one shot. All of this changed with the advent of ML, AI and automation. Today, these technologies allow hackers to easily attack multiple businesses at a much lower cost. And naturally, the unprepared SMEs—that never considered themselves in the hacker’s radar—has become the new hot target. Moreover, the budget-constrained SMEs are often encumbered with legacy security systems and inadequate resources, making them a soft target for hackers.
Headquartered in Fort Lauderdale, FL, Cybraics equips SMEs with tools and the cybersecurity expertise to efficiently counter attacks. nLighten, the easy to use ML and AI-powered cybersecurity platform from Cybraics, is scripting new success stories by helping companies stay secure in a cost-effective fashion. “We are empowering SMEs with a cost-effective enterprise-gradel tool without them having to spend massive amounts on buying expensive hardware and software licenses or on training their teams to manage the infrastructure,” says Marvin Wheeler, CEO of Cybraics.
Delivered as a service, nLighten is unique in the way it operates. While many businesses already have security tools in their infrastructure, most of these fall into two categories. First, legacy or obsolete security tools that are not capable enough to detect or remediate the modern-day threats. Second, advanced SIEM solutions and firewalls—typically found in large organizations—that are costly, and frequently fail to prevent attacks because these tools generate hundreds of threat alerts, without providing users with relevant insights into those alerts. As a result, the security professionals—who are already overwhelmed with the number of alerts—struggle to set up manual correlation rules to identify the vulnerabilities.
Cybraics’ nLighten addresses these situations by leveraging ML and AI based analytics that automatically flag abnormal behavior. The platform detects threats, automatically aggregates data on every alert and creates a prioritized, actionable case. This liberates the professionals from time-consuming tasks of sifting through logs, parsing, filtering, and setting up correlation rules. “Instead of focusing on endless alerts, nLighten creates actionable cases, allowing the client’s security team to focus on business goals instead of time-consuming investigations,” adds Wheeler.
Analytics Pluralism: Flagging Previously Unreported Threats
Unlike other security tools that require installation of complex hardware and software, Cybraics’ nLighten is easy to implement. The platform can be fully deployed and made operational in less than one hour.
Clients can forward their data logs to its encrypted data lake, and log into nLighten’s intuitive, easy to use UI to unleash the full power and advanced capabilities of the platform. Once the logs are added, the analytic platform comes into action and starts “risk scoring” anomalies and unauthorized behaviors to deliver comprehensive case data directly to the client’s desktop. “In the first day, our platform can report on a large percentage of cases that go undetected by most other security tools,” says Pete Nicoletti, CISO of Cybraics.
The platform detects threats, automatically aggregates data on every alert and creates a prioritized, actionable case
Following the thesis of analytics pluralism, nLighten offers almost 50 different analytic scenarios, looking for over 100 behaviors, making it extremely difficult for even the most minute anomalous behavior to get through. It offers different competency levels, so if a bad behavior slips by one analytic, it gets caught by another one. If several analytics flag a given behavior, it will move to the top of the threat alert list. The platform’s analytics replaces the need for manually writing rules to detect vulnerabilities. “What makes us disruptive is that we are looking for parts per billion, which is like finding a needle in a haystack—something that is extremely difficult to carry out with manually written rules,” says Nicoletti.
Further, the platform alerts clients of every new zero-day attack to ensure 100 percent protection of data using the MITRE ATT&CK framework, which is a knowledge base of adversary tactics and techniques based on real-world observations of cyberattacks. “We are matching up with every breach to ensure that our analytics are spotting all the varieties of attacks,” said Wheeler. In fact, the advanced analytics of nLighten help clients detect threats that have not been reported previously on any threat intelligence database. “If it is a targeted attack on a specific company, the hackers likely will use a new variant of code for a fresh attack, which has not been blacklisted before. Unlike manually written rules, we can flag that outlier behavior and maintain threat intelligence feeds as well,” says Nicoletti.
Increased ROI, Directly and Indirectly
Apart from breach prevention and ROI gains directly associated with not having an event, nLighten brings positive ROI through the reduction of false positives. Nicoletti compares false positives to car alarms, where the owner stops investigating after the first few instances.
In a similar fashion, when organizations receive false positives several times, they may not take the alert seriously. They might receive thousands of alerts without the knowledge on how to prioritize them. “Our tool informs clients of the most alarming or real alerts and provides insights on them. In fact, our clients have reported an 87 percent reduction in false positives, allowing them to save time spent on investigating the alert, which also increases the ROI,” he adds.
nLighten also helps clients save significantly on capital expenditures needed to maintain additional infrastructure.
Wheeler cites an example of a successful business that decided to run its Security Operations Center (SOC) in-house. The firm’s CISO learned about Cybraics’ capabilities and by implementing nLighten he was able to immediately reduce his estimated budget, as it just needed very few resources. In fact, nLighten aims to reduce the number of security professionals by almost 50 percent, leading to tremendous cost savings for their clients.
We are empowering SMEs with a cost-effective enterprise-level tool without them having to spend massive amounts on buying expensive hardware and software licenses or on training their teams to manage the infrastructure
The ‘Disruptive’ Security
Cybraics’ continued progression in the security landscape is directed by Wheeler, who has held numerous leadership roles at Terremark, a data center cloud hosting company. “We pulled the learnings from key projects at Terremark to Cybraics’ inception. The data science, AI, and analytics we have developed come from a very rich heritage,” says Wheeler. Along with a deep understanding of industry best practices, Wheeler also has vast experience in key operational processes such as provisioning, maintenance, change management, and network reliability. He is supported by Nicoletti, who has served as CISO for multiple organizations and brings over three decades of progressive responsibility in the deployment and product development across the entire spectrum of security technologies. Nicoletti has also authored a book, ‘Building the Infrastructure for Cloud Security: A Solutions View,’ which throws light on secure cloud reference designs. Having such great technical leadership, Cybraics also houses a team of experienced engineers who work on constantly enhancing the product. While many startups come up with advanced solutions, they do not have the required expertise or the DNA to navigate through the complex challenges in the security landscape. Cybraics, on the other hand, has the perfect blend of advanced analytics and a leadership team that has delivered successful outcomes to many organizations, including the Defense Advanced Research Projects Agency (DARPA) of the U.S. Department of Defense. Analysts have recognized nLighten is a disruptor in the cybersecurity market. Gartner’s October 2019 report” Emerging Technology Analysis: Machine Learning Log Analysis Disrupts Traditional SIEM Buying Models’ highlights Cybraics as a leader in the new breed of disruptive security technology solutions that offer ML/AI based log analysis and detection and are superior to traditional SIEM’s.
To fuel its growth and continuous development, Cybraics has recently collaborated with Microsoft to offer nLighten on Azure. Through this integration, both businesses and governments will be able to make use of Cybraics’ platform to secure their data. The company is also aiming to make its analytics more portable through standalone deployments that can support large organizations that do not wish to send their logs over the cloud. “We have two categories of clients; one is large Fortune 500 organizations and government agencies. These large entities want everything on-premise. The second category is SMEs looking for efficiency, improved visibility and an easy to use, proven platform. In the coming days, we plan to enhance how we serve both their needs,” says Wheeler. At the end of the day, Cybraics’ aim is to free companies from all types of vulnerabilities by transforming their security stature.