2022 was defined by change and crisis. The year started with glimmers of post-pandemic hope before the war and widespread inflation turned everything upside down.
Through this mess, Balbix had to maneuver and execute. Our list of 2022 accomplishments is long: new logos, revenue growth, multi-million-dollar contracts, a growing list of partners, 100+ new platform features, a $70M Series C funding round, 50% team growth, and awards. Pipeline, pre-sales and customer activity metrics are all 10x from a year ago. We ended the year with 20+ of the Fortune 100 in Balbix sales cycles (plus four as paying customers).
This post is not about reflecting and feeling good about Balbix’s 2022 accomplishments. This post is about lessons learned in 2022 from our customers’ experiences with cybersecurity posture automation. And about the quantified value we deliver to our customers (more on this in a bit).
As 2023 dawns, CFOs are scrutinizing cybersecurity spending like never before. Regulators have gone activist. If your job as CISO was not already impossible, you and your security colleagues now have a new headache – to do more with less. You have to find efficiency and consolidation opportunities and demonstrate the ROI of your investments. You also have new regulatory requirements to meet. We believe that some of these ideas might help with CISO Mission 2023.
Unless you have just discovered Balbix, you know why we exist: The cybersecurity landscape continues to explode in complexity. Organizations are spending millions on cybersecurity, and yet they keep getting breached. CISOs have mountains of data from tools but need actionable insights about overall cyber risk. Security teams struggle to identify, prioritize and fix vulnerabilities before the bad guys can exploit them. It is challenging to know which initiatives and tactics reduce risk vs. those that do not work. Assuring compliance is increasingly hard. Analyzing and improving cybersecurity posture is not a human-scale problem anymore! In 2022 we saw this insight resonate with hundreds of global prospects and drove many companies to adopt Balbix as “the brain of their infosec programs”.
It is always good to drill down from abstract terms like “the brain of our cybersecurity operations” to specifics. So, we asked CISOs and cybersecurity professionals in our customer base to provide their feedback on the value ROI of Balbix. A few CFOs, CIOs and board members also chimed in.
Let’s take a look at the numbers.
The value of an infosec brain
From our customers’ perspective, Balbix enables them to deliver a maximally automated cybersecurity posture, with cost savings and lower cyber risk. The value they derive from Balbix falls into the following six areas.
Visibility
After adopting Balbix, our customers increased cybersecurity asset visibility by an average of 87%
The average Balbix customer analyzes 7.8K software application versions in real-time plus 97 OS versions across their enterprise.
Balbix analyzes the effectiveness (or not) of 55 endpoint security controls against vulnerabilities and threats for the average customer.
Balbix tracks 487 attributes across cybersecurity, IT and business contexts for the average customer asset.
Across our top 25 customers, 430 million vulnerability instances were identified, evaluated and prioritized for timely remediation in Q4 of 2022.
“Our inventory process was a mess. We were unable to identify and categorize assets properly. Yes, we had dozens of tools and some ad-hoc integration, but it was very difficult to correlate the data from these sources into a single, comprehensive inventory…Thanks to Balbix, we have real-time asset inventory with continuous monitoring. We get actionable insights for IT and risk every day” – Fortune 50 Telco
“Three times more assets have been identified and correlated by Balbix compared to the previous inventory process.” – Oerlikon
“Pieces of critical cyber security data are typically scattered all over the place. Until correlated, coalesced and understood contextually, it is just another piece of data—there is no actionability. I get the whole picture from Balbix.” – Greenhill
Speed
For the average Balbix Fortune 500 customer (avg. # of assets: 210,000), it takes less than 2 hours to tag all relevant assets after any disturbance in cyberspace, e.g., a new vulnerability became known, any new threat information for an existing vulnerability became available or after CISA published an update to known exploited vulnerabilities.
The average Balbix customer was able to reduce mean-time-to-remediate by 40% during the last six months of 2022.
Across all Balbix customers, we saw an average of 20% reduction in the mean age of all open vulnerabilities during the last six months of 2022.
“Our patching efficiency has also improved dramatically. Our mean-time-to-patch has gone from 100 days to 38 days, a 62% increase in speed to patch.” – The Master Group
“Within hours Balbix was able to start identifying new Log4j instances, eventually identifying Log4j embedded in over 1000 separate application versions across more than 60,000 assets, including 450 application versions on approximately 5000 critical assets… Data from Balbix is highly accurate and actionable —4x to 8x better than the information obtained from other sources… The fact that we are able to detect the mitigations is icing on the cake which helps us to reduce the communication overhead with 1000s of application teams.” – Fortune 50 Telco
Risk Reduction
The average Balbix Fortune 500 customer reduced their quantified cyber risk by 37% in the last six months of 2022.
The biggest cyber risk reduction achieved by a single Balbix customer in 2022 was $120M. This change involved a combination of actions – increased visibility, deployment of new capabilities and gamification – all guided by insights provided by Balbix.
“We use the Balbix risk classification system to identify the most critical assets to patch first. As a result, we have reduced breach likelihood from 88% to 35% in the past year. Our patching efficiency has also improved dramatically.” – The Master Group
“It was a little concerning at first to see red on some of our dashboard metrics, but because it allows us the laser focus we need to prioritize, our risk has steadily been decreasing as well as our mean-time-to-patch (MTTP)” – Fortune 100 Financial
Cost Savings and Productivity Improvements
In 2022, Balbix’s Fortune 500 customers saved an average of $1.2M due to tool consolidation. Balbix was able to identify unnecessary overlap between deployed tools as well as non-performing tools.
The average Balbix customer credits our platform with a 25% productivity improvement for their security team members and savings of 3 FTEs due to the automation of numerous tasks.
The largest cost savings achieved by a single Balbix customer in 2022 was $12M. This Fortune 100 customer was able to rationalize their in-house efforts to analyze cybersecurity data. They had been unsuccessfully trying to build an “in-house Balbix” since 2016.
A Fortune 100 Telco was able to save at least $3.5M by using Balbix to find and mitigate Log4j, Log4shell and other zero-day vulnerabilities. The savings came from over a dozen people across the organization not having to spend time writing custom scripts and doing research during zero-day vulnerability response cycles.
“Previously, responding to a new vulnerability like Log4shell required manual work, scriptwriting and communication between multiple teams to identify assets at risk and perform mitigation tasks. This process would take weeks. With Balbix, we can query for assets at risk and track remediation in real-time, shrinking the response time from weeks to hours.” – Fortune 50 Telco
“Balbix showed me that the ROI for my entire cybersecurity program was 9x. We have invested a lot of money and effort in our security initiatives. With Balbix, for the first time, I was able to see the overall effect of the cybersecurity program and understand the overlapping functionality of various controls, which helped us streamline and optimize cybersecurity spend.” – Greenhill
“Balbix brings huge time savings for our team. The biggest value-add that Balbix brings is the ability to provide risk with context, which saves time in manual classification and calculations.” – Fortune 100 Financial
Time to Value
On average, Balbix customers saw cybersecurity asset visibility improvements of a minimum of 35% within 15 days of getting started with Balbix.
In 2022, Almost 80% of Balbix prospects were able to see the value and complete their proof-of-value (POV) deployments within five days. Nearly 100% were able to complete their POVs within ten days successfully.
I feel smart!
100% of Balbix customers use real-time dashboards for executive reporting
55% of Balbix customers deploy cybersecurity gamification for their organizations within three months of starting with Balbix
Nearly 100% of Balbix customers enabled new use cases that were not in the line of sight when they first started using Balbix. For example, at a Fortune 100 pharma, Balbix is used in OT supply chain management. The questions we help answer are: Do we ship the product or not? Are the vulnerabilities small enough to ship it or critical enough to stop the development train and fix it?
“Balbix is the data lake and serves as central nervous system for all cybersecurity and many IT operations.” – Fortune 100 Pharma
“Before Balbix…we knew we were making progress QoQ but didn’t have the metrics to support this. Balbix provided us with an unparalleled ability to communicate our progress and get support from others in the organization. I am now able to measure, optimize and showcase the performance of our awesome vulnerability management team, all thanks to Balbix” – Fortune 100 Financial
“In the end, we report to people, and they want to know how we’re doing. These folks aren’t necessarily cybersecurity experts. They read what’s in the paper, they get nervous when they hear top brands being breached. I wanted a system to produce an executive summary of our cybersecurity posture and say to the board “hey, this is what we’re doing” and “we’ve done better over time.” That’s what Balbix gives me.” – Greenhill
“Balbix provides each risk owner and IT administrator with a customized dashboard containing dozens of operational and analytical widgets specific to their area of responsibility.” – Oerlikon
Balbix can help you in 2023
As I have written before, cybersecurity is now a data science and automation problem. It’s no longer ok to tolerate incomplete or inaccurate visibility or do guesswork-driven prioritization of vulnerabilities and projects. Using your tools in siloes, doing monthly or quarterly scans, patching SLAs of 90 days, scoring risks in 3 colors on scales of 1-100 and using Excel to manually put together your board reports — these techniques have been obsolete for a few years.
Your organization needs to maximally automate cybersecurity posture. You also need real-time insights from your data to inform your team and tools. You need to gamify risk management. There is no other way!
With Balbix, you can answer thousands of questions that come up as your security and risk management colleagues go about their daily work. Balbix’s search allows you to define a query using the vocabulary of cybersecurity, IT, business tags/names and cyber risk- think Google for cybersecurity! These queries define dynamic groups which can then be dashboarded, assigned to owners, used for reporting and triggering workflows.
In 2023, these capabilities will provide you with crucial opportunities for saving money and for increased productivity.
Cybersecurity posture automation powered by data science opens up a new world of self-defending, highly resilient enterprise networks where attacks are limited in both time and space. One thing is certain: my Balbix colleagues and I will strive to make moving to this brave new world a great experience for our customers.
We designed Balbix for the challenges of 2023, and this is your opportunity to seize.
Thank you!
2022 was an incredible year for cybersecurity posture automation. We thank our customers and partners for their trust in Balbix and for continued collaboration! We are also very thankful to our board members, advisors, investors and shareholders for their continuing support and advice.