Introducing Noetic Cyber – a new way of approaching the Cyber Asset Management problem
Today we officially launch Noetic Cyber after spending the last 18 months in stealth. Noetic has been built with the benefit of decades of experience in cybersecurity and from a lot of time deeply listening to what customers really need in an effective, efficient security platform.
I am launching the company with my cofounders Allen Rogers and Allen Hadden. We three worked together at Resilient Systems, an early pioneer of Security, Orchestration, Automation and Response (SOAR) technology, that was acquired by IBM in 2016. This was an exciting journey that enabled us to really understand the challenges in responding to security incidents and how to leverage technology to drive efficiencies. Resilient was my 5th start-up in 30 years and refreshingly, the first where we could truly demonstrate an ROI-based business case, as opposed to the risk reduction approach typically used.
One key insight we learned from customers at Resilient was that that leveraging orchestration & automation had become critical for security teams, given limited resources and how advanced the adversary has become. Automation requires certainty however, and response has a lot of inherent uncertainties. What if we could apply O&A where there was a higher fidelity input?
Another learning: the term “sprawl” had come into common use in the cyber lexicon. Sprawl meant two key things: 1) the ever-increasing attack surface and 2) the increasing number of siloed tools being deployed to focus on a subset of the problem. Both added to the difficulty of a cyber professional’s job.
These two insights got us thinking about a bigger question. What if you could break down these silos, extract the critical data from the myriad of cyber and management tools in your environment and somehow correlate it together and make it insightful? It was our hypothesis that you could then create a new type of visibility, one that gives an unparalleled view of one’s cyber operations, including all the current assets and related entities in your environment. Ultimately, it would supply an unprecedented view of the current state of one’s attack surface.
We dug deeper on our theory in conversations with more than 80 CISOs. From this work, there were a few conclusions we were able to draw:
- IT Asset management (ITAM) is a well-known discipline from an IT perspective but provides limited value to security teams. Actually, we learnt a few new swear words when hearing CISOs describe the value to them of the corporate Configuration Management Database (CMDB).
- There was a resounding acknowledgement that security teams need a different system, one that could complement and enhance the ITAM but more focused on the attack surface. A phrase we heard consistently was that “relationships matter” and at the core of any cyber-focused approach, it would not just need to map the assets of interest, but also how they related to each other. And it would need to be a dynamic view to be valuable in today’s digital infrastructure.
- We also heard that we needed to shift our thinking in terms of controls. In addition to internal best practice, organizations had adopted different control frameworks (e.g., CIS, NIST, PCI, SOC 2.0 etc) for best practice or a regulatory requirement. However, once these controls had been deployed, security and risk teams struggled to understand how effective they were. At its most fundamental, a control is your desired state. This was another area of our industry that felt ripe for disruption. The goal was to move to a continuous view on the efficacy of existing controls, balancing the need for humans in the loop where appropriate. We believe at Noetic that the industry is on a journey to “controls as code” and this is starting to be validated by the work of organisations such as NIST with their Open Security Controls Assessment Language (OSCAL) program.
- A final area of feedback was what we came to think of as the “dashboards of pain” – to be precise, we heard that although dashboards and metrics are important, CISOs are overloaded with tools that tell them things they need to fix. They need help on prioritization but specifically they need a focus on “outcomes” and to go beyond dashboards to resolve situations.
So, from this initial research, we knew that there was an opportunity to do things differently and create a new kind of platform. Blueprints in hand, we then worked closely with 20 organisations as Design Partners to help build out early versions of the technology. These partners have truly been amazing for our team and represent broad industry verticals, geographies and range from medium to the largest enterprises. Along with these terrific teams, we have matured our product, so it is now battle tested and in production.
Today we announce the general availability of the Noetic Continuous Cyber Asset Management and Controls Platform which delivers 3 critical outcomes:
- It offers unparalleled visibility across cloud and on premises of your current state via our continuous, graph based, unified asset inventory.
- It delivers a continuous view of your desired state with real time insights into your control’s efficacy.
- It provides a complete orchestration and automation engine that continuously improves your cyber posture by dynamically optimizing from your current to the desired state.
This company was born in the COVID pandemic, with world class engineers working across three continents to meet and exceed the expectations of our design partners and to bring the Noetic solution to market. I want to express my thanks for their efforts to date and I’m excited about being able to share this with you today.
I also want to acknowledge the partnership of our advisors and investors. We’re delighted to work with experienced cybersecurity investors like Energy Impact Partners, who’ve led the Series A round we’re announcing today, and the early support from Mark, Alex and the team at Ten Eleven Ventures and Rick from Glasswing Ventures who supported our seed funding back in early 2020. We also consider ourselves to be incredibly fortunate to have assembled a world class advisory board of security practitioners and industry experts including Niloofar Razi Howe, Richard Horne at PwC, and Jim Reavis of the Cloud Security Alliance. The support this team has already provided us in developing and building the product and the company is immense and we look forward to using their expertise to grow the business.
Our goal for Noetic is ambitious. The name itself comes from the Greek adjective “noesis,” meaning inner wisdom, intuition, or implicit understanding. We want to help security teams to break down the silos of information to generate that shared wisdom, so we can work together on reducing the attack surface, closing coverage gaps, and improving our security postures.
I look forward to sharing more updates as we continue this exciting journey, you can keep up with the news by signing up for our newsletter here.