First Posted on forbes.com Edition October 14, 2014 10:48 AM Eastern Daylight
Risk I/O is one of a new breed of companies looking to deliver security built for the new style of enterprise IT. The company delivers a SaaS analytics platform which matches scan data with threat intelligence from a number of different vendors – Dell , Verisign, AlienVault and others and then prioritizes vulnerabilities depending on their threat profile.
This is an important way of delivering security – unlike traditional approaches which looks at all vulnerabilities as a threat, and doesn’t look to prioritize them based on their actual risk to the organization, Risk I/O takes a much more granular approach towards security. This is increasingly important, post mortems from the Target TGT +1.1% breach last year show that it wasn’t a lack of vulnerability identification that caused the loss but rather the lack of methodologies to prioritize which attacks to deal with first.
As security teams face an ever-increasing number of possible and actual attacks, this approach towards prioritizing action is a necessary step. Talking up the value of this service, Risk I/O says that:
“Security is one of the biggest generators of data in the enterprise, yet CISOs have very few tools to help them understand and make use of that data. Heartbleed and Shellshock offer sobering examples of how widespread and potentially devastating a single vulnerability can be, yet it is incredibly difficult for any security team to identify and address every vulnerability that comes into their organization… By connecting the dots between vulnerability data, threat and attack data, we are able to give companies a clear view of where they are most likely to be attacked so they can prioritize remediation quickly and efficiently
The company is seeing customer traction and this has generated significant investor interest. Risk I/O announced today that it has raised an additional $4 million as part of its Series A financing round, bringing the company’s total capital raised to $10.5 million. The financing was led by existing investor Costanoa Venture Capital, with participation from current investors U.S. Venture Partners (USVP), Tugboat Ventures and Hyde Park Angels.
Alongside the funding, Risk I/O is announcing the appointment of Karim Toubba as CEO. Toubba was most recently VP of Global Security at Juniper and has a long list of high-level security executive roles.
The ability to intuit where attacks will occur, and prioritize the reaction based on internal and external factors is a positive one. Risk I/O seems poised for a short to mid term acquisition – it will be interesting to see how much traction they get in the meantime.