Dr. Stephen C. Phillips is the founder and CEO of SPYDERISK, a new company that launched at CES that specializes in providing automated risk assessment for enterprise IT systems. SPYDERISK combines a comprehensive system model with an innovative machine reasoning capabilities and a detailed knowledge base of threats and control strategies to create a comprehensive view of the risks to a system.
SPYDERISK is aimed at larger companies that already have cybersecurity expertise embedded or cybersecurity consultancies who can use the tool when they're employed by other companies, with the goal of making it faster and better for those with the expertise to identify vulnerabilities. The tool is deployed online so customers can do their own automated risk assessment. It identifies issues and provides information on how to control or mitigate problems, and outputs reports for compliance audits and other uses. The reports suggest areas of concern for your network, including software products with known vulnerabilities. It then gives recommendations on potential next steps to mitigate those risks.
While it doesn't provide penetration testing, SPYDERISK assesses an entire system and can advise if testing at that level is indicated. Users can then identify which actions they're able or interested in taking to bring down their risk levels. Risks are automatically recalculated following control implementation, allowing customers to focus on the biggest risks to their systems.
One of the greatest benefits of the SPYDERISK assessment tool is the wealth of documentation it provides for compliance audits. Automating and speeding up assessment saves time and potentially money. In Europe, a company can be fined 4% of their revenue for a data breach, which can be a huge hit. SPYDERISK can help prevent those kinds of losses by helping companies stay vigilant.
For more information about the company, visit their website.
Interview by Todd Cochrane of Geek News Central.