(Photo by Stephen Babcock)
When a nurse takes vital signs, most people don’t know necessarily know the science behind each number. But since the numbers dictate whether their body is functioning properly, they have at least gleaned enough to know whether a reading is normal.
FourV is applying that vital signs approach to businesses and cybersecurity.
The startup, which is based downtown at the Spark coworking space, is about to launch a product that provides business leaders with a cyber risk score. The idea is to provide those indicators to executives who want to know whether the data is stable, but don’t necessarily have expertise in cybersecurity to know the details that CISOs are throwing at them.
“We’re trying to think like the board and think like the C-suite for the customers, and make sure that everything that we show them is reducing fog and reducing lack of understanding,” said FourV CEO Derek Gabbard.
The platform, called GreySpark Cyber, analyzes a business’ security risks based on six indicators, such as the effectiveness of current defenses, new threats that are emerging and the severity of those threats. Using big data analytics, the platform calculates a numeric score.
“We’re going in and saying, ‘You already have all the data. Let us help you ask the right questions to indicate where the risk is,'” said VP of Strategy Casey Corcoran.
Executives can then use the score to make business decisions. Instead of understanding the ins and outs of malware and threat mitigation, “their job is to know, ‘Am I in a stable enough position so that I can make an advancements in the company?'” explained VP of Sales of Brit Wanick.
The startup’s current posture is a testament to the value of getting early feedback on a product.
After reaching an agreement that included funding and IP with the venture arm of Syracuse Research Corporation (SRC) last year, Gabbard and the team initially intended to spin out a more general big data analytics platform from the parent company. But initially, the reasoning engine was only a backend. FourV had an option to spin out technology from SRC involving the risk calculation that is now in the product, but former Lookingglass CEO Gabbard initially wasn’t interested.
“We showed some of the folks that we know in the industry the specific use-case front-end of this cyber risk analysis platform and they all said … ‘We’d like to use that,'” Gabbard said. “So we got out of our own way.”
At SRC, which is a government contractor, the technology was developed when government leaders said they wanted an easier way to understand security risk. Now, with eight employees in Baltimore and two in New York, FourV is getting ready to take the product to businesses, initially offering subscriptions on a SaaS model.
As the startup prepared for launch, Gabbard said competitors have emerged in the last six months, both in categories of analyzing a network and offering a score. FourV is looking to differentiate by emphasizing the fact that the score is tied to specific indicators, and that they analyze from within a network, rather than based on external factors.
Gabbard also points to the team’s experience. He said the four leaders of the company have had a hand in 13 startups between them.
“For me, it’s a much different second go-round with the level of experience of the team that we have,” he said.