Brinqa's Dimitri Vlachos discusses consolidating vulnerability risk management tools and aligning cybersecurity strategies with business objectives. Learn how Brinqa's platform breaks down siloed views and improves communication between teams.
In this Their Story podcast episode, Sean Martin and Marco Ciappelli are joined by Dimitri Vlachos, CMO at Brinqa, a company focused on vulnerability risk management. Dimitri discusses how the Brinqa platform helps businesses consolidate their findings and vulnerabilities from various tools, manage the remediation process, and communicate risk to business owners. The platform aims to mature cybersecurity programs by breaking down siloed views and enabling security leaders to discuss vulnerabilities in the context of business impact.
The conversation highlights the importance of translating cybersecurity issues into business terms and emphasizes the need for consolidation and effective communication between different teams and tools. Dimitri shares how Brinqa is addressing this challenge by helping organizations tie their various cybersecurity tools together and better align their cybersecurity strategies with business objectives.
During the RSA Conference, Dimitri expects to see growing interest in consolidating and managing security tools more effectively. He also anticipates an increasing number of professionals looking to change traditional vulnerability management approaches and better address the risks associated with different tools. If you are intrigued by the conversation, you can find Brinqa in the North Hall during the conference or book a meeting with the team to learn more.
Note: This story contains promotional content. Learn more: https://www.itspmagazine.com/their-infosec-story
Guest:
Dimitri Vlachos, CMO at Brinqa [@brinqa]
On Linkedin | https://www.linkedin.com/in/dvlachos/
On Twitter | https://twitter.com/DimitriVlachos
Resources
Learn more about Brinqa and their offering: https://itspm.ag/brinqa-pmdp
Connect with Brinqa during RSA Conference: https://itspm.ag/brinqa6gp5
Hear more stories from Brinqa: www.itspmagazine.com/their-stories/see-all-of-your-security-findings-in-one-place-act-on-them-precisely-a-collection-of-brinqa-stories-from-rsa-conference-2023
For more RSAC Conference Coverage podcast and video episodes visit: https://www.itspmagazine.com/rsa-conference-usa-2023-rsac-san-francisco-usa-cybersecurity-event-coverage
Are you interested in telling your story?
https://www.itspmagazine.com/telling-your-story
Please note that this transcript was created using AI technology and may contain inaccuracies or deviations from the original audio file. The transcript is provided for informational purposes only and should not be relied upon as a substitute for the original recording as errors may exist. At this time we provide it “as it is” and we hope it can be useful for our audience.
_________________________________________
SUMMARY KEYWORDS
cybersecurity, rsa conference, business, conversation, tools, security, talk, fix, dimitri, customers, important, types, rsa, risk, story, expect, people, brink, tipping point, excited
SPEAKERS
Voiceover, Marco Ciappelli, Sean Martin, Dimitri Vlachos
Voiceover00:15
Welcome to the intersection of technology, cybersecurity, and society. Welcome to itsp magazine. Every company has a story to tell from the small startup to the large enterprise. And everything in between. This is one of them. Knowledge is power. Now, more than ever
Marco Ciappelli00:41
Sean, are you on San Francisco yet?
Sean Martin00:45
My head is in San Francisco. Still down so
Marco Ciappelli00:52
my head is on the moon. So that doesn't count right.
Sean Martin00:59
Not much. Cybersecurity up on the moon yet?
Marco Ciappelli01:02
Not yet. Not yet. It's very soon. Seriously, you're
Sean Martin01:07
at it again, Marco.
Marco Ciappelli01:08
I know. I always look into the future. But yeah, future is coming. The one we're talking about is RSA conference coming up real soon.
Sean Martin01:17
Yeah, this is miles away. few miles away few hours away is the chats on the road as we make our way up to San Francisco and to see all of our friends and make new ones. And speaking of friends I'm thrilled to have Dimitri on from Brinqa. Dimitri? It's good to see you.
Dimitri Vlachos01:37
Good to see you guys. It's been a while I'm really excited to see you in person, too. It's been I know, you know, what feels like, a month or 10 years. But yeah, it's been a it's been a crazy couple of years with COVID and all that. So I'm excited to get back in person and see people for sure.
Marco Ciappelli01:52
Talk about time relative, when the real meaning to that. But yeah, we are excited to and we want to know what you're up to and what what our audience could expect if they're coming to RSA. I want to meet up with the RSA Conference. I want to meet up with you. Yeah, the team. But let's start with you. What have you been up to lately?
Dimitri Vlachos02:15
Well, let's see. Recently, I joined Brinqa you know, and saw a really interesting opportunity. Brinker, we're in the vulnerability risk management space helped me people really manage the findings and vulnerabilities from across all the different tools. And if you look, people have just deployed tons of different tools, you know, to detect vulnerabilities. And that's great, because you need to do that. But how do you bring that all together and give people a real way to manage that risk across their whole attack surface as they've expanded into cloud and new types of applications, and the whole development lifecycle, and traditional infrastructure and all those needs to be kind of looked at and brought together. And we we have a platform that allows people to do that. So one place where you can bring all your findings and vulnerabilities together, manage them, manage the remediation of them communicate that risk to the business owners, and really help motivate and communicate to the business owners why this is so important, what needs to be fixed, and prioritize that. So that's really what brink is about, you know, we really look at as kind of a maturing, of helping cybersecurity programs mature, because there's been a lot of different tools, you've got the siloed views, how do you really bring that, so you as the Sisa, or head of security can really start to have that conversation, where you're not just saying, Here's everything that's broken, here's what's where we see vulnerabilities that can affect your business. But I want to talk to you in the business in the language of the business and allow you to really decide what we need to fix. Here's my suggestion, and here's why it's important to the business. But this isn't just a security thing, this is a business thing, then we that's really what brink is about.
Sean Martin04:02
And I mean, it's it's about time that we figured out how to translate the bits and bytes of, of cyber security into the dollars and cents of the business. Right. It's all ultimately about generating revenue and then protecting it. And if there's a gap between what we're seeing and how we, how we address that in the context of the business, who knows where we end up running. So I think the other the other point that you make, which is interesting to me is kind of the consolidation of this, and then the translation of that so you can have a bunch of disparate parts and try to do multiple conversations, bringing it all together in a cohesive seems super smart to me, of course.
Dimitri Vlachos04:47
Yeah. And it's something people have been challenged with. And I think it's security is interesting, if you look at different parts of the business, right, cybersecurity is relatively young compared to others. I mean, imagine if If you had a company where your sales marketing, customer success, they don't have a shared view of what's going on with customers, right? And they can't really coordinate that. I mean, that's kind of, we really see security needing to make that step of, yes, there's a lot of technology we need to use, yes, we need to keep up, keep up with all the latest threats and the newest detection tools. But you know, one of our customers said it really well. He said, You know, now, when we're going to bring on a new Scanner detection tool, if I don't know how I'm going to bring it into my overarching, you know, risk program, and how I'm going to report it and make sure I can hold people accountable to fix stuff, then we're not going to bring it in. Right. And so that's, that's definitely maturing, that we were really excited about and think it's critical.
Marco Ciappelli05:47
I think it's critical, this conversation, again, where you said, to talk it from a business perspective, so not as an afterthought, but as a, as a business. Cybersecurity is part of the business. So if I can now leverage the fact that I can use it for presenting what I do promoting what I do. I mean, I know you do, obviously, in branding and marketing yourself. And I think from that perspective, it's like, is this unknown? Or is that say, Look, this is why we do it, because it trickled down to you as a customer, that you benefit from it. So important intercession.
Dimitri Vlachos06:22
And, you know, I was talking with seaso years ago, and his approach is, he walks into a business is traditionally he's seen customers, cybersecurity leaders walk in and say, Alright, I'm gonna wrap my notion of security around your company. And he's very much you know, what I need to do is, understand the risk tolerance of the company, what's important to the company, and then then I will let that the risk tolerance and the what's important to the company for my business strategy of sorry, my cybersecurity strategy. And I think that's ultimately what we're talking about. And now there's things you have to do just as, you know, basics and covering basics. But the ultimate ability to really tune this to the business is key, because otherwise, look, security can detect all this stuff, they're not the ones who are actually fixing it. Right, they have to influence and be able to get the people who are responsible and accountable to actually fix it. And it's becoming harder and harder to do that, when you've got so many different teams, so many different technologies, your ability to really gain trust of saying, this is an important risk. Not only do I think it's a high critical type of risk for from a security standpoint, it's also a critical asset for our business, you really need to fix it. And you need to be able to have that conversation both with a technical audience and be able to provide them the information they need to fix it, as well as the business audience of you really need to get the six. Yes, I'm not trying to slow down your development, and your rolling Avenue applications. But this is a critical piece you need to fix and being able to have that level of conversation rather than this is a critical thing you must fix Well, why? I mean, what's it going to affect? You need to be able to do that. So I think that's, that's what we're really excited about.
Sean Martin08:08
And what do you expect to hear this year at RSA Conference? Do you? Do you expect CISOs, and security leaders and even some of the practitioners asking for these types of things? What are you expecting to hear and see?
Dimitri Vlachos08:24
So yes, I'm expecting to hear and see a couple of things. I think one, that there's actually particular pockets of, you know, cyber, where we're seeing people really start to bring their head up and say, we need to address this, like app sets are good example, app sets, you've got all these different tools that people have spun up to really look at their app SEC program. And yet, how do I tie it all together? Right. So that's one particular audience that's been interesting. And trying to do that. We've also seen traditional vulnerability management teams wanting to say, well, I need to really need to change how I look at vulnerability management, it needs to be much broader. So and CISOs, as well as CISOs are saying, and I'm kind of tired of getting these types of risks throwing them overall, and no one does anything about them. So we're seeing people reach this tipping point of, we need to change the behavior that's going on. And so I think it's something that we're starting to see people look at detections important, but are we reaching this point of, alright, I've got enough tools, how do I really tie all the data from those tools together before I keep adding more tools? That's what we're seeing. And I expect to see that RSA and I expect we have you know, we've have a ton of conversations already set up with prospects and customers who are all kind of feeling this this tipping point.
Marco Ciappelli09:42
Yeah, absolutely. I mean, I think even in just really quick catch up before actually catching up on the floor because we will talk to you guys there as well. And even after the event, so it will tell many more stories about Brinker but First there is RSA conference. So if people are intrigued by what they hear right now with a just heard, how can they find you? And is there a way to book a meeting time or just show up? And what they can learn? What are you present
Dimitri Vlachos10:17
so people can come by our booth, we're in the North Hall, we can they can actually book a meeting with us. We can share with you guys the link or people can come and actually book a meeting. But absolutely, we're, you know, we're in the North Hall, we'll have a booth and we'll have, we'll meet with people if they want to, we've got a ton of meeting set up. And we've also will, of course, be participating in a party, which should be fun. I'm interested, see what the parties are like this year. But I'm excited this
Sean Martin10:46
world are up at the moon. Yes, that's right, Marcos.
Marco Ciappelli10:49
I'll be there.
Sean Martin10:50
He's already he's there waiting at the party.
Dimitri Vlachos10:53
Yes. That'd be good.
Sean Martin10:57
Super cool. I'm excited to see you and, and hear more of the story. Like Marco said, we're gonna we're gonna have some time with you on the show floor. And then we're gonna have an in depth conversation, following the conference as well. So we encourage everybody, stay tuned. Follow our coverage on itsp magazine.com, forward slash RSA. See, you'll catch the story along with all of our other conversations with keynotes and speakers and panelists and all the things we're doing in broadcast alley during the week. We hope to see everybody there and look in the show notes for the links and have it connected, Dimitri.
Dimitri Vlachos11:35
Great, thank you very much, guys. Great chatting with you. I look forward to seeing
Marco Ciappelli11:37
ya see you soon. You and everybody else
Dimitri Vlachos11:41
in America take care.
Voiceover11:46
We hope you enjoyed this conversation. If you learned something new and the story made you think then share ITSPmagazine.com with your friends, family and colleagues. We hope you will come back for more stories and follow us on our journey. You can always find us at the intersection of technology, cybersecurity, and society