CIO Bulletin

Resecurity: Provides next-generation endpoint protection and intelligence-driven cybersecurity solutions

For the past few years, there are increased numbers of security breaches due to the advances in technology. Lack of proper security measures can lead to unauthorized access to the financial status of an organization and theft of client’s information. Moreover, important data can be lost. To prevent such risks, an organization not only need a great cybersecurity system but also a modern comprehensive cyber security risk assessment system.

Smart businesses ensure that they understand what cyber security risk is. They then integrate cyber security strategies into their organizational risk management policies. Their main aim is to prevent data loss, improve security measures, protect the network services and manage and control the active data.

A company like Resecurity help organizations mitigate such risks. It offers a comprehensive platform for endpoint protection, risk management, and threat intelligence for big enterprises and government agencies globally. The firm’s mission is to make sure enterprises, national security and law enforcement agencies combat cyber threats despite how sophisticated they are.

We interviewed Resecurity Founder/CEO, Gene Yoo, for in-depth understanding of the company

Why do you think a unified platform is best for risk management, and threat intelligence for large enterprises and government agencies?

Because in the end, this is about data. More often than not many organizations do not know their true risk tolerance and they avoid actual mitigation of these risks through a “process”. Risk Acceptance is the single most form of dangerous process. By unifying these two elements, we are able to truly provide the narrative of the action. Not about likelihood or probability. Combination of Risk Management process coupled with actual intelligence help formulate a decision.

What is your mission statement? How successful are you in achieving it?

Our mission statement is “protect today, build tomorrow”…. This is exactly what we are doing with our clients. Providing actual intelligence to protect and defend against real threats by advanced adversaries and sophisticated cyber threats. Our products are built to be mission ready, Day 0; the product must be operator friendly with zero learning curve. By reducing this operator burden, organizations are able to focus on what matters while we provide a platform that is self-sustaining.

How do you help companies measure and minimize risk?

The key is having actual data intelligence vs. commodity. Too much focused on pretty pictures and open-source data. But what is the backend that supports this? Test and validate! We source over 20K of unique set of data that is tailored to our clients, cutting out most of the noise. By using this data, organizations can get a real risk scoring based on “risk threats”, meaning who is targeting them and if you are breached. In the end, risk by definition is about possibility, not actuality. Our datasets provide actuality of risk based on you.

What does APT emulation focus on? How is it unique?

In simple terms, this is focused on how. Think of this as an adversary playbook or “how does every criminal, say car burglar steal cars…” So, what it focuses on is for us to act and do like how sophisticated adversary would conduct a crime. Why we are unique in our services is because we have cataloged over 120K+ unique types of this “playbook” or what we called “TTPs” (tools, tactics, and process). By having this knowledge and continuous monitoring of over 28M threat actors and their TTP, gives us a significant advantage over how we are able to provide a real emulation vs. say a framework. Our team hones what we learn as well as acquiring these unique set of tools that’s only available through private sources. Again, by being an intelligence company, we are able to use our data even for our services.

How do you carry investigations to uncover cyber-criminal activity?

Just to be upfront…. Criminal activities are rampant across cyber or not. There are many relationships to traditional criminals engaged in cyber. Because in the end, it’s about financial gains. In the world of cyber investigations, it comes down to your relationships or chain of assets. And there’s nothing really to uncover as it’s so rampant. The question real is how bad it really is…. There are enough figures or what is for sale, etc…. but it’s all about patience and development of assets.

Help us understand why enterprises and government agencies should opt for Context^™ Intelligence Platform.

We are engaged, not because of what the platform can do, like the name of our product, it’s about “context”. What context do we have, which equals to the data. Context^™ is just that, it’s about contextual data or context of intelligence and linking them together. So if organization is looking for actual data (not features or functions), Context^™ is where it’s at. Separately, this is only 20% of what actual intelligence is, rest is about having the right human intelligence analyst that understands and curates and collects this data.

Meet the mastermind of Resecurity

Gene Yoo has over 30 years of experience in cybersecurity for some of the world largest brand names such as Warner Bros., Sony, Computer Science Corporation, Coca-Cola Enterprise, Capgemini, and Symantec. He also served in an advisory role to Phantom (acquired by Splunk), Protectwise (acquired by Verizon), Elastica (acquired by Blue Coat) and Vorstack (acquired by ServiceNow).