Aviva Zacks of Safety Detectives had the opportunity to interview Eli Migdal, Managing Partner of Boardish. She asked him about his company’s Cyber Risk Quantification Integration.
Safety Detectives: How did you get involved in cybersecurity and what do you love about it?
Eli Migdal: I am what is considered “old school”; I was fixing computers at the age of 13 (it was a 486Dx2/DX4). Back then, I worked in a PC store, and following my army services, I started working as a computer technician. After this, I went into networking and systems (while creating my company Migdal Computing which is now a power-house MSP in Israel).
The transformation to cyber comes very naturally when you come from the world of system and DR/BCP. You can’t have an IT system without cyber—it’s not reliable without it and you have no disaster recovery (DR) or business continuity planning (BCP) without cyber.
What I love about cyber is that it is EVER-CHANGING; no day is the same. Each day there are new types of threats, new vectors, new ways of “killing your system.” The bad guys are always changing and learning, and so you must be. This is what I love the most.
SD: What is Boardish’s flagship product?
EM: Our Boardish® Methodology Cyber Risk Quantification Integration (CRQI), which is our API that allows you very quickly and simply to translate cyber risk and threats (that tech people understand) to financial risk and monetary impact (that decision-makers understand).
It truly is a game-changer and is based on a completely unique methodology that was developed to be used pragmatically for faster decision-making, so we can keep up with the bad guys.
SD: What verticals/industries would be interested in Boardish?
EM: My marketing team will kill me, but it’s for everyone! If you have an IT system and any form of cyberthreats, you need effective communication with your decision-makers. And that is what Boardish does all day long.
If I really had to narrow it down, the API is for cyber vendors; our web app (which we just launched in BETA to integrate with Power BI) is ideal for cyber consultants and professionals.
SD: What are the worst cyberthreats out there today?
EM: I believe that ransomware is still the “worst” type of attack. It is the most damaging to the weakest and goes for medical and schools as well. Strong companies have more tools to protect themselves and still get attacked, but smaller organizations are being destroyed by it.
What makes ransomware so vicious is the clarity of its business model to the Bad Guys; it’s the clearest vector for them to make money.
Therefore, they use the best technology and vulnerabilities out there to inflict the most damage and their speed is remarkable; the market is usually too slow to respond, especially small companies.
And you can’t predict when it will happen, which is why other companies struggle to quantify it effectively because they are based on “probability”; however, the BOARDISH® methodology is not! It’s based on financial impact.
SD: How will Covid-19 change the face of cybersecurity for the future?
EM: The “perimeter” was already “dead” before COVID-19, but COVID has made it official; there is no perimeter anymore. It’s all about identity management, endpoints, and cloud security.