Category: Uncategorized

Information security has changed. What was once a technical and operational discipline, focused on protecting networks and systems from within the server room, has now become a strategic component for the continuity and growth of organizations; stemming from the boardroom, where decisions that guide the organization are made. But how do we achieve this transition? How do we become a strategic partner that drives growth and innovation?

The path to this goal requires a focus on two key aspects: translating technological risks into business terms and finding ways to generate value through technology and cybersecurity. All of this, while deeply understanding how to communicate with executive leaders, grasping their priorities, and demonstrating that cybersecurity is a necessary investment and a competitive advantage.

A new role has emerged to reflect this new approach: the Business Information Security Officer (BISO). The BISO is still a CISO (Chief Information Security Officer) but with a stronger emphasis on integration with the business. This new title for the same role brings more visibility to the fact that cybersecurity must be woven into the very DNA of the businesses. And we as CISOs/BISOs must be able to communicate the value of cybersecurity in terms that resonate with senior management.

As BISOs (or while retaining our traditional CISO title), we care about protecting information and how security can drive growth, efficiency, and innovation. This is how we become that true strategic partner, collaborating with other areas of the company to identify new opportunities and mitigate risks.

We can be experts in technology and security. We can understand vulnerabilities, threats, and risks in the technological world. However, in senior management, CEOs, CFOs, and other leaders do not always possess the same technical expertise, and this is where our ability to act as a translating bridge among all parties comes into play.

We must be able to convert complicated technical jargon into understandable language that resonates with our peers: the language of financial and business impact. For example:

• Let’s not talk about “technical vulnerabilities,” but about “financial losses.”
• Instead of explaining the complexities of a ransomware attack, let’s discuss the potential cost of business interruption, the loss of sensitive information, and the irreparable damage to reputation.
• We should measure risk in monetary terms; for instance, how much would a cyberattack cost us? How much could we save in the future with an investment in cybersecurity today?
• Let’s present cybersecurity as an investment, not an expense. We must show how security not only protects the company but also enables innovation, efficiency, and senior management’s confidence. Ultimately, a leader who trusts our ability to manage risks and generate value through cybersecurity is a leader who will see us as a key strategic partner.

Imagine our role as CISOs is akin to that of a parent guiding their child in their first steps; we want the company to grow, develop, and reach its maximum potential. But we also want to protect it from the dangers of the world.

We must strike a balance between protection and freedom, between security and innovation. Occasionally, this means allowing certain controlled risks to achieve greater gains while the company learns and strengthens. Other times, it requires setting clear and firm boundaries to prevent irreparable harm.

Our goal is to create a secure environment that allows the company to grow and thrive—an environment where innovation can flourish without jeopardizing information security.

For us, cybersecurity is an enabler of digital transformation: the cloud, the Internet of Things (IoT), and artificial intelligence (AI), among others. All these technologies, which are the engines of innovation, require a secure foundation to generate value. Without cybersecurity, digital transformation is like a house of cards.

If we can orchestrate all these strategies, we will be that strategic partner working hand in hand with other areas of the company to help them achieve their objectives, providing security solutions that enable growth and efficiency.

For our message to have a significant impact in the boardroom, the way we communicate it is essential. In my experience, we achieve this when:

• We know our audience very well. Each leader has their priorities, objectives, and communication styles. By tailoring our message to each of them, we can capture their attention and generate interest.
• We use concrete examples, tell a story, use case studies, or use analogies that make ideas easier to understand and remember. A well-told story has much more impact than a presentation filled with data and figures.
• We are concise and clear, without technical jargon or excessive details. We must get to the point and highlight the true impact of our contribution to the business.

Our place in the boardroom is not earned solely through firewalls and antivirus software, but through a more strategic vision, demonstrating leadership and our ability to turn cybersecurity into a growth engine for the organization. Whether we call ourselves CISOs or BISOs, our mission remains the same: “speak the language of business and drive innovation securely.”

The year 2025 is shaping up to be a decisive year in the war against cybercrime, where the convergence of emerging technologies, such as Batuta, will redefine the landscape of digital security moving forward.

But how did we get here? The battle between cybercrime and cybersecurity defenses has been a technological duel that began in the early days of computing in the 1970s. Since then, every advancement in security has been met with a new form of attack, in an endless cycle of innovation and counter-innovation. For instance, the viruses of the 1980s, such as Brain and Morris Worm, gave way to sophisticated Advanced Persistent Threats (APTs) in the 2000s. The internet revolution of the 1990s brought phishing and distributed denial-of-service (DDoS) attacks, which have evolved into the ransomware campaigns that today threaten global critical infrastructures.

Each new technology has added fresh battleground elements, both offensively and defensively, turning this conflict into a true digital arms race where innovation serves as both a shield and a sword.

Here we are… The evolution of generative artificial intelligence (AI), which has enabled the creation of threats and defenses, is reaching a critical point where organizations will finally have more sophisticated predictive tools to anticipate, mitigate, and neutralize cyberattacks. However, the battle will not be straightforward; 2025 will also be when cybercriminals evolve into more complex structures, utilizing advanced AI and hyper-personalized social engineering techniques.

There are various tools and strategies that, with their constant evolution, can serve as the digital arsenal of the future against cybercrime. Among them, the following stand out:

Artificial Intelligence has become the frontline defense against cyber threats. Predictive AI systems detect anomalies in real time and anticipate potential attack vectors before they materialize.

Quantum computing, although still under development, promises to revolutionize cryptography as we know it. It will be a strategic necessity, driving the development of new security algorithms resistant to cyberattacks.

Blockchain has evolved beyond cryptocurrencies to become a fundamental pillar of digital security. Private blockchains and smart contracts are transforming authentication and identity management, creating immutable records of transactions and activities. This technology enables the creation of decentralized verification systems that are more resilient to cyberattacks.

Incident Response Automation is redefining the speed and efficacy with which organizations can respond to threats. Through certain systems, organizations not only automatically detect and categorize threats, but can also initiate predefined responses within seconds, containing security breaches before they can expand.

Zero Trust Architecture has become an operational reality. Based on the principle of “never trust, always verify,” it uses behavioral analytics and contextual biometrics to constantly verify the legitimacy of each interaction with systems.

Threat Intelligence has evolved into collaborative platforms that share real-time information on emerging threats. These networks of collective intelligence, powered by data from multiple sources and enriched by AI analysis, allow organizations to maintain a proactive security posture, adapting to new threats.

DevSecOps security tools integrate security directly into the software development cycle, creating applications that are secure by design. Automated vulnerability scanners, static and dynamic code analysis, and continuous penetration testing have become standard components of the development process, ensuring that security is considered from the very beginning.

The victory of cybersecurity in this war does not lie in a single tool or strategy but in the intelligent convergence of all these technologies. True innovation emerges from communication and collaboration between different security layers, creating an adaptive defense ecosystem. This technological evolution will reach its maximum potential through unprecedented collaboration among governments, businesses, and security experts, who, driven by stricter regulations, will establish global cybersecurity standards and mechanisms for a coordinated response to face challenges. This marks the dawn of a new era in the protection of the digital space.

Many of us have experienced the transition from a life without devices to a virtual life where we navigate daily with one or more devices in our pockets. Additionally, we now cohabit with those who began their virtual life from an early age. What we have in common is that one way or another, a significant portion of our interactions takes place in the digital realm. We have entrusted our data and information to a series of technology providers, who assure us they will protect it.

It is clear that in the virtual world, our data is the most valuable asset, enabling countless possibilities for those who possess it—whether they be individuals, companies, organizations, countries, or regions. The issue of safeguarding and protecting our information is paramount. There is no level at which the impact is lesser; the repercussions for an individual, an organization, or a country can trigger a domino effect of unpredictable dimensions.

Therefore, how we address cybersecurity challenges can make the difference between vulnerability and resilience. We can tackle these challenges in isolation, risking a limited perspective and potentially duplicating efforts. Alternatively, we can adopt a collaborative approach that promotes the constant exchange of resources and knowledge, which strengthens our cybersecurity posture and provides a more comprehensive view of threats that can benefit everyone through sharing. What do you think is the most effective approach?

Last year, during the Future Summit of the United Nations (UN), the Pact for the Future was approved. The Pact highlights the most urgent challenges of the century, covering a wide range of issues, from peace and security to sustainable development, gender equality, and the transformation of global governance.

A key aspect of this agreement is the Global Digital Pact, which places cybersecurity and digital cooperation at the core of multilateral efforts; recognizing cybersecurity as an essential component for global peace and stability, while reiterating the importance of countering cyber threats across critical sectors, from global finance to critical infrastructure.

As we can observe, there is a strong global call for collaboration, given that the numbers surrounding cybercrime are not encouraging. According to the latest report from the European Union Agency for Cybersecurity (ENISA), published in September 2024, there has been a notable increase in the quantity and sophistication of cyberattacks from July 2023 to June 2024.

This scenario is not only evident in Europe; for instance, Latin America has positioned itself as one of the regions with the highest incidence of cyberattacks in the world, receiving more than 1,600 attempts per second (IDB, 2023). In this context, and considering that the total costs of cyber incidents in the upcoming years are estimated to range between 1% and 10% of global GDP (IMF, 2024), cybersecurity initiatives that promote multilateral collaboration have become fundamental.

Cybersecurity cannot be effectively addressed in isolation; cyberattacks do not recognize borders; they are a global phenomenon, requiring an equally global response. A collaborative approach allows for a two-way flow of resources and knowledge, promoting a more integrated cybersecurity framework.

One example of tools that promote cooperation and information exchange in this area is ISACs (Information Sharing and Analysis Centers). In these non-profit organizations, different sectors collaborate to share information about cyber threats. ISACs function through a trusted network among their members, enabling a continuous flow of threat intelligence and a swift, coordinated response to incidents. ISACs already operate across various sectors, where diverse actors exchange information, identify patterns and trends in threats, understand their nature, and adopt timely preventive measures without having to experience the attack firsthand. In a world where cybercriminals share tactics and tools to maximize the impact of their attacks, the most effective response is collaboration and information sharing. Mobilizing efforts among governments, businesses, and civil society not only facilitates the sharing of resources and knowledge but also enhances the capacity for responding to cyber incidents. By adopting this model and fostering cooperation among sectors and actors, countries will be able to confront threats more effectively while strengthening their cyber resilience. This collaboration and a proactive focus can be decisive in safeguarding our data and thereby building a safer and more reliable digital future for everyone.

Cybersecurity has undergone a fascinating evolutionary journey over the decades, adapting to an ever-evolving digital landscape. Current best practices are the result of years of trial and error, a learning process forged in the battle against cyber threats. From the emergence of Creeper, the first computer virus in the 1970s, to the creation of Reaper, the first antivirus, it is clear that cybersecurity was born in response to a latent danger. Initially, its focus was defensive, arising as a necessity to combat a universe of emerging threats.

However, today’s digital landscape is radically different from what our predecessors faced. Today’s threats are increasingly sophisticated, forcing organizations, companies, and individuals to stay one or two steps ahead. Relying solely on defensive measures is an inadequate strategy for a constantly changing digital world. Even a preventive posture is insufficient without the necessary agility to adapt. What cyberspace demands today is a proactive cybersecurity approach that not only responds to risks but anticipates and effectively mitigates them. In this new paradigm, adaptability and innovation are essential to safeguard integrity and security in the digital realm.

What is Proactive Cybersecurity?

Proactivity can be understood as the ability to take control of a situation and anticipate events. Proactive cybersecurity encompasses a set of practices and strategies to predict, identify, and mitigate threats before they cause significant harm to an organization or business. This includes both preventive and defensive approaches, but it also incorporates many other practices that empower individuals to take control of their environment. There are three important pillars of a proactive cybersecurity strategy:

1. Prevention

Responding after a threat has caused damage is not sufficient. Prevention is the foundation of proactive cybersecurity. To achieve this, companies need to engage in various prevention and anticipation practices at their structural level. Offensive security teams, or red teams, are primarily responsible for this pillar of proactive cybersecurity. Through simulated attacks, they can identify vulnerabilities and weaknesses in system security to strengthen them before a threat arises. However, prevention must also be implemented at an organizational level, promoting a cybersecurity-aware culture with practices such as strong passwords, constant software updates, strict access policies, and antiphishing solutions, among others.

2. Continuous Monitoring

To ensure our digital environment is free from threats, it is necessary for company systems to be continuously monitored. This means actively seeking anomalies or security breaches that could allow access to some form of threat. This task becomes increasingly complicated as organizations grow. However, a small gap or unmonitored access is enough to cause irreparable damage. Therefore, advanced tools such as Batuta are available to simplify the monitoring and control of our digital infrastructure.

Continuous monitoring is where many organizations fail, as they lose track of the pace with which threats change. Having a proactive cybersecurity strategy means having complete visibility and control over the entire digital infrastructure to prevent any entry of a threat.

3. Response Capability

Finally, the third pillar of a proactive cybersecurity strategy is response capability. If it is too late and a threat has already breached our system, the impact it can generate will directly depend on our ability to react and mitigate threats. This can make the difference between minor or severe damage. An effective response will depend on whether we have well-defined action plans, tools, and specialized teams ready to respond to any type of cyberattack.

The Importance of Automation

Integrating automation into a proactive cybersecurity approach enables organizations to identify, prevent, and respond to threats more efficiently and effectively. By automating routine tasks such as network monitoring and vulnerability detection, companies can reduce reaction times to potential attacks and minimize the risk of human errors. Additionally, it allows for more rigorous data collection and analysis, helping to anticipate new threats and strengthen defenses. In this way, it improves resilience and frees up resources for security teams to focus on more complex tasks.

For instance, one of the benefits of platforms like Batuta is endpoint visibility and control. It focuses on providing organizations with tools and solutions to monitor, manage, and protect their digital  infrastructure. This type of tool simplifies the complexities of commitment and alignment between IT and cybersecurity teams. Having an integrated approach ensures that organizations improve their security posture and promote a culture of shared responsibility in protecting their digital environments.

Proactive cybersecurity today is an essential element of any organization’s strategy. By adopting this approach, companies can strengthen their defenses before cyber incidents occur. This proactive mindset allows for the implementation of robust security measures, continuous vulnerability assessments, and the fostering of a culture of cybersecurity awareness among all individuals in the organization. Furthermore, by investing in advanced technologies and continuous staff training, organizations protect their critical assets and ensure the trust of their customers. In a world where innovation and risk go hand in hand, staying one step ahead in cybersecurity is not just an option; it is an imperative need for long-term success.

We are so excited to share that Metabase Q has closed a $11 million Series A Extension Round, with total funding raised of $16 million. This round, led by SYN Ventures, reflects a 2x increase in valuation from the Series A we raised last year. We’re incredibly excited to be partnering even closer with SYN Ventures, due to their sole cybersecurity focus and track record of investing in and building many of the most interesting cybersecurity companies of our time. In addition, Robert Rodriguez, a venture partner at SYN Ventures and chairman and founder of SINET, a community of senior-level cybersecurity professionals, is joining our board as we continue to build a game-changing company. 

Our mission at Metabase Q is simple: reduce cybersecurity risk through proactive security, starting with centralized management and control. 

Our platform, Batuta – Spanish for conductor’s wand, came out of learnings from hundreds of customers. Many companies struggle to answer simple questions: “Do you have endpoints with EDR that you think are deployed but aren’t reporting into the portal?”, “Are the patches you deployed successful?”, “Am I able to immediately stop a ransomware attack and isolate hosts if one were to get infected?”, “Are my systems compliant?”, “Have I overpurchased technology licenses?”, “Do I have complete cybersecurity coverage?”. We created Batuta to provide these answers. 

Batuta is a centralized SecOps control plane for your fleet. It is a cloud-native, multi-tenant endpoint management platform that combines IT and cybersecurity functionality to proactively strengthen companies’ security posture. 

• Perform Actions 10x Faster
  Improves speed and cybersecurity and IT technology command execution 10 fold which dramatically increases the speed of response to incidents and remediation actions
• Make Use of the Technologies and Features You’re Paying For
  Verify that current security tools are deployed and working effectively. For example, identifying an endpoint with a disconnected or outdated EDR agent
• Best-of-Class with Efficiency of a Platform
  Control and freedom to rip and replace endpoint technologies enterprise-wide without complex change management processes
• Save Time and Money
  Identifies unused software licenses, enabling companies to consolidate technologies and cut costs while enhancing protection
• Take Action Across the Entire Fleet

Quickly isolate hosts in the case of a ransomware attack, deploy multiple types of agents in a standardized way, ensure consistency in compliance, and reduce operational overhead and gaps

In addition, we are announcing ZeroAPT Mitigator which lets companies harden Windows and Linux operating systems based on the latest malicious techniques used by most active Advanced Persistent Threats (APTs). This enhances Batuta’s existing proactive security capabilities, which help teams assess an organization’s current risk level and develop a path to reduce that risk through control and remediation. The new feature is in beta with select customers.

Our relentless focus on doing right for our customers is why Metabase Q has become a key partner for many of the largest and most complex organizations globally. Batuta is deployed in over 45 countries by over 50 large enterprises. We are proud to be mission-critical for so many leading companies at this stage. Our goal is to continue to make life easier for our customers who rely on Metabase Q day in and day out to do their jobs and keep their businesses running. 

We believe that companies are built by people. It’s taken a ton of grit from the entire Metabase Q team to turn our vision into a reality. We are fortunate to work with some of the best people in the industry and are excited to expand our brilliant and passionate crew with this new funding. 

We believe in a more secure and connected future. Thank you for all your support and we look forward to continuing to succeed together! 

Read more about this announcement in our press release here https://www.metabaseq.com/press-release/metabase-q-raises-11-million-in-series-a-extension-funding/

Best,

Mauricio & Louise