Saket Modi, Co-Founder & CEO, Safe Security, USA

You started Safe Security while you were in your final year of engineering, what gave you the idea to start the company?
We started Safe Security in 2012 with the idea of being a cutting-edge cybersecurity services company. Digital transformation has been a reality for the past decade now, and naturally, cybersecurity has been the biggest worry for executives and the Board. When we started, the cybersecurity market was primarily dominated by consulting firms, large SIs, etc., but there was a clear gap of a cybersecurity specialist company. This led to the inception of Safe Security (FKA Lucideus). From the very beginning, we have partnered with our customers on their secure digital transformation journey.

In 2019, we pivoted and built our own SaaS cybersecurity platform, which gives customers an enterprise-wide and objective view of their risk posture in real-time. With SAFE, customers get an aggregated view of their cyber risk across people, processes, technology, and third parties on a single dashboard and their potential financial impact if a data breach occurs within the next 12 months. This makes cyber risk communication accurate and straightforward.

Since many of our readers may not be experts in cybersecurity, could you explain what exactly Safe Security does?
SAFE is a SaaS platform that takes the guesswork out of cybersecurity and unifies existing cybersecurity signals to a single integrated dashboard. With SAFE, customers can know their likelihood of being breached, get prioritized actionable insights, and determine the potential financial impact of a data breach within the next twelve months. For the first time, businesses can quantify their cyber risk appetite and tolerance based on data-driven algorithms rather than 600- page long reports. This makes cyber risk communication de-jargoned, simpler, and straightforward.

You have been recognized with many prestigious awards like Fortune Magazine’s 40-under-40, Forbes Magazine’s 30 under-30, etc. What do these awards mean to you and how do they motivate you?
I’ve always believed that awards are a by-product of the great work that my team does. I am fortunate to be receiving the award on their behalf.

How has cybersecurity changed since the COVID-19 pandemic?
Before I talk about cybersecurity, let's look at how COVID-19 accelerated the pace of digital transformation. While every business had a digital transformation strategy and timelines planned, COVID-19 accelerated it by many folds. In the McKinsey Global Survey of executives published in 2020, it was found that their companies had accelerated the digitization of their customer and supply-chain interactions and their internal operations by three to four years. And the share of digital or digitally enabled products in their portfolios had accelerated by seven years.

Infrastructure moved from on-premises to the cloud, sensitive information was being discussed on video conferencing solutions, information was accessed irrespective of geography and time, and executives were using personal/home networks to access information and more. This resulted in newer challenges for the security & risk management leaders. Throughout the pandemic and into 2022, we have only seen an uptick in the kind and number of attacks —ransomware is at an all-time high, attacks on critical infrastructure and nation-state attacks are increasing rapidly, and threat actors are exploiting newer attacks surfaces constantly.

This has prompted security leaders to rethink their strategies and shift from a reactive, traditional threat-driven cybersecurity approach to a more objective, enterprisewide, real-time, proactive, and predictive risk management approach.

Why are cybersecurity and digital risk quantification important? 
In an era where new threats are being identified daily, security professionals can no longer depend on traditional risk management approaches. As the C-suite executives and Boards continue to get involved in cybersecurity and want better visibility of cyber risks, security leaders need to communicate risk in a way that everyone understands the financial value at risk. Cybersecurity and Digital Risk Quantification gives a common language for cybersecurity to the Board, C-level, security analysts, external stakeholders, and employees.

The SAFE Platform is Safe Security’s main product. Could you explain how the SAFE Platform is revolutionary in the cybersecurity industry?
Cybersecurity is siloed, reactive, and heavily reliant on point in- time subjective abstractions. SAFE is the only product that encompasses real-time risk from people, processes, technology stack, and third parties to help data-driven decision making. To the best of our knowledge, SAFE is the only cybersecurity platform with the capability to help businesses measure, manage, and mitigate cyber risks in real time
.
Quantifying enterprise-wide risk across all vectors has not been attempted yet, let alone be performed successfully. Other security scoring and rating products are restrictive and focus on only one or a few aspects of risk. For example, some companies provide a business risk score from the outside-in for just first or third parties, or some products only focus on employee cybersecurity.

The nut and dried fruit industry is made up of many small family-owned businesses. Are cybersecurity’s importance and application only relevant to large multinational enterprises or is it something small family businesses should take into account?
A study by IBM revealed that organizations with fewer than 500 employees had an average data breach cost of $2.98 million per incident in 2021. Further, approximately 60% of SMBs go out of business within six months of getting breached, according to reported data.

Cybersecurity today is the backbone of every organization with data, and I do not know of a single company, whether small or large, that doesn’t manage data regularly.

So, cybersecurity is the number one worry irrespective of industry, scale, or geography where a customer operates.

Has Safe Security worked with any agricultural companies? How do you see cybersecurity and digital risk quantification playing a role in our world’s food supply chain?
Whether that’s using drones to distribute pesticides to using automated ‘agro-bots’ to monitor, treat, and work the land, the agriculture industry is adopting technology at a rapid pace. Agriculture is a crucial sector for a nation’s economy, and a cyberattack can have far-reaching effects. While traditionally, it has not been a focus for cybercriminals, we see that change now. In 2021, for example, the FBI had warned of a new Ransomware as-a-Service gang, BlackMatter, targeting farming companies. The technology used in this sector is often left unsecured, making it a growing target for cybercriminals.

Cybersecurity and digital risk quantification platforms can help immensely to visualize the cyber risks in real-time, plan cost-effective mitigation strategies, and, more importantly, have a data-driven approach to measure, manage, and mitigate cyber risks.