In this three-part series, we take a closer look at each of the finalists and their story in the words of the founder(s). Presented below, is a Q&A with Greg Baker, the Co-founder and CEO of Balance Theory. You can hear more from Greg, and the other finalists on The CyberWire Daily Podcast (Ep 1694, Oct 31, 2022).
Q: Tell us about your background.
Balance Theory is the brainchild of Greg Baker, Nathan Necaise and Lisa Mathias. Our team has worked together for a decade, beginning by building enterprise mission systems for the IC together. There we had the opportunity to work with the best and brightest on some of the largest and most complex problems in the world of cybersecurity, big data, machine learning, cloud and automation at scale. In 2015, we started our first company, Decision Lab, with a simple mission, to bring what we learned in the public sector to aid the private sector in solving complex problems at the intersection of cybersecurity and transformative technologies.
In 2017, Decision Lab was acquired by Optiv, the largest pure-play cybersecurity firm in the US. We took on a variety of leadership roles, driving growth, innovation, and cyber transformation for our customers. We had the opportunity to work with both established and emerging security vendors, much of the Fortune 500, as well as emerging large and mid-size businesses. We spent our time committed to solving complex problems and new initiatives with clients where we built on our perspective of the gaps in the cybersecurity ecosystem.
Our decades of combined experience, commitment to solving difficult problems, and desire to develop attractive simple solutions are at the core of Balance Theory.
Q: Tell us about your business/idea.
Cybersecurity solutions keep getting more complicated. Threats increase annually, the number of security products adopted are growing, attrition and burnout in the cyber community are at an all-time high. Time spent searching for and creating knowledge infrastructure is costing companies thousands a month for every individual supporting the mission. We’ve had the opportunity to provide solutions to these growing problems with stakeholders that successfully navigate them and those that struggle to keep pace. This experience compels us to build a platform that mitigates many of these recurring issues and is beneficial to teams even as the threat landscape continues to evolve.
Our platform was built to provide the benefits of operational collaboration to all. The platform differentiates from other knowledge platforms as it is purpose-built for the cybersecurity industry, from templates and dashboards to domain specificity and attribute-based controls. However, the transformative nature of the platform comes when users discover the power of an interconnected cyber community sharing not just intelligence on cyber threats, but holistic approaches to cyber solutions.
Q: What was the original inspiration for your company/product?
The inspiration for our platform came from our collective experiences over the past 15 – 20 years. We’ve gained insights across our time building cybersecurity programs from ideation to maintenance in both the public and private sector. We discovered that knowledge creation, protection, and use is widely underserved yet it is a highly impactful part of an effective cybersecurity strategy. It is not a secret that documentation is often considered one of the most painful parts of a practitioner’s job. When done effectively, through an integrated approach, it has a measurable impact often greater than any existing security point solution on the market.
Our experience working with multiple clients has given us clarity on the differentiators held by successful teams and the complexity of creating those positive outcomes as well as the deficiencies and constraints shared by those who struggled to build similar success.
Q: What’s your vision for the future … “What will the market you are pursuing look like in 5-10 years?”
Warren Buffet said, “Someone’s sitting in the shade today because someone planted a tree a long time ago.” While we don’t presume in 10 years that our platform will make today’s reality of teams dealing with exponential cyber threats, labor shortages, increasing regulation and an expanding landscape of cyber tooling disappear, we do envision it is a seed to a major shift in how execution is done today.
To address these challenges, the cyber community needs to begin to look to other industry verticals in how they have operationalized collaboration at scale. We are inspired by the platforms that made that shift possible for their industry: Salesforce for the Sales community, Github for developers, and Figma for design among others.
Cyber presents a unique opportunity for innovation and collaboration. All stakeholders share in a common enemy, and there is incentive to collaborate to defend against those who would act to exploit companies or industries. There is already a shift in attitudes across public to private sector collaboration and sharing. This is in fact where our name originates. Balance Theory is a psychology concept that describes equilibrium in relationships between three entities. Take for example Company A, Company B, and malicious actors. A simplified explanation of the concept is that the enemy of my enemy is my friend. This would suggest that Company A and Company B would collaborate against cybersecurity threats to achieve a better outcome.
Q: How does your business address pressing cyber and data challenges for the commercial sector?
The rising number of tools owned by an organization gives way to complexity in cyber solutions. While these solutions span the problem space, they leave a lot to be desired for cohesion and integration. Cyber architects and CISOs are challenged to understand the integration of technologies to ensure the breadth of their solution has enough coverage across attack vectors.
That coupled with the unmet demand for cyber skills in the market compounds organizational cyber debt. Research, selection, implementation, testing, monitoring and continuous tuning of solutions is time-consuming, resource intense and for some organizations financially unobtainable.
We know building institutional knowledge resilience, successful meaningful collaboration, automation and collective intelligence across the community drives better outcomes for all. Return on investment in community-based or network-based collaboration will reduce the challenges faced by the cyber community today.
Q: What attracted you to the DataTribe Foundry? Why did you choose to participate in the DataTribe Challenge?
Initially we were drawn in by Datatribe’s operational history, hands-on approach and broad network. What made us decide to participate in the challenge and what makes the working relationship the most beneficial for us is that in every conversation they challenge us. They challenge us to dig deeper, push farther, build higher and discover the layer just underneath the level we’ve gotten to so far. Many people will nod their head and go along for the journey, but an exceptional few will help you forge a path.
Q: What’s your long-term vision for your business?
Our vision of the future is one of a cooperative community against a common enemy. One where everyone sees the role they play to build a more sustainable defense. From the enterprise security team looking to protect company assets and valuable data to the security vendors innovating the next great defense.
Our platform is built by security practitioners for security teams, we know the criticality of providing a workspace beyond reproach that’s secure by design. Our mission as a business is to not only be the world’s most valuable tool in the cyber toolkit, but to be the most impactful cyber platform for all.