Dear Mr Koch, how would you describe XM Cyber in three quick-witted words?
Continuous attack path analysis, Risk-based threat management, CTEM
Please introduce yourself briefly and tell us something about your personal background.
As Area VP for the DACH region, I work daily with our customers and partners to make tomorrow’s world a little bit safer. I have been in IT for 28 years now and am looking forward to being with XM Cyber from February 2024; the technology has convinced me since the first conversation and has changed the way I think and act in the long term.
My previous employers over the past few years include Citrix, Fujitsu Siemens, Dell, Palo Alto Networks and Cybereason.
What makes XM Cyber stand out?
XM Cyber is able to quickly and easily show customers attack paths by linking security issues. This approach, also known as Attack Graph Analysisâ„¢, provides customers with a level of visibility that was previously unavailable.
How does XM Cyber help other companies?
The visibility that XM Cyber provides enables a completely new and holistic approach to IT security and the alignment of one’s own security strategy. Quick wins from XM Cyber can be used to make IT more secure and protect critical systems in the short term. Other findings from XM Cyber, in turn, have a long-term impact on companies’ security strategies. XM Cyber and Attack Graph Analysisâ„¢ can be seen as a long-term commitment and constant companion in the area of IT security strategy.
What do you see that may differ somewhat from the prevailing opinions in the area of cybersecurity?
Unfortunately, customers often still view cybersecurity in silos. This means that customers can never view and understand the holistic risk. In addition to visibility, this also has another influence: If I, as the person responsible for cyber security, do not work on a risk basis and understand the risk to the business, I prioritise the wrong issues and do not reduce the business risk.
Customers need to abandon the widespread approach – the traditional approach, so to speak – and adopt a holistic approach to risk management, looking at the risk to critical systems with an impact on business processes.
In times of tight budgets, how can XM Cyber positively impact an organisation’s cost structure?
XM Cyber naturally contributes to improved security and thus to avoiding the costs of a cyber-attack. In addition, many of our users see advantages in the optimised prioritisation of findings, which leads to a significant reduction in patching and other remediation measures. The burden on IT operations teams is sustainably reduced, but costs for pen testing, red teaming and even the reduction of cyber insurance premiums can also be saved.
How can XM ensure that resources are used in a targeted manner?
Using what is known as a chokepoint analysis, the platform automatically identifies the critical points an attacker must go through to compromise a critical system. XM prioritises these findings for remediation, which most efficiently interrupts the kill chain.
Are these analyses carried out selectively, as in a pentest?
No, XM Cyber’s Continuous Exposure Management analyses run continuously and provide daily reports, including a security score that shows how the security situation in the analysed environment or for the organisation as a whole is to be assessed.
Don’t the continuous attacks pose a security risk to the stability of the IT infrastructure?
No. All analyses are carried out in a ‘digital twin’ (see ‘Digital Twin’) of the customer environment, both on-premise and in the cloud. This ensures that the XM Cyber analyses have no negative impact on the stability or performance of the IT infrastructure.
What’s next – what do you have on your technical roadmap, what are you planning to do?
XM Cyber will continue to expand its information for attack paths and offer a complete CTEM framework solution by strategically acquiring various solutions or companies.
Further integrations with existing XM Cyber technologies, such as ‘External Attack Surface Management’ (EASM), ‘Exposed Credential Management’ (ECM) and ‘Security Controls Monitoring’ (SCM), will provide an ‘end-to-end picture’ and further contextual information in the future.
Likewise, a focus will be placed on integration with other solutions – e.g. SAP & ServiceNow. In this way, customers will also be supported in the various areas with the information from XM Cyber.
If you could send an email to all CISOs to address a security issue, what would you choose?
Continuous prioritisation of an organisation’s exposures
Find out more about XM Cyber in the Provider Directory.
