Orchestra Group helps companies achieve “security by design” by combining compliance, risk, and cybersecurity into a single, managed operational platform. Its digital cyber twin technology additionally helps corporates to proactively play defense by highlighting potential vulnerabilities. Clients include companies in the financial services, health, energy, and manufacturing sectors.
Think of it as an integrated cybersecurity defense platform with proactive security policy management and enforcement orchestration, says Jacob Ukelson, Orchestra’s co-founder and CTO. “We give CISOs [Chief Information Security Officers] a holistic view, so they know where they stand and what they need to do,” he says.
Orchestra’s platform addresses three significant issues that make it challenging to manage cybersecurity: companies must manage anywhere from 10-120 different cyber security technologies; there are a lack of standard metrics to measure, manage, and benchmark cyber defense; and cybersecurity needs are constantly changing, requiring tuning of the trade-offs between shifting IT\business needs and cyber risk.
The Israeli startup’s “policy as code” approach aims to help CISOs facilitate coordination, reporting, and and different priorities among stakeholders in cyber defense, compliance, and risk management. The policies provide a basis for metrics, reporting, and processes that enable continuous improvement.
Orchestra’s technology platform also includes threat detection through attack scenarios. It builds a digital twin – a computational model of a corporate’s assets and interconnections – in order to help clients understand and assess potential threats. “The bad guys don’t target the most valuable assets directly, they look for the weakest link that will allow them to enter and move within the organization,” says Ukelson. “We show organizations their vulnerabilities and explain what they can do to either stop damage from occurring or make sure it will be minimal.”
Competitors include cybersecurity companies like Cymulate, a SaaS-based breach and attack simulation cybersecurity startup. Ukelson says it is safer for companies to use a digital twin like Orchestra’s to assess threats because penetration testing on corporates’ networks could end up disrupting operations. And it says it is one of the only companies that is able to provide threat detection based on security policy management.
Ukelson, who has over 20 years of experience working for IBM and startups, co-founded the company in 2018 along with CEO Omri Lavie and COO Isaac Zack. Lavie, a veteran player in the high-tech and cybersecurity fields, is also a cofounder of NSO Group Technologies, a cyber intelligence company that helps government agencies prevent and investigate terrorism.
Orchestra Group was one of several Israeli cybersecurity startups presenting at the Cybertech Global UAE-Dubai conference which took place April 5-7.
To access more of The Innovator’s Startup Of The Week articles click here.