Safety Detectives: Please share your company background, how you got started, and your mission.
BreachRx: BreachRx launched to market in 2020 to empower privacy organizations to get more proactive in their privacy posture.
Today, privacy incidents and breaches are becoming increasingly frequent and costly. Around the world, data breaches cost global companies $4.24M per incident in 2021, 17% higher than in 2020. Meanwhile, we are seeing more and more regulation worldwide that requires companies to respond to and report incidents quickly, in as little as 24 to 48 hours. Traditionally, privacy teams have leaned on manual processes and spreadsheets to manage their incident response, but this can put organizations in a reactive position and is simply becoming untenable in today’s fast-paced environment.
I founded BreachRx after watching privacy teams try to deal with increasing numbers of incidents and breaches with essentially no technology. I came from a 20+ year career in cybersecurity, which has more technology at the moment than its teams can effectively use. Cybersecurity and privacy are closely related, and seeing this dichotomy across the market, even at Fortune 50 companies, was shocking.
SD: What is the main service your company offers?
BreachRx: Our proactive incident response and management platform enables our customers to take quick, coordinated action against privacy incidents. Unlike traditional, manual methods, our platform dynamically stays up to date with regulatory requirements, generates tailored incident response playbooks, and coordinates workflows across departments so our customers can prepare for, respond to, and recover from incidents in a secure, auditable way. This puts privacy teams in control of their privacy programs, helps them measurably reduce risk for their businesses, and cuts incident response costs in half.
SD: What is something unique that helps you stay ahead of your competition?
BreachRx: Two big things, driven by the firsthand experiences of my attorney co-founder Andy and me.
First, we’re taking a much more proactive approach than the competition—something that was inspired by our familiarity with our customers’ own pain points. To truly get ahead of incidents and take the crisis out of incident response, we knew that privacy teams needed to deliberately prepare to address incidents and breaches ahead of time.
Second, having been in our customers’ shoes has allowed us to build a tailored product that solves key pain points for our peers and customers and seamlessly integrates into their daily workflows, rather than our competition’s approach of building a technology to which their customers are forced to adapt.
SD: What do you think are the worst cyberthreats today?
BreachRx: Ransomware has become massively prevalent in the last couple of years and can have an immense impact on a business. Not only does it take out the ability for a business to safely operate, but also, it’s leading adversaries to more frequently exfiltrate data to exploit for increased ransoms. Such a data breach impacts the security and privacy teams and starts the shot clock of dozens of regulations in the United States and globally.
I’d also say that the proliferation of nation-state-grade tactics, techniques, and procedures into the underground continues to be a major source of new “innovation” for criminals. With more governments entering the mix given the low bar for entry, this trend will only continue to get worse and advance the capabilities of criminals, hacktivists, and other threats, leading to more breaches, more work for teams, and more regulations and requirements from governments across the world.