Charles d’Aumale, François Gratiolet et Christophe Ternat, CYRATING: Cybersecurity risks remain a huge challenge for senior executives, CIOs and CISOs
October 2017 by Marc Jacob
Charles d’Aumale, co-founder Sales & Finance, François Gratiolet, co-founder Strategy & Marketing and Christophe Ternat, co-founder Technology & Operations have just created CYRATING, Europe’s leading cybersecurity rating agency. Their CYRATING ORG solution is a service for private and public organizations. The advantage of this service is twofold: to improve the performance of organizations and to monitor suppliers continuously. For the three founders of CYRATING manage cybersecurity risks, and even more those of their suppliers remains a huge challenge for senior executives, CIOs and CISOs.
GSM : Can you introduce your company?
Charles d’Aumale, François Gratiolet, et Christophe Ternat : CYRATING is the first cybersecurity rating agency established in Europe.
CYRATING has been founded by three veterans in cybersecurity: Charles d’Aumale, François Gratiolet et Christophe Ternat. They bring their networks, their technical, operational, sales and marketing skills.
Our R&D team is located in France, our platform was designed by ourselves and data are hosted in European Union. François Gratiolet
GSM: what is your flagship product or service for 2017?
Charles d’Aumale, François Gratiolet, et Christophe Ternat : Our CYRATING ORG product is a service for private and public organisations.
Our product CYRATING ORG is a service for private and public organizations. Through our web platform, according to their subscription, CYRATING users instantly access the ratings of their organization, their entities and / or their suppliers / partners, as well as their positioning in their industry. The details of their ratings and historical records are also given.
The year 2017 is a period for us to experiment our service. Thus, we are currently working in "design partner" mode with organizations to improve the user experience of our CYRATING ORG product, its workflow and the rating information details. Our CYRATING ORG product will be launched commercially at the FIC in January 2018.
GSM : Which customer segments do you contact?
Charles d’Aumale, François Gratiolet, et Christophe Ternat : We target firstly SMEs, large corporations and public organisations in France and in Europe to support to assess and monitor the cybersecurity performance of their organisations, all their subsidiaries and all their vendors.
We have two first use cases with CYRATING:
1. Improve performance: the CYRATING score is a simple and objective measure of cybersecurity performance for organisations. Each organisation can thus manage its cybersecurity posture, compare it with that of its peers, and also benchmark e its subsidiaries or internal entities. It can thus prioritize the allocation of its resources;
2. Continuously monitor vendors: organizations are increasingly interconnected and depend on the digital resilience of their suppliers; CYRATING enables the continuous measurement and monitoring of the cybersecurity performance of suppliers: thus, it is possible to streamline the choice of more in-depth assessments.
GSM : What are the strengths of your offer?
Charles d’Aumale, François Gratiolet, et Christophe Ternat : The CYRATING notes are actionable and easy to understand by all the stakeholders: general management, risk management, CIO, CISO, compliance, finance, etc. The rating allows the management, CIO and CISO to communicate with a simple and shared vocabulary. Each rating is provided with its own metrics and related test results, and allows CIOs and CISOs to identify rooms of cybersecurity improvement within their organization and to prioritize resources’ allocation. CYRATING makes it easier to share notes within and outside the organization (customers, prospects, suppliers, investors ...).
The scoring process is performed independently of the organization, and does not require the installation of any software or hardware at customers’ premises. This means that thousands of organizations can be cyrated automatically and without interaction with them. If an organisation’s rating is not already available, it is calculated almost instantaneously.
GSM : How do you accompany your customers?
Charles d’Aumale, François Gratiolet, et Christophe Ternat : Nous aidons nos clients à prendre en main la plateforme notamment sur la gestion des utilisateurs, l’ajout d’entités, filiales ou fournisseurs, à comprendre leurs notes, et à les partager avec des tiers. Nous pouvons aussi proposer des accompagnements plus personnalisés sur des problématiques liés aux enjeux de notation ou d’analyse de leur performance cybersécurité.
We help our customers to setup the service including user management, adding entities, subsidiaries or suppliers, to understand their ratings, and share them with third parties. We can also offer more customized support on issues related to their scoring insights of their cybersecurity performance.
GSM : How is your sales network organized?
Charles d’Aumale, François Gratiolet, et Christophe Ternat : At this point, we sell our service directly. In order to make us known, we have discussions in parallel with various players which help corporations in their governance.
GSM : How is your technical support organized in France and in Europe?
Charles d’Aumale, François Gratiolet, et Christophe Ternat : Our service is based on a platform developed and hosted by ourselves. Our operational support is done in French and English by phone and email from France.
GSM : To conclude, what would be your message to our readers?
Charles d’Aumale, François Gratiolet, et Christophe Ternat : Cybersecurity rating is a powerful management tool like financial tools or operations’ tracking. The recent large-scale data breaches (e.g. Merck, Equifax, Deloitte, etc.), as well as the strengthening of regulations in Europe and around the world, require managers to seek greater cybersecurity and better effectiveness.
Cybersecurity is now a strategic issue for corporate governance and their boards of directors. Managing cybersecurity risks, and even more those of their suppliers or vendors, remains a huge challenge for senior executives. Leaders do not have objective data points to evaluate and manage their cybersecurity performance, benchmark themselves and take decisions. Access to an objective and actionable rating brings this common understanding to all, and facilitates dialogue between senior executives, CIOs and CISOs.
CYRATING ambition is to contribute to improve the cybersecurity of organisations in Europe.