Why Kobalt.io – Two Years In

Michael co-founded Kobalt.io two years ago. The Kobalt.io team and Michael have learned a lot throughout the journey. In this blog, Michael shares his learnings and the reasons why he’s excited to continue to help solve the problem of security for small and medium-sized businesses.

Two years ago, I wrote a blog post where I tried to address the question of why I felt the need to bring another cyber security company into the world. This blog is intended to update that mission statement, share what we’ve learned and why I’m even more excited about solving this problem than ever before.

It’s all about our clients.

When we started, I was passionate about the innovation coming out of small business, but experiencing it first hand has been incredible.

We’ve had clients who are conducting vaccine trials for COVID-19, landed seven figure deals with FAANG, enterprise and government contracts, grown their teams by dozens of team members, successfully completed challenging compliance certifications, brought disruptive new health, financial and software services to markets and more. We’ve worked to guide clients through responding to challenging security incidents, build risk-based programs from scratch, address security questionnaires, ensure the security of their web apps and move their business to the cloud.

We’ve been thrilled by over 100 small businesses taking us on as guides to help them cross the security chasm, build out solid programs and support their growth. This means addressing three critical elements – people, process and technology. Security has a shortage of skilled experts, and small teams are limited by budget and resources.

There isn’t one job or skill set – to address security you need strong defensive skills, experience with infrastructure, code, ability to perform offensive security testing, addressing architecture, policies, governance, compliance, awareness training and more.

Our initial key markets.

We’ve had success in three key markets – business to business SaaS companies, health tech and fintech. Focusing on this base of fast-moving, demanding early adopters, we’ve helped address real security issues and helped them significantly grow their businesses at an amazing pace. We’ve been fortunate to work with companies on the front lines of the fight against the COVID-19 pandemic, whether that is in the area of vaccine research, supporting health care workers or enabling telemedicine. Our clients do everything from helping you get that big screen TV home so you can continue your Netflix binging, to enabling open source software to thrive in corporate environments, to democratizing access to financial services products, to enabling employee engagement in a remote work environment.

Becoming a full stack security firm for SMB.

We started with security monitoring – it’s an incredibly challenging and expensive capability for a small team to build internally, and scales from each new customer that we add. But we learned that small and mid-sized businesses need a security guide who can address all aspects of their cyber security program. We leveraged internal capabilities in partnership with our Alliance of independent consultants to build out true end-to-end security programs. Our security program-as-a-service blends the best of personalized advisory services with operational security, in effect becoming a client’s security sherpa, an extended, engaged team to partner with their internal teams.

Also – compliance – whether it is programs like SOC2, ISO, NIST, CCPA, GDPR – has grown in importance as our clients try to meet the needs of their enterprise clientele trying to ensure the security of their supply chain – something we only expect to increase in light of the recent Solarwinds attacks.

Our clients make us better.

Working with these technology companies is inspiring. They are fast, innovative and challenge us to be nimble and responsive every day. We’ve built communications channels with our clients that allow us to move at a rapid, startup pace – and clear the decks so their internal teams can focus on new feature development and maintain a high degree of velocity without security slowing them down.

Ultimately, one of the things most exciting to me is the impact we can have on innovation. Small businesses are creative, disruptive but security costs and compliance act as a barrier to development and prevent access to markets. By addressing this, helping our clients win deals, focus on innovation and development, we are effectively lowering the cost of innovation. I like to compare this to the impact AWS has had on startups – by making compute granular, scalable and accessible, innovation can thrive, and costs that used to go to building data centres can go to building product. Similarly, by lowering costs and making security more consumable, we can help small businesses focus on their core innovation and differentiators, and bring exciting new technology and services to market faster.

Moving forward.

Two years in, we’ve learned a lot. I’m more committed to our mission than ever. Thanks for taking the time to read this blog, and I hope you can help us spread the word, work on our big hairy audacious goal and truly solve the problem of security for small and mid-sized businesses.

Continue to follow our journey on social media (LinkedIn, Twitter, Facebook) and subscribe to our newsletter.

Sign up to receive updates and newsletters from Kobalt.io

Recent Posts

Follow Us