enterprisesecuritymag

Cyber Business Analytics Inc.: Full Spectrum Cyber Risk Management

David Shaw, Founder & CEO, Cyber Business Analytics IncDavid Shaw, Founder & CEO
Originally known as Global Business Analysis (GBA), Cyber Business Analytics (CBA) today specializes in cyber security risk services and technology solutions, catering to vulnerability management companies. “Our continuing goal is to enhance our clients’ risk posture by helping them develop and maintain an enterprise wide cyber security culture,” connotes David Shaw, Founder and CEO, CBA.

Washington-based CBA provides services for a reputable global clientele, being affiliated with TEG7, the American Institute of Aeronautics and Astronautics (AIAA), and the Center for Information Assurance and Cyber Security, to name a few. “Our passion stems from the decades of experience our team members bring from the vulnerability management industry and our continuous objective to stay on top of emerging trends in cyber vulnerabilities for critical infrastructure and private/public industry,” says Shaw.

The current vulnerability management trends entail a trained and cyber security conscience enterprise, especially given the rise in social media, IoT, and mobile device integration into daily enterprise business operations. Operating on the NIST Cyber Security Framework, CBA adapted to meet this trend by offering a suite of risk services that allows them to fully assess, create mitigation strategies, and execute training.

Shaw states that one of the largest challenges in the vulnerability management arena is getting support from C-Suite executives for critical enhancements, mainly due to the lack of knowledge about cyber security and cyber risk. “We understand what it takes to get key stakeholders to invest their time and support into long projects with strategic payoffs,” explains Shaw, “and CBA has been very successful in leveraging our expertise to educate and present meaningful business solutions focused on enhancing an organization’s cyber security resiliency and culture.”

CBA’s solutions span a multitude of offerings, including white paper creation services for their clients to preclude risk and technology assessments.

Our approach is simple and effective, tailored to each customer


“Our risk services like Tabletop Exercises help clients approach how they work through various cyber security scenarios and each NIST function,” explains Shaw. “Through our core technology practice, Pandora’s Box, we provide clients with comprehensive product assessments, implementation services, training programs, reviews, and enterprise wide threat and vulnerability assessments to help them understand where their processes and controls have gaps.”

Furthermore, CBA is set to release its think tank— CBAThink!—soon, to further capture thought leadership from top global resources and advance collective cyber security and information assurance solutions.

“Our approach is simple and effective, tailored to each customer. There is no cookie cutter way of doing business,” states Shaw. “Our solutions start with our clients. We identify their business needs, available resources, the criticality and value of their assets, and existing policies and capabilities.”

An example of CBA’s impact includes being engaged in design level projects, where they were able to conduct low-level research, risk assessments, and product assessment before the final design and implementation, which materialized in various enhancements that were not initially considered. “This process not only saved our client millions of dollars, but also reduced business operating risk,” affirms Shaw.

The future holds no stopping points for CBA, as they are looking to expand their technology solutions by deploying an innovative intrusion detection and protection service to small and medium scale businesses nationwide. Moreover, the company is looking to bring legal service offerings into the picture, specifically versed in cyber security, to round up its offering array. “Our goal is to provide an expanded risk suite that includes risk and vulnerability assessments, technology solutions, as well as enhanced business solutions,” concludes Shaw.