By Holly Grey, CFO at Horizon3.ai
Over the past decade, I have served in senior finance leadership roles at cybersecurity companies, including SVP of Finance at Forescout and CFO of Exabeam. At Forescout, I helped prepare the company for its public listing in 2017 and supported its growth through its subsequent acquisition. At Exabeam, I led finance through a period of significant operational transition and growth that ultimately supported its acquisition. Across these roles, I have seen organizations invest heavily in cybersecurity programs, yet often struggle to determine whether those investments are materially reducing risk.
Having also managed security teams directly, I have seen the operational side of the equation. Teams face too much noise and too little time. Alerts compete for attention. Many forms of security validation, including annual penetration tests and scheduled assessments, occur at fixed intervals and rely heavily on manual efforts and review. In a rapidly changing risk environment, that can create a static view of exposure. Audits confirm that controls exist at a given point in time, but they do not necessarily…
