This story was originally published on Cybersecurity Dive. To receive daily news and insights, subscribe to our free daily Cybersecurity Dive newsletter. Managing cyber risk has become a point of emphasis in the insurance and asset management sector, with companies boosting annual expenditures and increasing oversight at the board level, according to a report released Wednesday by Moody’s. Almost seven of every 10 companies have a chief information security officer overseeing corporate cyber risk, while an ...

Core Insights - Telos Corporation has launched Xacta.ai, an AI capability designed to enhance cyber governance, risk, and compliance (GRC) processes, enabling organizations to transition from reactive compliance to proactive risk management [2][3] - Xacta.ai integrates unique organizational content with existing data to provide real-time, actionable insights, significantly reducing compliance timelines and improving decision-making [3][4] Product Features - Xacta.ai can reduce critical compliance tasks from 4-6 months to just nine days, achieving a 93% overall time savings in generating control implementation statements [5] - The AI is built on 25 years of expertise in GRC, allowing it to provide context-aware responses to complex questions in seconds [6][7] - Key capabilities include instant control implementation, AI-driven control validation, risk remediation, contextual risk insights, and an adaptive prompt library [11] Market Context - Organizations are under increasing pressure to manage compliance obligations efficiently, and Xacta.ai addresses this by embedding regulatory and security expertise into AI-assisted workflows [4] - The trend in the market is shifting towards using AI to empower more effective risk management rather than replacing governance processes [4]

Core Insights - Qualys, Inc. has achieved FedRAMP High Authorization for its Government Platform, making it one of the few cybersecurity platforms to offer a comprehensive security solution at this level [1][3][4] - The platform addresses challenges faced by federal agencies, such as limited staff and fragmented security tools, by providing a unified cyber risk management solution [2][4] - FedRAMP High is the most stringent authorization level, designed for cloud services handling sensitive government data, aligning with NIST 800-53 High Impact controls [3] Company Overview - Qualys is a leading provider of cloud-based security, compliance, and IT solutions, serving over 10,000 subscription customers globally, including many from the Forbes Global 100 and Fortune 100 [6] - The company was founded in 1999 and is recognized as one of the first SaaS security companies, with strategic partnerships that enhance its vulnerability management capabilities [7] Product Features - The Qualys Government Platform offers a range of services including vulnerability management, compliance, endpoint detection and response (EDR), asset inventory, policy enforcement, and web application security, all within a single scalable solution [2][4] - The platform is designed to provide broad visibility and control across the entire risk surface, enabling organizations to efficiently reduce risk and protect critical assets [2][4]

Industry Trend - Insurance industry shows a growing interest in insurance technology (InsurTech) with Zurich Insurance Group AG's acquisition of BOXX Insurance Inc [1] Mergers and Acquisitions - Zurich Insurance Group AG to acquire BOXX Insurance Inc, a Canadian cyber risk management firm [1] Company Focus - Zurich Insurance Group AG expands into cyber risk management through acquisition [1]

Qualys (QLYS) FY Conference Summary Company Overview - **Company**: Qualys - **Industry**: Cybersecurity, specifically focusing on cyber risk management and vulnerability management - **Key Executives**: Sumit Dakar (CEO), Jume Kim (CFO) [1][2] Core Business Insights - **Vulnerability Management**: Qualys has been a pioneer in vulnerability management, evolving from basic detection to comprehensive cyber risk management solutions [3][4] - **Product Expansion**: The company has broadened its offerings to include remediation, patch management, asset management, and a risk operation center [4][5] - **Market Growth**: The number of vulnerabilities detected has increased significantly, necessitating a shift from merely identifying vulnerabilities to prioritizing and remediating them effectively [5][6] Financial Performance and Growth Strategy - **Growth Drivers**: Historically, growth has been driven by existing customers, with 15% of last twelve months (LTM) bookings coming from new products like Patch Management and CSAM [9][10] - **Future Growth**: The company anticipates continued growth from existing customers while also targeting new customer acquisition through enhanced value propositions [10][17] - **Financial Model**: Qualys maintains a focus on profitable growth, with a gross margin of 84% despite a shift towards more partner-driven sales [31][32] Product Development and Market Position - **Enterprise True Risk Solution**: This solution aims to provide a holistic view of cybersecurity risks, allowing customers to justify cybersecurity investments to stakeholders [11][12] - **Risk Operation Center**: A new offering that consolidates data from various tools to provide a comprehensive risk assessment, enabling better decision-making for customers [13][14] - **Cloud Security**: Qualys is actively expanding its cloud security capabilities, with 30 million agents deployed in public cloud environments [44][32] Partner Strategy and Market Dynamics - **Channel Focus**: The company is increasingly relying on channel partners for new customer acquisition and upselling, with a significant portion of deals now involving partners [25][29] - **Managed Services**: Qualys is enabling partners to offer risk monitoring services, which differ from traditional threat monitoring, thus expanding its market reach [22][24] - **Federal Market Opportunity**: The company is preparing to enhance its presence in the federal sector, particularly with the upcoming FedRAMP High certification, which will allow access to more federal agencies [33][34] Challenges and Future Outlook - **Sales Productivity**: While relationships with partners have improved, direct sales productivity has not met expectations, prompting a strategic shift towards channel partnerships [47][48] - **Investment in Federal Sector**: The company is committed to investing in the federal market, anticipating significant growth opportunities once FedRAMP High is achieved [35][36] - **Long-term Strategy**: Qualys aims to continue evolving its platform to meet the changing needs of customers, focusing on risk management and comprehensive cybersecurity solutions [17][32] Additional Insights - **Customer Engagement**: There is a notable increase in engagement from Chief Security Officers (CSOs) in discussions about risk management, indicating a shift in customer priorities [16][17] - **Market Confusion**: The distinction between vulnerability management, CSPM (Cloud Security Posture Management), and other security solutions is often misunderstood, but Qualys aims to clarify these roles [41][42] This summary encapsulates the key points discussed during the Qualys FY Conference, highlighting the company's strategic direction, market opportunities, and challenges ahead.