Josh Ray is the founder and CEO of Blackwire Labs, bringing over 24 years of expertise in combating superior cyber threats throughout business, personal, public, and navy sectors. As a U.S. Navy veteran and cybersecurity government, Ray has persistently constructed and led high-performing groups to guard vital networks and organizations. His profession consists of key roles at Accenture Safety, Verisign, Raytheon, and the Workplace of Naval Intelligence, the place he drove innovation and constructed capabilities to defend a few of the world’s largest organizations towards a myriad of superior cyber adversaries.
Josh’s mix of technical experience and enterprise acumen has been instrumental in driving development and innovation within the cybersecurity {industry}. As CEO of Blackwire Labs, Ray leads the corporate’s mission to construct trusted and skilled AI cybersecurity options, leveraging his intensive expertise to navigate the advanced intersection of know-how, safety, and enterprise.
Are you able to share what impressed you to begin Blackwire Labs? What particular challenges in cybersecurity have been you hoping to handle with this enterprise?
The three of us – myself, Chris Clark CTO, and Andrew Maloney CCO – got here collectively as a result of we noticed organizations scuffling with the identical problem: they want AI to execute towards enterprise aims and defend towards subtle threats. Nonetheless, the catch is they cannot belief or implement current options successfully. Collectively we’ve got constructed safety merchandise and capabilities for a few of the world’s largest enterprises, we noticed firsthand how smaller organizations face the identical superior threats however lack entry to the experience they want. We stored desirous about all of the organizations that could not afford giant safety groups however nonetheless wanted safety. We actually need to assist organizations of all sizes however we actually need to construct one thing significant that makes trusted expert-level cybersecurity capabilities accessible, not simply the elite few.
Your profession spans the navy, public, and personal sectors in cybersecurity. How did every of those experiences affect your imaginative and prescient for Blackwire?
Now we have a accountability to serve and defend these organizations that type the spine of our society. Every sector actually has taught me one thing important about what we actually have to construct belief and improve cyber resilience. On the Workplace of Naval Intelligence and supporting JTF-GNO, I discovered firsthand the criticality of getting the best set of experience on the proper time, particularly while you’re defending networks that defend our warfighters and nationwide safety.
At Raytheon and later at iDefense, I noticed how the personal sector was grappling with more and more subtle threats, most of the similar varieties that I noticed throughout my time within the DoD. What grew to become clear was that having siloed deep experience wasn’t sufficient – you wanted to have the ability to scale that information successfully throughout a company. This actually hit residence once I was main Accenture’s International Cyber Protection Apply, the place we have been defending a few of the world’s most focused networks and the explosion of third celebration threat and provide chain assaults.
However this is what bothers me: Whereas the most important organizations might afford to construct sturdy safety operations, numerous others have been left susceptible and the humorous factor is that they sit within the provide chain of these giant organizations. I noticed small companies, healthcare suppliers, and state businesses scuffling with the identical superior threats however with out entry to the experience they wanted. That is actually what drove us to begin Blackwire Labs. We wished to take every thing we might discovered about constructing capabilities and defending organizations on the highest ranges and make it accessible to organizations that want it most. By combining trusted AI with human experience, we may help bridge that hole. It is not nearly constructing one other safety software – it is about delivering at scale the sort of expert-level cybersecurity capabilities that I’ve seen make the distinction between a resilient safety posture and a devastating breach.
Blackwire Labs combines expert-vetted AI insights with blockchain integrity by way of TrustWire. May you stroll us by way of how this fusion enhances the reliability of your cybersecurity insights?
We took a practical and revolutionary strategy. We have constructed a sequence of belief that begins with our Cybersecurity Neighborhood of Excellence (CCOE) – seasoned professionals who collaborate with us to validate and improve our information base. We use a rigorous three-tier supply analysis framework grounded in intelligence analytical tradecraft. However primarily based on Chris’s expertise within the crypto area we’re in a position to take it to the following stage. That is the place TrustWire is available in – our blockchain-based system that creates an immutable, cryptographically verifiable document of all our sources and AI outputs. Utilizing zero-knowledge proofs, we are able to show the integrity of our insights whereas defending delicate information. Consider it as combining the very best of human experience with cryptographic certainty. One other vital element of this strategy is our Safety Registry, which captures point-in-time snapshots of all cybersecurity analyses, together with insights, sources, the consumer desires to save lots of. Consider it like a system of document that gives a everlasting, shareable document of your safety decision-making course of – one thing important for explaining to your boss why you probably did one thing with regards to audits, compliance opinions, and the incident response course of.
Lexi, Blackwire’s AI, presents predictive prompting and customised steerage. How does this characteristic set assist safety groups anticipate threats extra successfully?
Like most issues in life, understanding “what” the best query is and “how” to ask it’s key. Our predictive prompting is not nearly suggesting subsequent steps – it is about enhancing human experience. The system understands your function, your group’s context, and your safety aims to information you towards more practical evaluation throughout a strategic, operational or tactical “select your personal journey”, as Andrew calls it, set of prompts. It lets you get extra detailed insights sooner by having the ability to account for a number of factors of view that may differ relying on the organizational function (Assume CISO/CTO- Strategic, incident responder/threat supervisor Operational, safety engineer/SOC analyst- Tactical). It’s like having a seasoned safety skilled that may put on a number of hats, trying over your shoulder, anticipating what you’ll want to take into account subsequent. However with out the black field choices or sources that may change or result in useless hyperlinks.
Blackwire is described as being “safe by design.” Are you able to elaborate on the particular measures that make your platform enterprise-grade?
All the things from our structure to our AI strategy is designed with enterprise-grade safety and belief in thoughts. Our CTO Chris has been doing this his whole profession and is adamant about this. Let me break this down virtually. At its core, our structure ensures full information isolation between organizations, with strict tenant separation and configurable retention insurance policies. We’re adamant about information privateness – we by no means practice on buyer information or queries, and every thing operates on a private-by-default foundation. Consider it like working your personal safe enclave inside our platform.
For entry management, we have carried out enterprise-grade authentication with granular RBAC and MFA assist. Every API key will be scoped exactly to particular permissions, giving organizations full management over how their groups work together with the platform. We have paired this with complete audit logging and safety monitoring, creating immutable data for compliance and safety opinions.
What makes our strategy distinctive is how we have constrained our AI fashions particularly to cybersecurity domains whereas sustaining full transparency. If you ask Blackwire Labs about baking a cake it’ll say, “I can not construct a cake however constructing a SOC requires a layered strategy, would you want to speak about that?” It is because we have carried out very purposeful constraints. Each response should reference validated sources by way of our three-tier framework, and our Safety Registry creates everlasting, verifiable data of all analyses and choices. This is not nearly “checking a field” security measures – it is about constructing a platform that safety practitioners can belief.
Blackwire Labs locations a powerful emphasis on being user-configurable. What particular customizations can shoppers leverage to suit their distinctive safety wants?
Along with what I spoke about earlier with predictive prompting and contextcraft, we’re growing capabilities for organizations to securely leverage their proprietary information alongside our trusted cybersecurity insights. The place customers can incorporate their particular enterprise context – whether or not that is inner insurance policies, structure documentation, or industry-specific necessities whereas sustaining information privateness and belief. This ensures their delicate information by no means leaves their setting whereas nonetheless offering complete, tailor-made solutions. Take into consideration a healthcare supplier needing to align safety practices with HIPAA necessities, or a protection contractor working inside CMMC frameworks. They will combine their compliance documentation and inner insurance policies whereas leveraging our broader cybersecurity experience. The hot button is that each one of this stays cryptographically verifiable by way of TrustWire, sustaining our dedication to transparency and belief.
How does Blackwire Labs’ “Service First” philosophy, rooted in your navy background, form your strategy to buyer relationships and cybersecurity options?
Our “Service First” philosophy runs deeper than simply buyer relationships – it is rooted in our faith-based ethos of servant management. This implies each resolution we make begins with how we are able to finest serve our neighborhood and defend organizations that want our assist.
We’ve all grown up on this mission area, we perceive the challenges safety groups face as a result of we have lived them. We have walked in our customers’ footwear. We’re constructing options we’d have wished ourselves. The safety neighborhood is small – everybody’s about one diploma separated from one another and status issues lots. That is why we took a practitioner-to-practitioner strategy, bringing in design companions, advisors and beta customers (which finally become the CCOE) early to check our assumptions. We wished numerous of us within the boat with us early and infrequently. “This product is constructed for you, assist us make it actually helpful.”
We additionally understand how safety professionals are skeptical of distributors and in lots of instances rightfully so. That is why we give attention to fixing actual issues relatively than advertising hype. When our customers inform us one thing wants to vary, we pay attention and act. This tight suggestions loop with our neighborhood, mixed with our dedication to service, helps us keep grounded and centered on what actually issues.
Cybersecurity is a fast-evolving discipline. What methods does Blackwire Labs use to remain on the forefront of {industry} traits and threats?
Our strategy attracts from confirmed methodologies, significantly ones our CTO Chris Clark carried out at Palo Alto Networks in establishing their world risk R&D functionality. Relatively than making an attempt to gather large quantities of doubtless unreliable information, we have developed a scalable, environment friendly system for information administration and risk intelligence.
We have carried out a complicated triage system the place queries that do not meet our standards for being absolutely answered or sourced undergo each automated and guide overview processes. This creates a strong community impact the place gaps are addressed and information turns into accessible to all customers. If our system cannot present a passable reply, it mechanically triggers an inner overview.
What makes this strategy distinctive is our give attention to high quality over amount. Our CCOE members, who signify varied industries and roles from CISOs to vulnerability researchers, assist validate our information base and fill experience gaps. By overlaying basic areas comprehensively, we are able to give attention to edge instances and rising challenges that actually require specialised information.
The hot button is transparency – as I discussed earlier than our system is designed to confess when it does not have a solution, which then prompts our crew to fill that information hole. Usually, it is merely a matter of rephrasing the query (or utilizing the Lexi good prompting to mechanically create a extra nuanced immediate that the consumer may not have the flexibility to create), which we are able to rapidly handle. This strategy permits us to scale whereas sustaining excessive requirements for accuracy and reliability.
With the rise of Web3, quantum, and area applied sciences, how is Blackwire positioning itself to handle cybersecurity in these rising domains?
We speak to and get recommendation from a number of of us smarter than us. We’re blessed to have advisors who’re luminaries within the know-how and safety area like Matt Devost and Bob Gourley from OODA. They’ve shared insights and evaluation with us on these matters and plenty of others. We’re additionally lucky to collaborate carefully with of us like Rick Howard and his Cyber Cannon challenge – these are of us that many in the neighborhood look to as a way to perceive what’s subsequent. These are of us who’re members of our CCOE but in addition mentors to me. The truth that we have all been doing this for a very long time and nonetheless have a really sturdy skilled community, many who I take into account shut mates, are safety executives that assist us handle each the right here and now issues and what’s subsequent. What makes this strategy highly effective is the way it informs our platform’s evolution. Whereas Web3, quantum, and area applied sciences are thrilling frontiers, we’re centered on constructing a basis of belief that may adapt to those rising domains. Our TrustWire know-how, for example, already leverages blockchain and zero-knowledge proofs – core Web3 applied sciences – to make sure information integrity and privateness.
However extra importantly, we have constructed our platform to be adaptable. We constantly combine new insights and experience as these applied sciences evolve. It is not about chasing each new development – it is about having the best experience and trusted framework to judge and reply to rising threats throughout any area after which assist our shoppers operationalize the best resolution.
What are your long-term objectives for Blackwire Labs, and the way do you envision its function in the way forward for AI-driven cybersecurity?
Our long-term imaginative and prescient goes past simply constructing a profitable firm – we need to basically change how organizations strategy cybersecurity within the AI period. We need to do good and champion reality. We’re working to democratize entry to expert-level cybersecurity capabilities whereas guaranteeing that AI adoption does not compromise safety or belief. We consider the way forward for cybersecurity lies in combining human experience with reliable AI, and we’re positioning Blackwire Labs to guide that transformation. However we’ll do it thoughtfully, staying true to our ideas of transparency, humility, belief, and repair to our clients.
Thanks for the good interview, readers who want to study extra ought to go to Blackwire Labs.
