50 Most Trustworthy Companies of the Year 2021

A transformative cybersecurity company that operates at the intersection of customers and technology partners to define what a cybersecurity solution should be: Cyvatar.AI


In the digital world we live in, cybersecurity has gained immense traction because it protects our data from damage and theft. This includes personally identifiable information (PII), intellectual property, sensitive data, governmental and industry information systems, and protected health information (PHI). Without a proper cybersecurity measure in place, it is very difficult for companies to deal with data breach campaigns, and your company will turn into an irresistible target for cybercriminals. Back in the 90s, simple antivirus software and firewalls were sufficient to keep your data secure. But now, business leaders can no longer afford that luxury and must stay on their toes to remain updated and keep cybercriminals at bay.

Globally there are various cybersecurity experts providing excellent services, but Cyvatar.AI stands out from the rest. Cyvatar is the industry’s first membership-based, cybersecurity-as-a-service (CSaaS) company, empowering members to achieve successful outcomes by providing expert advisors, proven technologies, and a strategic process roadmap to guarantee results that map to their business drivers. The company’s approach is rooted in proprietary ICARM (installation, configuration, assessment, remediation, maintenance) methodology for better, faster security compliance and cyber-attack protection at a fixed monthly price. And because Cyvatar is a subscription, members can cancel anytime. The company is headquartered in Irvine, California, with locations around the world.

In conversation with Corey White, Cyvatar.AI’s Co-Founder & CEO

Q. What inspired you to establish the company?

In many ways, Cyvatar is the perfectly blended vision of a battle-tested CISO -- that’s Craig Goodwin -- and a successful security entrepreneur -- that’s me. For more than two decades, Craig was responsible for building and managing security functions for large global companies like Fujitsu and CDK. He’d used every cybersecurity product and service under the sun, but not one of them provided the outcomes he needed to show the business value to his management. No matter how good a solution seemed, he always needed to make additional investments or build some version of the functionality in-house to get the desired results. Craig co-founded Cyvatar to deliver the outcomes to CISOs he couldn’t get while he was in the trenches. Meanwhile, I spent 25 years watching the security industry fail its customers. As a provider, my position was different from Craig’s, but I suffered from the same kinds of limitations. I, too, was bound by the constraints of the products and services on offer and disappointed in their inability to deliver fundamental business outcomes. I co-founded Cyvatar to prove the industry could change by refusing to accept the status quo and building solutions that put customer needs first.

Cyvatar’s magic is rooted in our commitment to make robust security defense and cyber resilience accessible and affordable to any size organization with any size budget, even if they have no security expertise or personnel. We believe that smaller organizations – including startups – should have the same ability to protect their customer data and sensitive information that large enterprises have. Companies too young or too small to compete for security resources are at a marked disadvantage, especially when we consider there are upwards of 4,000 security products available, each with its own set of deployment and integration requirements. We deliver people, proven processes, best practices, and state-of-the-art technology as a fixed monthly subscription so even organizations with just a handful of employees can defend themselves from the onslaught of today’s cyber threats--like an infinitely customizable Hulu or Pandora account.

Q. How does the Cyvatar platform standout in the cybersecurity space?

Cyvatar’s cybersecurity-as-a-service, or CSaaS, is inherently a member-driven model, allowing providers to focus on access rather than ownership. Instead of selling transactional point solutions or fee-for-services to create what we used to call customer “stickiness,” Cyvatar uses the membership model to level the playing field and democratize cybersecurity, making the best protection accessible and affordable for every size organization, even those with no cybersecurity expertise in house. By replacing ownership with membership, Cyvatar members can select the packages and pricing that meet their unique business needs in seconds; a freemium model ensures they can achieve tangible results fast with no out-of-pocket costs--an industry first. And they can cancel their subscription anytime--another industry first.


Our membership model ensures that customers never have any surprise invoices; the subscription is a fixed monthly cost that only changes if a customer upgrades or downgrades their package. We never sell customers tools or services they don’t need, and because we provide membership-based subscriptions, customers can cancel anytime--we even guarantee value within the first 90 days. No one else in the industry offers a model like ours. We’re pretty proud of that. We never sell customers tools or services they don’t need, and because we have a membership-based subscription service, customers can cancel anytime. They also benefit from the best technology available as it becomes available: We’ll gladly swap out any solution we install if a better offering comes to market—at no additional cost to our customers. I don’t know any other security organization that can say they’re helping people to the same extent that we are because we’ve rooted the company in prevention and continuous remediation. We want to profit from the successful cyber defense—not from failing to keep our customers’ data safe from attack—so we’re always enhancing our platform and upgrading the security tools we deploy. Every day is an exciting new project for us.

Q. Which industries do your solutions best help with? Can any business benefit with what you have to offer?

Without Cyvatar, organizations in every industry are basically going to the supermarket and stocking up on a bunch of ingredients (security tools) without a recipe (best practices, proven processes) or general know-how (human experts) to turn those ingredients into a meal (a fully protected organization). If they want to eat, it doesn’t make sense just to keep buying more ingredients; at some point, they have to combine the ingredients they’ve purchased in the proper order and prepare them at the right temperature to create the necessary outcomes--and that’s what we do for our customers. For companies in the early stages of launching a cyber strategy or that lack the internal staff to build one, we have subscription packages that deliver fast, affordable, fully managed security programs built for any budget. For companies with investments in point products that struggle to demonstrate efficacy and value from their tools, we link existing solutions to long-term strategic processes designed to provide business outcomes, continuous remediation, and ongoing solution maintenance. For companies that are scaling quickly and require a complete cyber roadmap that can grow and scale with them, we build bespoke packages that enable them to execute at speed -- and all of this is true regardless of industry, although we’re very well suited to startup.

Q. Could you share a story where you helped out a client – a client success story?

Stoplight began working with Cyvatar in 2020 to build a fit-for-purpose security strategy using a phased approach that would allow them to grow and scale as they regained business velocity. Cyvatar understood intimately the challenges that come from trying to build and manage a robust security program while trying to grow and scale a new business at the same time. Long experience with startups like Stoplight enabled Cyvatar to prove that cybersecurity confidence didn’t have to be difficult or expensive; in fact, Cyvatar Co-Founder Craig Goodwin pioneered the role of chief trust officer for exactly that reason. After an initial vCISO engagement, Cyvatar quickly became Stoplight’s trusted partner for all things cybersecurity.

Q. Do you have any new services ready to be launched?

We launch updates to our platform roughly every two weeks and we launch new services regularly based on customer need.

Q. What does the future hold for your company and its customers? Are exciting things on the way?

CSaaS is the future of cybersecurity, and Cyvatar is the first-of-its-kind CSaaS company, so we’re pretty well-positioned to deliver on that future now. Our customers already get the best security solutions available for a fraction of the cost of building it themselves -- that will continue. We release new features and updates to our platform all the time, which means there’s something exciting on the way all the time. Our customers know this, and we think it sets us apart. We’ll never stop improving to serve them better, to ensure they get demonstrable value from every security dollar they spend.

In his own words: Corey White

Craig and I launched Cyvatar at the height of the COVID-19 pandemic. I was in southern California and he was in London, making it impossible for us to meet face to face even if we were wearing masks and keeping socially distant. We had to build the platform, hire employees, meet with investors, source technology partners, and deliver to customers entirely on the phone or over Zoom. We got very good very fast at securing remote work because we had to do it for ourselves first.

“Cyvatar fulfills your needs for a robust cybersecurity program through strategy, execution, and resolution– all in one beautiful and intuitive platform.”