{
  "docId": "019dd923-5f69-752d-a9b7-c358ba7e7e04",
  "docSlug": "RIsOW4tuYUFGPo8lUulp",
  "documentTitle": "This pitch deck won cybersecurity firm IriusRisk $6.7 million in a funding round backed by Voi investor JME Ventures",
  "authorId": "Pitchdecks",
  "authorName": "IriusRisk",
  "documentKindSlug": "pitchdeck",
  "documentKindLabel": "Pitch deck",
  "sourceTypeSlug": "strategy_consulting",
  "sourceTypeLabel": "Strategy consulting",
  "presentationDate": null,
  "orientation": "landscape",
  "aspectRatio": 1.784,
  "pageNumber": 3,
  "pageCount": 11,
  "prevPage": 2,
  "nextPage": 4,
  "slideType": "problem_statement",
  "function": "frame_problem",
  "density": "overcrowded",
  "nDataPoints": 6,
  "notes": "Uses a cost-of-remediation chart to justify the need for automated threat modeling.",
  "elementsJson": [
    "headline_text",
    "donut_chart",
    "bar_chart_vertical",
    "bullet_list",
    "footnote"
  ],
  "metadataConfidence": 1,
  "imagePath": null,
  "slideHref": "/slides/019dd923-5f69-752d-a9b7-c358ba7e7e04/3",
  "deckHref": "/decks/019dd923-5f69-752d-a9b7-c358ba7e7e04",
  "deckJsonHref": "/decks/019dd923-5f69-752d-a9b7-c358ba7e7e04.json",
  "deckAnchorHref": "/decks/019dd923-5f69-752d-a9b7-c358ba7e7e04#slide-3",
  "components": [
    {
      "bbox": null,
      "kind": "callout",
      "text": "Fixing security design flaws after release is 100x more expensive than fixing them during design",
      "attrs": null,
      "subkind": null,
      "toolName": "Visual emphasis",
      "toolSlug": "visual-emphasis",
      "confidence": null,
      "componentId": "019dd952-a28e-768f-b414-9eea436e084e",
      "frameworkName": null,
      "frameworkSlug": null
    },
    {
      "bbox": {
        "h": 0.35,
        "w": 0.35,
        "x": 0.05,
        "y": 0.5
      },
      "kind": "chart",
      "text": "Cost of fixing security flaws across development lifecycle stages",
      "attrs": null,
      "subkind": "bar-vertical",
      "toolName": null,
      "toolSlug": null,
      "confidence": null,
      "componentId": "d219b3e4-2d25-473e-a256-1b06a2c2f236",
      "frameworkName": null,
      "frameworkSlug": null
    },
    {
      "bbox": {
        "h": 0.25,
        "w": 0.45,
        "x": 0.5,
        "y": 0.18
      },
      "kind": "list",
      "text": "Designing a secure application is complex: Explosion of new technologies, Changing regulations, Increasing complexity, Security as a barrier to speed.",
      "attrs": null,
      "subkind": "bullet",
      "toolName": null,
      "toolSlug": null,
      "confidence": null,
      "componentId": "22b3b64e-056e-4baa-9e47-0fc6a74dc832",
      "frameworkName": null,
      "frameworkSlug": null
    },
    {
      "bbox": {
        "h": 0.35,
        "w": 0.45,
        "x": 0.5,
        "y": 0.52
      },
      "kind": "list",
      "text": "Doing it manually does not scale: Need for speed/consistency, Manual analysis is expensive, Threat modeling is slow ($3000/app), Static documents don't fit DevOps.",
      "attrs": null,
      "subkind": "bullet",
      "toolName": null,
      "toolSlug": null,
      "confidence": null,
      "componentId": "4f065a87-0193-4bb2-9945-bd67013eca39",
      "frameworkName": null,
      "frameworkSlug": null
    },
    {
      "bbox": {
        "h": 0.15,
        "w": 0.1,
        "x": 0.06,
        "y": 0.2
      },
      "kind": "metric",
      "text": "50%",
      "attrs": null,
      "subkind": "big-number",
      "toolName": null,
      "toolSlug": null,
      "confidence": null,
      "componentId": "8730f84a-96e9-4a2b-b1e5-ae7cd1f86698",
      "frameworkName": null,
      "frameworkSlug": null
    },
    {
      "bbox": null,
      "kind": "metric",
      "text": "Cost of fixing security flaws: 100x",
      "attrs": null,
      "subkind": "primary",
      "toolName": "Quantification",
      "toolSlug": "quantification",
      "confidence": null,
      "componentId": "019dd952-a28e-768f-b414-a4b62c733daf",
      "frameworkName": null,
      "frameworkSlug": null
    },
    {
      "bbox": {
        "h": 0.08,
        "w": 0.2,
        "x": 0.16,
        "y": 0.23
      },
      "kind": "paragraph",
      "text": "Of software security vulnerabilities are flaws in the design*",
      "attrs": null,
      "subkind": "paragraph",
      "toolName": null,
      "toolSlug": null,
      "confidence": null,
      "componentId": "057f8565-487e-4102-9776-9555d6e27e15",
      "frameworkName": null,
      "frameworkSlug": null
    },
    {
      "bbox": null,
      "kind": "quote",
      "text": "Dr Gary McGraw International Electrical and Electronics Engineers Center for Secure Design",
      "attrs": null,
      "subkind": null,
      "toolName": "Authority citation",
      "toolSlug": "authority-citation",
      "confidence": null,
      "componentId": "019dd952-a28e-768f-b414-a3dd43eb1d39",
      "frameworkName": null,
      "frameworkSlug": null
    },
    {
      "bbox": {
        "h": 0.05,
        "w": 0.35,
        "x": 0.05,
        "y": 0.92
      },
      "kind": "source-note",
      "text": "*Dr Gary McGraw International Electrical and Electronics Engineers Center for Secure Design",
      "attrs": null,
      "subkind": null,
      "toolName": null,
      "toolSlug": null,
      "confidence": null,
      "componentId": "c9b53793-05e5-4e85-b163-df251cd35243",
      "frameworkName": null,
      "frameworkSlug": null
    },
    {
      "bbox": {
        "h": 0.08,
        "w": 0.25,
        "x": 0.03,
        "y": 0.04
      },
      "kind": "title",
      "text": "The Problem",
      "attrs": null,
      "subkind": "headline",
      "toolName": null,
      "toolSlug": null,
      "confidence": null,
      "componentId": "a46e6102-1a6d-4782-b874-a9c56ac20aef",
      "frameworkName": null,
      "frameworkSlug": null
    }
  ],
  "metrics": [],
  "tools": [],
  "frameworks": [
    {
      "name": "cost-of-remediation",
      "slug": null,
      "matchId": "abb2a642-e8da-422f-a6a0-0b46f2099d10",
      "evidence": "Chart showing exponential cost increase from design to release",
      "confidence": 0.9
    }
  ],
  "arcBeats": [
    {
      "to": 3,
      "from": 3,
      "beatId": "bd24aac0-0685-4e56-9c1a-ef6cdb0801d2",
      "arcName": "Problem-Agitate-Solution",
      "arcSlug": "problem-agitate-solution",
      "beatName": "The Problem",
      "beatSlug": "problem-agitate-solution-problem-identify-pain",
      "evidence": "problem statement",
      "position": 0,
      "confidence": 0.8,
      "parentBeatName": "Complication",
      "parentBeatSlug": "complication"
    }
  ],
  "loops": [
    {
      "to": 11,
      "from": 3,
      "name": "Cost Of Inaction",
      "slug": "27-cost-of-inaction",
      "bestFor": "Urgent budget requests, compliance, risk mitigation",
      "matchId": "b55ee9a2-348f-4e5d-90bb-ec3ecef3f0eb",
      "evidence": "problem statement and market timing",
      "position": 0,
      "objective": "What is the cost of not securing software development?",
      "structure": "The Status Quo -> The Hidden Costs Accumulating -> The Future State of Inaction -> The Tipping Point",
      "confidence": 0.6,
      "description": "Quantify what happens if the audience does nothing"
    }
  ],
  "imagePathAlt": null,
  "thumbSrc": null,
  "thumbSrcAlt": null,
  "locked": true
}