75 views
1 hour ago

The new blueprint for cyber resilience

Carlo Minassian, Founder and CEO of LMNTRIX

As cyber threats become faster and more sophisticated, organizations must rethink traditional security models. Carlo Minassian, Founder and CEO of LMNTRIX, discusses the shift toward AI-powered cybersecurity, autonomous SecOps, and the future of enterprise defense.

With over 30 years in cybersecurity and having built and scaled successful MSSP businesses, how has your view of cyber defense evolved from traditional security models to today’s AI-driven era?

Over the last three decades I’ve seen cybersecurity move through several phases. We started with perimeter security, then endpoint protection, then SIEM and SOCs, and today we’re entering the AI era. What’s interesting is that the core objective hasn’t changed. It’s still about preventing attackers from achieving their goals. What has changed is the speed, complexity and volume of attacks. Years ago analysts could manually investigate alerts because there were relatively few of them.

Today that’s simply impossible. Attackers automate reconnaissance, phishing, credential theft and lateral movement, while defenders are overwhelmed with data from dozens of security tools. AI isn’t replacing cybersecurity professionals. It’s becoming the force multiplier that enables analysts to investigate, prioritise and respond in minutes rather than hours. The future isn’t human versus AI. It’s experienced analysts empowered by AI. Attackers now operate at machine speed; AI is how defenders match it without losing human judgment.

AI is now influencing both attackers and defenders. How is this fundamentally changing the cyber threat landscape for enterprises and security leaders?

AI is making both sides faster, but not necessarily smarter. For attackers, AI lowers the barrier to entry. It enables more convincing phishing, faster malware development, automated reconnaissance and highly personalised social engineering. On the defensive side, AI allows us to process enormous amounts of telemetry, identify patterns humans would never find manually and dramatically reduce investigation time.

The organisations that win won’t simply be the ones with the most AI. They’ll be the ones that combine AI with high quality telemetry, experienced analysts and disciplined operational processes. AI without visibility is confidently wrong at scale which is worse than the SIEM garbage-in garbage-out problem.

In your experience, what are the biggest gaps in today’s Security Operations Centers, especially when it comes to detection speed and response efficiency?

The biggest misconception is that SOCs have a detection problem. In reality, most have an execution problem. They already generate more alerts than analysts can realistically investigate. The challenge is validating what’s real, understanding business impact and responding quickly enough to contain threats before they spread.

Many SOCs are also operating across fragmented technologies. Endpoint data sits in one platform, network in another, identity somewhere else, cloud somewhere else. Analysts spend too much time moving between consoles instead of investigating attacks.

The future SOC isn’t about hiring ten times more analysts. It’s about giving analysts a unified view of the attack and automating the repetitive work so they can focus on high value decisions.

The customers I have met in GCC so far, don’t have an alert problem. They have a response problem. To put numbers on it: we triage and validate over 90% of alerts within 30 minutes, and contain confirmed threats in the same window. Compare that to environments where alerts sit untouched for days – that’s the gap attackers live in.

LMNTRIX is positioned around AI-driven XDR and Autonomous SecOps. What core problem were you aiming to solve, and how is your approach different from traditional SIEM and SOC models?

When we founded LMNTRIX, we asked a simple question. Why are organisations spending millions on cybersecurity and still struggling to detect and stop attacks quickly? They are all compliant. They all use Gartner magic quadrant vendor security products. They have invested in a SOC with all the necessary talent. So why are they still getting breached? The answer was fragmentation. Every vendor specialised in one part of the attack surface. Customers ended up managing multiple consoles, multiple data sources and multiple security teams. Imagine a Formula 1 pit stop. Instead of one coordinated pit crew, imagine:

  • One company changes the tyres.
  • Another refuels.
  • Another cleans the visor.
  • Another checks the engine.
  • None of them talk to each other. Eventually the car gets back on the track….but far slower than it should.

That’s what many SOCs look like today. We took a different approach by building a native XDR platform that unifies endpoint, network, identity, cloud, email and threat intelligence into a single operating model. AI then sits on top of that foundation to automate investigation, accelerate analysis and improve response. That’s a fundamentally different model from simply collecting logs into a SIEM and expecting analysts to manually connect the dots.

As cyber threats become more automated and sophisticated, what practical steps should organizations take today to strengthen cyber resilience and reduce response time?

There are five things I’d encourage every organisation to focus on.

  • First, reduce complexity. Every additional disconnected security product creates another operational gap.
  • Second, assume compromise. Design your security around rapid detection and response rather than believing prevention will always succeed.
  • Third, strengthen identity security because identity has become the primary attack vector.
  • Fourth, invest in automation to reduce investigation and containment time.
  • Finally, regularly test your response capability.

The best incident response plan is the one you’ve already practised. Cyber resilience isn’t measured by how many products you own. It’s measured by how quickly you can detect, contain and recover.

What is LMNTRIX’s investment and growth strategy in the Middle East, and what can regional enterprises expect from the company in the coming years?

The Middle East is one of the fastest growing cybersecurity markets in the world. Governments and enterprises are investing heavily in digital transformation, cloud adoption and critical infrastructure, and cybersecurity has become a board level priority. Our investment isn’t simply about opening another office.

We have just appointed Amanulla Khan as our regional VP for Middle East, Turkey and Africa, we’re moving our XDR platform into UAE and KSA cloud regions for local data residency, and we’ve signed multiple distributors alongside nine partners currently in training. That’s the foundation – local leadership, local data residency, and a regional partner ecosystem – and it reflects how seriously we take this market.

We see the UAE as a strategic gateway into the wider GCC and MEA region. Over the coming years, customers can expect continued investment in our AI capabilities, expansion of our regional ecosystem and a strong focus on helping organisations simplify security operations while improving cyber resilience.

LMNTRIX has built a strong reputation in AI-driven cybersecurity. As you scale globally, what qualities do you look for in channel partners, and how are you enabling them to deliver greater value to customers beyond simply reselling your technology?

The partners we value most are not simply looking to resell another cybersecurity product or manage yet another vendor solution. We value partners who have already gone down the path of building a SOC using the traditional log and SIEM based approach and realise the fallacy of that model. The traditional SIEM-based SOC model is structurally hard to run profitably – many MSSPs end up subsidising it.

We look for partners who understand customer risk, who have strong relationships in their market, and who want to help customers improve their actual security operations. Cybersecurity has become too complex for a transactional sales model. Customers need advisory capability, deployment expertise, ongoing engagement and accountability for outcomes.

So the best partners for LMNTRIX are those who can sit with a CISO or board and talk about reducing detection time, improving response capability and strengthening resilience, not just selling another platform. We enable partners in several ways. We give them access to our XDR platform, our managed detection and response capability, technical training, sales enablement, demo environments, co-selling support, and where appropriate, white-label options so they can build their own managed security offering powered by LMNTRIX.

The goal is to help partners move higher up the value chain. Instead of competing on margin from product resale, they can deliver a cyber operations capability that creates long-term customer value.

Which industries are seeing the strongest demand for LMNTRIX’s solutions, and what’s driving their adoption?

We are seeing the strongest demand from sectors where cyber risk directly impacts business continuity, national infrastructure, customer trust or regulatory exposure. That includes financial services, government, energy, and increasingly across aviation, healthcare and telecoms.

What is driving adoption is a combination of factors.

  • First, organisations are dealing with more sophisticated threats, especially ransomware, credential theft, identity-based attacks and supply chain risk.
  • Second, their environments are becoming more complex across cloud, endpoint, network, identity, email and OT.
  • Third, there is a shortage of experienced cyber talent, which makes it difficult for organisations to build and operate advanced security operations internally.

For many customers, the question is no longer whether they need better detection and response. The question is how quickly they can achieve it without adding more complexity to an already overloaded security environment. That is where LMNTRIX becomes relevant. We help organisations consolidate visibility, improve detection, accelerate investigation and reduce response time across the attack surface.

You’ve had an incredible journey-working with global leaders like IBM and Dimension Data, founding earthwave, and now leading LMNTRIX as Founder and CEO. Looking back across all these experiences, what would you say is the biggest lesson you would pass to the next generation of tech leaders?

The biggest lesson I would pass on is that technology changes, but the fundamentals of building a great company do not.

Across my career, from working with global technology leaders to founding earthwave and now building LMNTRIX, I have learned that success does not come from chasing every trend. It comes from understanding a real customer problem deeply, building something that solves it, and having the resilience to keep going when the market is difficult.

In cybersecurity especially, trust is everything. Customers are not just buying software from you. They are trusting you to protect their business, their people, their reputation and sometimes their ability to operate. That responsibility has to shape the way you build the company.

My advice to the next generation of tech leaders would be: stay close to customers, build with conviction, surround yourself with strong people, and do not confuse hype with value. The market will always move, but if you solve a real problem and keep your standards high, you give yourself the best chance of building something meaningful.


Leave a Reply

Don't Miss

Amanulla Khan, Regional Vice President META, LMNTRIX

LMNTRIX appoints Amanulla Khan as Regional Vice President for META

LMNTRIX announce the appointment of Amanulla Khan as Regional Vice President for

Welcome to

By signing or creating an account you agree with our Code of conduct & Privacy policy