When the North Koreans hacked into hospitals, businesses, and banks across the world in 2017, we learned that even the government needs better cybersecurity.
I got a notification last month about T-Mobile’s system being hacked. Again. In fact, I haven’t had to pay for credit monitoring for several years now due to service providers’ having cybersecurity failure.
Even my son studying electrical engineering took classes and considered a career path into cybersecurity. Between Nigerian scammers and unfriendly countries pursuing espionage, cybersecurity is a booming industry these days.
According to Statista, the rate of cybersecurity breaches and exposed records has increased more than 10x since 2005. Since there has been a significant drop in just the last 2 years, can we conclude that new cybersecurity efforts are working? Is there a concern that hackers will be implementing artificial intelligence to derive your data faster than cybersecurity interventions can ferret them out and block their efforts?
Have you been hacked? Has a company you’ve done business with compromised your personal and private information, including your credit card information, medical records via network vulnerabilities to hackers? The more these situations arise, is there an investment opportunity for a cybersecurity disrupter to come in and transform the industry?
The big problem is that cybersecurity hacks go undetected, giving criminal actors hours, days, weeks, and months of access. And while 1 in 5 small companies fall victim to a cyber attack and of those, 60% are typically out of business within 6 months, larger companies who have frequent infractions seem to ignore the necessary infrastructure investment to prevent future hacks.[source: Google]
A few weeks ago, I covered one company (MixMode) using artificial intelligence to detect anomalies that indicate an intruder is exploring where they shouldn’t be. You can catch up on that story again, here.
Here are a few companies addressing the big problem in cybersecurity.
BluBracket helps developers and security teams deal with sensitive information in their source code. It scans for vulnerabilities and incidents, building management capabilities to identify and track. Using artificial intelligence, their system learns so that they can eliminate false positives and prioritize each classified secret by risk.
BluBracket founders, Prakash Linga and Ajay Arora were building Vera, a company in helping data travel securely when they found serious gaps in their ability to secure the code of the enterprise. With other companies also challenged in their attempts to protect valuable IP and systems, they recognized the huge opportunity. They still serve on Vera’s board of advisors, but their primary efforts now are focused on BluBracket.
BluBracket’s most recent round of funding (Series A) was May 2021 and brought the total amount raised to $18.5 million. [source: Crunchbase]
Orca Security focuses its cybersecurity efforts on cloud data. Founded in 2019, Orca Security has focused on building partnerships in the US, UK, Germany, Australia, and Japan. Built on what they refer to as “SideScanning Technology”, they look for vulnerabilities, malware, misconfigurations, lateral movement risk, authentication risk, secret keys, and unsecured personally identifiable information or what insiders refer to as PII. The goal is to instantly protect cloud environments and eliminate attack paths.
With a patent-pending on their SideScanning technology, instead of depending upon agents, network scanners, or cloud security posture managers, they can detect risks in workloads by collecting data directly from the workloads’ runtime block storage. There is no code running in the background and virtually reconstructs bytes and bits into a virtual read-only view, then looks for risks found within the workload.
So far, Orca Security has raised $422 Million, with the most recent round (Series C) in July raising $150 million of that total. Lead investors include Temasek Holdings, CapitalG, Redpoint, and ICONIQ Capital [source: Crunchbase]
Tell me the truth – how many different sites do you use the same relatively complex password just so you can remember it? Or have you used LastPass then forgotten your LastPass password, making the whole thing ineffective?
Beyond Identity focuses on passwordless identity management. Combining cybersecurity expertise with identity management professionals, Beyond Identity is committed to restoring digital trust and building a fundamentally secure way to authenticate and authorize users while protecting privacy.
Their website points out that there are hundreds of billions of passwords, which is a fundamentally insecure authentication model. They are stored insecurely in databases, shared among family and friends, and are reused. Verizon Data Breach Investigations Report estimates that 81% of hacking-related breaches are a direct result of stolen credentials.
Beyond Identity has raised $105 Million so far with their most recent round (Series B) last December raising $75 million of that total. Top investors include Koch Disruptive Technologies, New Enterprise Associates, and James Clark. [source: Crunchbase]
Occasionally, I would be assigned to an investment education workshop in another state. I was given a little plug-in device to connect to the internet through a virtual private network or VPN. That way if I accessed my client notes in SAP or put in an order to turn on access privileges for that client, the credit card and private data wouldn’t be transmitted over public WiFi and easily accessed by hackers. If hackers could have gained access, they’d eventually access larger systems in my employer’s network. Traveling or remote employees need to be using a VPN to prevent these vulnerabilities.
Perimeter 81 promises to deliver simpler, smarter, and more accessible cybersecurity. They particularly focus on supporting companies with remote employees. The goal is to enable companies to break free of legacy hardware and more easily manage their networks and security from a single seamless service delivered from the cloud.
The founders of Perimeter 81 had previously created SaferVPN, which was acquired by J2Global (NASDAQ: JCOM). The basic infrastructure developed at SaferVPN was the basis for Perimeter’s initial product development.
While Perimeter 81 is based in Israel, they have attracted venture funding from US firms. The company has raised $65 Million with $50 million of that total raised in 3 rounds during 2020. Top investors include Insight Partners and Toba Capital. [source: Crunchbase]
Cybersecurity begins with you, me, and anyone who sits down to a computer or opens an app on a device. It also begins with who you choose to do business with. Are you doing business with a service provider that continually has to notify you that your information has been compromised? Consider changing to a competitor with a better record in how they handle personal private information. This way you’re also putting your buying power into companies willing to invest in stronger secure networks.
And by all means – check your password and pin information. Is it random? Are you using the same password on multiple apps and services? And are you using a multi-factor authentication so that when you log in, you get a text or email to confirm it’s you logging in, adding another layer of security?
Invest in protecting your own personal private information through disciplined practice. And then look for opportunities that fit your own personal investing rules to change how we approach security.