Should you have time to wander through some of the myriad of startups that are listed on Angel List or any similar sites, you will find that a growing number of new players.
Each has picked a niche that the incumbent security players are not addressing adequately. As a result the variety of offerings is immense and this is itself educational to how broad the problems are facing CISO’s today.
Enjoy a stroll with these 10.
1. Cyber Security Simulation
Vthreat - this is a startup that provides a SaaS for testing your security. In essence provides a simulation of an attack. What I like about this product is that it allows you to exercise your company’s incident response. At the same time will allow you to validate your team and the controls that are in place.
Clearly any simulation tool can never provide 100% assurance, but this is a reasonable starting point.
2. Cloud Endpoint
Thin Air – the ideas of a Cloud SaaS doesn’t sound that interesting. However this is all about smart storage systems that understand corporate policies. What this means is that information that is sensitive such as personal info or credit card information is managed automatically by the platform.
Where I should not have access to credit card information then this masked and redacted. Moreover changes to this access is controlled with mobility enabled functionality to press “1” to allow access or “2” to deny.
3. Gamify (Cyber Security Education)
Apozy – is all about educating your team on what is right and wrong. Based on the common sense understanding that people are the weakest link, how do you educate them on threats and hackers.
The Gamification approach hides the fact that this provides some real value to bringing your team to the right level of awareness.
4. Machine Learning for Data Loss Prevention
Check Recipient – This about avoiding the oops, I didn’t mean to send that to that competitor. Despite the reference to AI it is not scary or complex, the machine learning operates in the background to prevent you sending email to the wrong person(s).
The message is analysed against the social network and your normal inbox with textual analytics.
5. Secure Office 365 Documents
Vera – this has been described as “Snapchat for files and documents”, but forgetting that connotation this allows a user to apply security to any file for Office 365 users.
Simply right click on the file to choose encrypt and this is then sent to a 3rd party with the security policy, which is de-encrypted on arrival as an email. Also 365 office files can be protected in Sharepoint or Onedrive.
Any usage of this file is tracked and you can stop access with a recall button, this can be revoked on your mobile phone.
6. Malops - Detection of Attacks
Cybereason – we can never be 100% sure that we are able to detect any attack. This startup was started by former Israeli intelligence officers and it is all about being able to detecting attacks as the happen, what they have termed as Malops (Malicious Ops)
The assumption is that you can’t prevent the hackers but you want to be able to identify malicious activity. Cybereason profiles everything in the environment and cross compare, but it does require an installation on every device.
7. and 8. Document Security
Doc Send and Doc Tracker – there are two new startups with similar offerings. As we are aware that most data (85%) is still stored in documents we need to have stronger security on this once it leaves our premises.
These solutions allow you to track: who opened, who read, how long on each page and was it forwarded to others.
Doc Tracker has the same functionality but also allows you to remotely destroy the document.
9. IP Protection
Shield Square and Distill Networks – For some CISOs, there is also the ancillary responsibility for managing brand trust.
Distill Network is a startup works to protect websites from BOT attacks, it runs on a virtual cloud or a private enterprise server. It is able to detect and stop, competitors from price scraping your websites. Also will allows you to protect your brand logos and images from scraping.
Shield Square provides similar functionality to protect your IP from malicious bot traffic. The value proposition for using such products is that it stops competitors in eCommerce space from copying your prices, with the tool providing ‘fake’ prices to the bots.
10 . Uber for Security People
SleathWorker.com – there is a shortage of IT Security staff in Australia and I have been asked nearly every month to recommend for a role. When you can’t find a resource or your team is short staffed then you will need to be able to find some suitable resources.
The alternative is to engage a 3rd party managed service, which will come at a cost. What we need is a Uber offering of skilled resources that are able to provide this as a service.