It has been a crazy two days at Israel’s Cyber Tech 2015…in a good way! The exhibition hall was split into three sections: the booths of the established companies, the startups pavilion and the Cyber Spark arena. It was like examining an x-ray of the emerging cyber industry in Israel, where on one hand you have the grown-ups whom are the established players, the startups/sprouts seeking opportunities for growth, and an engine which generates such sprouts—the Cyber Spark. I am lucky enough to be part of the Cyber Spark growth engine which is made up of the most innovative contributors to the cyber industry in Israel—giants like EMC and Deutsche Telekom, alongside Ben-Gurion university and JVP Cyber Labs. The Cyber Spark is a place where you see how ideas are formed in the minds of bright scientists and entrepreneurs which flourish into new companies.
It all started two days ago, twelve hours before the event hall opened its doors, with great coverage by Kim Zetter from Wired on the BitWhisper heat based air-gap breach, a splendid opening which gauged tremendous interest across the worldwide media on the rolling story of air-gap security investigated at Ben-Gurion university Cyber Research center. This story made the time in our booth quite hectic with many visitors interested in the details, or just dropping by to compliment us on our hard work.
I had enough time to go and visit the startups presenting at the exhibition which were the real deal—as someone living in the future—and I wanted to share some thoughts and insights on what I saw. Although each startup is unique and has its own story and unique team, there are genres of solutions and technologies:
Going under the name of analytics, big data or BI there were a handful of startups trying to solve the problem of security information overload. And it is a real problem; today security and IT systems throw hundreds of reports every second and it is impossible to prioritise what to handle first and how to distinguish between what is important and what is less important. The problem is divided to two parts: the ongoing monitoring and maintenance of the network and managing the special occasions of post-breach—the decisions and actions taken post-breach are critical since the time is pressing and the consequences of wrong actions can damage the investigation. Each startup takes its own angle at this task with unique advantages and disadvantages and it is fairly safe to say that the security big data topic is finally getting a proper treatment from the innovation world. Under the category of analytics, I also group all the startups which help visualise and understand the enterprise IT assets addressing the same problem of security information overload, in their own way.
Security of mobile devices—laptops, tablets and phones—is a vast topic including on-device security measures, secure operating systems, integration of mobile workers into the enterprise IT and risk management of mobile workers. This is a topic that has been addressed by Israeli startups for several years now, and finally this year it seems that enterprises are ready to absorb such solutions. These solutions help mitigate the awful risk inherent in the new model of enterprise computing which is no longer behind the closed doors of the office—the enterprise is now distributed globally and always moving where part of it can be on the train or at home.
We all know passwords are bad. They are hard to remember and most of all insecure and the world is definitely working toward reinventing the ways we can authenticate digitally without passwords. From an innovative point of view, startups of authentication are the most fascinating as each one comes from a completely different discipline and aims to solve the same problem. Some base their technology on the human body, i.e., Biometry, and some come from the cryptographic world with all kinds of neat tricks such as zero knowledge proofs. From an investor point of view, these startups are the riskiest ones since they all depend on consumer adoption eventually and usually only one or two get to win and win big time while the rest are left deserted.
Although it is weird to see consulting companies in the startups pavilion, in the world of security it makes a lot of sense. There is a huge shortage in security professionals globally and this demand serves as the basis for new consulting powerhouses that provide services such as penetration testing, risk assessment and solution evaluation - the Israelis are well known for their hands-on expertise which is appreciated across the world by many organizations.
Security in the Cloud
The cloud movement is happening now, with a large part of it and enabler to it being security—and startups of course do not miss out on that opportunity as well. Cloud security is basically the full range of technologies and products aimed to defend the cloud operations and data. In a way, it is a replica of the legacy data center security inventory simply taking a different shape to adapt better to the new dynamic environment of cloud computing. This is a very promising sector as the demand curve for it is steep and will continue to steepen.
This was a refreshing thing to see with Israeli startups which tend to focus, in recent years, mostly on software. A range of cool devices starting from sniffers to backup units and wifi blockers. I wonder how it will play out for them as the playbook for hardware is definitely something different than software.
SCADA always ignites the imagination thinking to critical infrastructure and sensitive nuclear plants—a fact which has definitely grabbed the attention of many entrepreneurs looking to start a venture in the interest of solving these important issue. Problems such as inability to update those critical systems, lack of visibility with regard to attacks on disconnected devices, and ability to control the assets in real time in the case of attacks. The real problem with SCADA systems is the risk associated with an attack that anyone would try to avoid at all costs, while the challenge for startups is the integration into this diverse world.
IOT security is a popular buzzword now and hides behind it a very complicated world of many devices and infrastructures in which there is no one solution fits all resolution. Although there are startups which claim to be solving IOT security, I project that with time, each one of them will find its own niche—which is sufficient as it's a vast world with endless opportunism. A branch of IOT that was prominent in the exhibition was car security with some very interesting innovations.
Data Leakage Protection
As part of the post breach challenge, there are quite a few startups focusing on how to prevent data exfiltration. From a scientific point of view, it is a great challenge consisting of conflicting factors—the tighter the control is on data, the less convenient it is to use the data on normal days.
Web Services Security
The growing trend of attacks on websites which has taken place in recent years and the tremendous impact this makes on consumer confidence, i.e., when your website gets defaced or is serving malware, grabbed the Israeli startups attention. Here we can find a versatile portfolio of active protection tools which prevent and deflect attacks, scanning services which scan websites and tools for DDOS prevention. DDOS has been in the limelight recently and with all the botnets out there, it is a real threat.
Insider threats are one of the biggest concerns today for CISOs where there are two main attack vectors: the clueless employee and the malicious employee. This threat is addressed from many directions, starting with profiling the behaviour of employees, profiling the usage of data assets and protecting central assets like Active Directory. This is definitely going to be a source for innovation for the upcoming years as the problem is diverse and difficult to solve, in that it involves the human factor.
Software vulnerabilities was, is and will be an unsolved problem and the industry tackles it in many different ways, ranging from from code analysis and code development best practices, vulnerability scanning tools and services and active protections against exploitations. Vulnerabilities are the mirror reflection of APTs and here again there are many unique approaches to detect and stop these attacks, such as: endpoint protection tools, network detection tools, host based protection system, botnets detection and honeypots aiming to lure the attacks and contain them.
What I did Not See
Among the things I did not see there: tools which attack the attackers. developments in cryptography. containers security. security & AI and social engineering related tools.
I regret that I did not have much time to listen to the speakers…I heard that some of the presentations were very good. Maybe next year at Cyber Tech 2016.