Back in 2015 and 2017, I ran articles in Inc. about various innovative Israeli startups, in which I featured firms that I selected based on numerous discussions that I had had with tech-company CEOs and with journalists who cover the Israeli startup scene. For various reasons, when I wrote those two pieces, I intentionally featured innovators from outside of the information-security sector.
Today, however, after, having had literally hundreds of conversations with, and about, Israeli cybersecurity companies, I thought that I would mention to my readers a few of the firms that I find interesting. This list is not in any particular order, nor is it even remotely comprehensive (I am personally aware of well over 100 privately-held Israeli cybersecurity companies) – it is, however, illustrative of some of the areas of risk and of innovation that are presently on my mind.
As I have discussed previously in multiple contexts, including when it comes to threat intelligence, small businesses often lack many of the cybersecurity capabilities of larger firms – a terrible irony when one considers that not only do the majority of cyberattacks target small businesses, but that attacks against small businesses are far more likely than those against larger firms both to be successful and to inflict existential-damage.
One area in which small businesses often suffer from serious deficiencies is that of any formally-structured security operations center (SOC); smaller businesses simply rarely have any internal equivalent to the dedicated unit within larger enterprises that is responsible for constantly and perpetually managing and improving the organization’s security posture. Because they lack a SOC or the equivalent, many smaller businesses often have no way to fully correlate information from multiple security tools, lack a window into risks impacting various areas of their infrastructure, and miss “the big picture” when it comes to certain incidents. Of course, some elements of the SOC may be outsourced to third parties – but, ultimately, because some decision making must remain internal, some functions must be carried out by the firm itself.
While many approaches are currently being tried taken to address the challenges of replicating SOC-like functions in a smaller business, Cyrebro’s offering of what is essentially a cloud-based SOC-as-a-Service seems interesting. In fact, the simultaneous robustness and simplicity of its output is one of the elements that seems attractive – translating data into straightforward recommendations.
Hospitals and other medical facilities are among the most frequently targeted by hackers – criminals know that hospital systems are both often extremely poorly protected, as well as also among the least tolerant to outages due to potentially life-threatening situations that may be created as a result of systems going offline.
For years, in articles, lectures, and books I have discussed how the spread of IoT and AI technologies – both individually and together – are dramatically increasing the danger to human life posed by cyberattacks on healthcare facilities. About 15 years ago, when I mentioned in a talk that hackers would soon be able to manipulate treatment devices, modify imaging and test results, modify patient records, and take operating room computers offline, several members of the audience told me that I was paranoid. Today, of course, we know that all of these types of attacks are not only possible, but have already been demonstrated
In fact, we now face a scary reality – at the same time that hospitals are using a rapidly growing number of connected, smart devices, so many hospital systems remain severely deficient from a security and privacy perspective. And because the issues involved continue to appear increasingly daunting, I am interested in Medigate – a company that focuses on securing IoT and other specialized systems that live in hospital settings.
“Pay me this ransom or I will cause your car to crash while you are driving at high speed!”
While the aforementioned demand is quoted not from an actual ransomware strain but rather from a presentation that I gave about 7 years ago, such attacks are no longer the domain of futurists and science fiction writers. We have already seen demonstrations of crippling hack attacks on cars – and there is little doubt that as cars, busses, and trucks become increasingly reliant on technology, attacks will grow increasingly dangerous; it is only a matter of time until hackers kill someone through a cyberattack on a car.
Hence my interest in Argus (now owned by the European automotive conglomerate, Elektrobit) which makes technology to both protect the electronic control units (ECU) used in today’s motor vehicles, as well as to monitor, analyze, and react to motor vehicle network communications, in order to detect and prevent attacks. The firm has also expanded into cybersecurity systems for aircraft.
While the COVID-19 pandemic has certainly made more people than before think about the need for easy-to-use secure remote access technology, my personal interest in the field began much earlier.
I was first tasked with providing secure remote access to business applications and network resources over 25 years ago. Since then, I have had the opportunity to work with, to help design, and even to write a book about – various cutting edge systems. As you can imagine, I continue to have interest in related developments – and remain curious to learn about new offerings as they emerge – hence my interest in agentless, scalable, application agnostic, and zero-trust offerings such as those from Axis Security.
One of the cyber-dangers that I have discussed repetitively throughout the COVID-19 pandemic (and before) is the reliance by organizations whose employees work remotely on the security of home routers and home networks about which the organizations typically know very little, and over which they usually exert no control; I have lost track as to how many times since last March I have been greeted with deafening silence when I asked CEOs and CISOs who had consulted with me about securing remote worker connections, what models of routers their employees utilize to protect their home-based-work networks, and when those devices were most recently audited or patched. At the same time, I can easily remember how many members of senior management at the end of our discussions expressed confidence that all of their employees’ home routers (and associated environments) were properly secured against attacks from infected computers and/or IoT devices – because that number was zero. My concern about routers – and the tremendous danger created by the expanded use of IoT devices (that typically do not run any security software equivalent to the robust packages run on laptops) – led me to take a look at players in the space such as SAM Seamless Network.