NCSC for Startups

NCSC for Startups is a cyber accelerator program that involves onboarding cybersecurity startup companies for technical collaboration and better outcomes. The new initiative is a cooperation between the NCSC and Plexal, with additional partnerships with CyNam, Deloitte, Hub8, and QA.

NCSC for Startups will aid new firms with established cybersecurity solutions, which are looking to expand their reach into new markets and support the NCSC’s mission to make the U.K.’s digital space secure. The initiative will also:

• Shape technical challenges to focus on areas of interest
• Work together and directly with startup companies to influence their products
• Provide technical leadership and influence to encourage the growing cyber eco-system

The NCSC has selected five cybersecurity innovators to work with the U.K.’s cybersecurity experts to address the most prevalent cyberthreats in the country. The first five startups are:

1. PORGiESOFT – The EdTech startup offers cyber fraud detection services for enterprise employees
2. Exalens – Provides inexpensive threat detection services
3. Enclave – Helps organizations in creating Zero Trust overlay networks
4. Meterian – Provides a sustainable line of defense for apps that use open-source software
5. Rebellion Defense – Leverages AI to defend national security systems against threats like ransomware

The selected startups will receive direct support from the NCSC’s experts and Plexal’s cyber innovation team to obtain wider technical and commercial opportunities with the industry partners across the U.K.’s cybersecurity ecosystem.

Commenting on the new initiative, Chris Ensor, NCSC Deputy Director for Cyber Growth, said, “The U.K. has a thriving cybersecurity industry. Finding great ideas that can help protect all areas of society is a key part of our mission and we look forward to collaborating with more startups as the program rolls on.”

“The NCSC understands the U.K.’s cybersecurity challenges better than anyone, and the opportunity for innovative startups to benefit from its world-class insight and expertise is unique. Combined with Plexal’s extensive track record in supporting startups to become market leaders, NCSC For Startups will help companies address some of the most challenging security problems facing the government, businesses, and society now and in the future,” said Saj Huq, Director of Innovation at Plexal.

The post NCSC for Startups Initiative will Address U.K.’s Cybersecurity Challenges appeared first on CISO MAG | Cyber Security Magazine.

This is a special time, with special requirements. When the workforce is spread out, organizations take on a lot of cloud services and run a risk of losing control.

What does Authomize Offer?

Authomize stands for Authority + Automation. It provides a non-intrusive path to turn authorization management chaos to operational efficiency. It provides a singular platform to view and manage authorization and permission sprawls of all scattered applications across all environments. The artificial intelligence (AI) based platform monitors and generates prescriptive security and operational recommendations.

How it Works?

The platform consists of a prescriptive analytics engine called SmartGroups. This engine continuously monitors the data from all apps that the user accesses. It learns the network architecture between resources, identities, entitlements, and their usage. The AI component of the engine then applies these observations and recommends user to take grant only necessary authorizations.

Additionally, the Authomize platform offers compliance templates, automated (re)certification campaigns, alerts on violations and generates audit and compliance reports to help the already overwhelmed IT teams.

Dotan Bar-Noy, Co-Founder of Authomize said,  “This is a special time, with special requirements. When the workforce is spread out, organizations take on a lot of cloud services and run a risk of losing control. The current Identity Governance and Administration (IGA) tools lack the ability to provide the intelligence and automation needed to make informed and efficient decisions. With Authomize, IT and Security teams can make highly informed decisions or choose to automate processes, removing the need to compromise between IT efficiency and impeccable security hygiene.”

The post Authomize Raises $6Mn to Come out of Stealth Mode appeared first on CISO MAG | Cyber Security Magazine.

“I observed that the state of Andhra Pradesh was the first to implement eSeva. But IIT students did ethical hacking on the state government assets and found vulnerabilities. We advised the government about this,” said Chowdary.

eSeva is a portal for government to citizen services.  It lists various services, government notices, forms, and orders. It is also a gateway to other industry portals in the state. A note on the homepage says the portal uses “State-of-the-art” technology.

Chowdary said that there are ongoing efforts to set up training institutes and online platforms like Upgrad to increase cybersecurity awareness and address the skills shortage in the country, naming the International Institute of Digital Technologies (IIDT) as an example.

Chowdary who is also the Chairman of the Indian Blockchain Standards Committee, said “This institute will be run by industry professionals and will implement the latest cyber curriculum. It will offer a one-year course. We also plan to introduce a two-year cybersecurity program in Coimbatore run by industry professionals. The pedagogy will include business case studies,” informed Chowdary.

In his role as IT Advisor to the Government of Andhra Pradesh, India, his task was to mobilize investments, create an IT ecosystem, and create employment opportunities. Chowdary will also serve as ex-officio Secretary to the Government in the Chief Minister’s Office. His role includes advising and assisting the government in bringing in investments, generating employment, and encouraging innovation and start-up activities.

He earlier served as the Chairman of the Board of Software Technologies Parks of India (STPI), Hyderabad and Chennai, India. He was one of the key personalities instrumental in bringing about an IT revolution in Hyderabad. He is a well-networked in the Indian IT industry and is a close advisor to former Andhra Pradesh Chief Minister N. Chandrababu Naidu.

The post Indian Professionals to Set Up Intensive Cybersecurity Training Programs: JA Chowdary appeared first on CISO MAG | Cyber Security Magazine.

Israeli entrepreneurs used these initiatives, turning inward to developed technologies aimed at addressing various industry pain points in the defense, communications, and health care sectors. The non-stop breakthroughs which came out of Israel caught the attention of global headlines and of venture capital firms.

By Zohar Rozenberg, Chief Security Officer at Elron

During these earlier years, I was involved in the formalization of Israel’s National Cyber Strategy and saw firsthand the power governments hold in inspiring and enabling its citizens to come together under the umbrella of innovation. Today, along a strip spanning 15 Km by 3 Km between Tel Aviv and Herzliya, one can find 348 Investors all thriving, thanks to those private and public partnerships from years ago. This beachfront strip barely developed just 100 years ago, has boomed into a Middle East oasis of investors, developers, and entrepreneurs that has become the epicenter of today’s digital revolution.

For governments who are thinking of how to build and harbor a notable cyber ecosystem, collaboration is a necessity. Domestic collaboration begins by acknowledging how much the public and private sectors are natural partners. When governments provide grants for academic research, startups, and innovation centers, there will be a continuous flow of new technologies that will act as the lifeblood of their ecosystems. Collaboration also needs to occur between foreign governments. Cross-border partnerships make for better-secured infrastructure and invites global tech companies to develop global R&D centers leading to the sharing of expert knowledge.

Governments not only hold the power to energize private entities but hold the ability to prepare today’s youth for future contributions across the ecosystem. Incorporating cyber education into school curriculums will create a mindset of online responsibility from the moment students begin navigating the web on their own. This engrained online vigilance will make them more desirable to cyber firms and harbor an ability to better contribute to every aspect of the ecosystem in the future.

A slogan of ‘stronger together’ needs to be at the forefront of any government that is serious about developing its cyber ecosystem. For governments who are looking to grow their cyber ecosystem, education, collaboration, sponsored events, and conferences show that your doors are open for business, actively promoting economic growth, and ready to work with businesses who want to secure our cyber technologies.

RELATED STORY

Cyber Startup Hub in Israel Declines as Global Competition Rises: Elron VP

About the Author

Zohar Rozenberg (Col. Ret.) is the Chief Security Officer at Elron, an Israeli holding company dedicated to building technology companies, actively investing in startup companies. He is also acting as Member of the Board for several cyber companies. Zohar was also involved in the establishment of the National cyber bureau and the formalization of the Israeli national cyber strategy.

Disclaimer 

CISO MAG did not evaluate/test the products mentioned in this article, nor does it endorse any of the claims made by the writer. The facts, opinions, and language in the article do not reflect the views of CISO MAG and CISO MAG does not assume any responsibility or liability for the same. CISO MAG does not guarantee the satisfactory performance of the products mentioned in this article.

The post Governments See Cybersecurity as an Opportunity to Develop Hi-tech Ecosystems appeared first on CISO MAG | Cyber Security Magazine.

By Stevie Nicks, Digital Editor at Just Another Magazine

Knowing that it’s necessary to protect digital systems is one thing, though: actually protecting them is another. The potential cost of investing in security services can lead entrepreneurs to question whether it’s better to leave their systems unsecured until they’ve bolstered their revenue — but that option is extremely risky.

Whether you’re in charge of arranging security for such a startup or part of a security company and looking to improve your approach to pitching, you can benefit from knowing how a small company can embrace cybersecurity while keeping the expenses down.

Let’s look at how startups can take sensible (and affordable) precautions:

They can broadly migrate to the cloud

Storing files locally can sound better to some because they fear the loss of privacy that presumably comes with online storage. Surely the best way to keep files safe is to physically protect the drives, they reason, plus it has to be cheaper to work with that relative inconvenience. That assessment is very far from the truth, obviously.

As noted, local storage is less convenient. It makes it harder to access files from afar and requires configuration. It’s also more expensive: bulk buying allows cloud storage suppliers to offer cheap rates and can offer almost no risk of drive failure causing disruption. With local storage you need to worry about the physical protection. And there’s wear and tear on the media. On the other hand, cloud storage drives get physical protection that the average company couldn’t hope to rival, and digital protection that’s top-class. The service provider maintains the physical media and bears the cost for storage expansion (buying additional hard drives). The consumer pays a fraction of the media cost for storage. For instance, you could get 1TB of storage on Google Drive/Google One for $9.99 per month. Google One (for paid plans) also offers other plans: 100GB for $1.99 and 200GB for $2.99. Compare that with the cost of a new 1 TB hard drive (approximately $45).

Cloud migration might sound expensive, but on the whole it really isn’t, particularly if you go through a reseller that can package licenses from a cloud solution distributor that has tight-knit relationships with cloud vendors and can negotiate cheaper prices.

They can cut back on systems to improve security

Regardless of whether companies operate in the cloud, locally, or are using a hybrid approach, they can easily get into the bad habit of installing myriad programs and subscribing to countless services, many of which share data through integrations. The more points of access there are, the more vulnerability there is. It’s hard to keep a castle secure when it has a hundred doors.

Due to this, startups should try to be more discerning about the systems they use. If something can be done through an entire suite instead of numerous distinct tools, it’s better for security. Just one of those tools being compromised could lead to the others being affected too. It’s the same reason why it’s ill-advised to use numerous plugins with a CMS.

At the same time, it may well be better for their finances: they might need to pay more for high-powered suites, but all the money saved on individual subscriptions could well leave their accounts better off (or at least keep their costs even).

They can start following best practices

This is the simplest and cheapest way for any company to improve its cybersecurity. No matter how secure the systems you use may be, they’re always vulnerable to human error through general indifference or incompetence. The moment you give someone access to a system, they can abuse that access, or allow someone it to be used by another (deliberately or unknowingly).

Best practices for cybersecurity are all the things people know they should do but generally don’t bother doing. Using secure passwords, changing them often, limiting admin access to those who absolutely need it, using contractual obligations and NDAs where necessary — all of these things are important, and they’re completely free to implement.

Key to this is training. Every last employee needs to be aware of how they need to proceed, and what they can and can’t do. Putting time and money into training courses (See EC-Council’s masterclasses and training programs) will be a short-term drain on resources, of course, but it’s all justified — and any startup that lacks the budget to invest in basic training has much deeper problems than cybersecurity.

Conclusion

By using cloud services where possible, using suites to minimize points of vulnerability, and following best practices, even the smallest startups can afford to make cybersecurity a priority matter. In the long run, though, the concern isn’t whether they can afford to invest in it: it’s whether they can afford not to.

About the Author

Stevie Nicks is Digital Editor at Just Another Magazine – a website that covers the topics you care about. You’ll find articles about lifestyle, travel, fashion, trends and relationships on our site – each of which is written in our unique style. 

Disclaimer 

CISO MAG did not evaluate/test the products mentioned in this article, nor does it endorse any of the claims made by the writer. The facts, opinions, and language in the article do not reflect the views of CISO MAG and CISO MAG does not assume any responsibility or liability for the same. CISO MAG does not guarantee the satisfactory performance of the products mentioned in this article.

The post How Startups Can Take the Affordable Route to Cybersecurity appeared first on CISO MAG | Cyber Security Magazine.

One in every three companies globally is implementing conversational AI and chatbots — the pull is irreversible.

– Dev Khare, Partner, Lightspeed India Partners

Yellow Messenger has over 120+ languages for voice and text support in its cognitive engagement cloud and thus, the fresh capital will be used to fuel its international expansion across the U.S., Europe, Latin America, and Asia-Pacific markets. In addition, the company will further invest in its product innovation roadmap, including the deepening of multi-lingual voice bot capabilities, expanding enterprise integrations, and launching a developer marketplace for virtual assistants.

Dev Khare, Partner, Lightspeed India Partners, said, “One in every three companies globally is implementing conversational AI and chatbots — the pull is irreversible. Yellow Messenger has taken advantage of this market pull with its rapid time-to-value, transactional platform and multi-language support for global rollouts.”

The Cognitive Engagement Cloud

Any cognitive system leverages the core skills of our brain — think, read, learn, remember, reason, and pay attention to. The cognitive engagement cloud uses chatbots that deliberate these actions and react by interacting through text and voice mediums across channels in a natural human-like manner. It enables enterprises to automate and orchestrate workflows for customer and employee engagement with minimal human intervention.

The chatbots can be integrated and used across multiple communication channels like Microsoft Teams, Slack, WhatsApp, telephony, digital assistants and with the enterprise’s existing System of Record and System of Engagement. By acting as a single source of intelligence across all channels, and across customer and employee conversations, this platform ensures smart, consistent and coherent customer and employee experience.

On similar lines, the Yellow Messenger platform is successfully powering around 30 million monthly conversations on chatbots, across more than 100 customers around the globe. Owing to this and the ongoing COVID-19 pandemic emergency in India, the company has also been appointed by the National Health Authority of India (NHAI) to provide chatbots to several state governments (Madhya Pradesh, Punjab, and Rajasthan), which will assist with citizen engagement over WhatsApp and Facebook Messenger. It has also deployed special chatbots for enterprises to deal with employee engagement, customer engagement, and ITSM automation, helping them drive business continuity.

The post Yellow Messenger Raises $20 Mn Series B Funding for Conversational AI Platform Expansion appeared first on CISO MAG | Cyber Security Magazine.

Axonius provides cybersecurity asset management services to public and private enterprises with its cybersecurity asset management platform that integrates information from connected devices to manage and secure them constantly. Its asset management platform creates a single point of view into connected devices, including desktops, laptops, servers, cloud instances, mobile devices, and other IoT on a company’s network and automatically detects whether those assets fit within the stipulated security policies or not.

Commenting on the new investment, Dean Sysman, CEO and Co-Founder at Axonius, said, “Our goal is to go public as an independent cybersecurity asset management platform. But I hope that this new funding round with the most proven investors in our industry serves to send a bold message to our customers and the market. Axonius has enjoyed exponential growth by solving a real problem, taking away manual work, and letting security and IT teams focus on what’s important.”

In February 2019, Axonius raised US$13 million in its Series A funding round led by Bessemer Venture Partners along with the participation from existing investors YL Ventures, Vertex, WTI, and Emerge.In August 2019, the company raised US$20 million in its Series B funding round led by OpenView.

Cybersecurity Startup Exits in 2019

According to the IVC Research Center report, Israel has 436 cybersecurity companies operating across various verticals of development. The cybersecurity exit totaled to US$11.3 billion within a timeframe of 2013 to 2019. The exit costing increased exponentially and so has the funding for Israeli cybersecurity companies during the same time period. Israeli cybersecurity startups have managed to attract funding of US$6.32 billion from investors across 594 deals.

Israel’s Cyber Startup Hub

With rising global competition in the cybersecurity market, Israel faced a decline in the cyber startups ecosystem, according to Zohar Rozenberg, Vice President of Cyber Investments at Elron and RDC. The country always valued bold innovation and planning, however investment in cybersecurity was down.

Israel saw only 40 new cybersecurity startups in 2019, a 33% decline compared to 60 new startups in 2016. Investors are preferring rapid revenues over innovation, whereas, global technology corporates are competing over talent with entrepreneurial capacities. As cyber challenges grow in Fintech, Insurtech, automotive, and manufacturing industries, Israel needs investment and critical mass support to boost its talent and infrastructure.

The post Axonius Raises US$58 Million to Accelerate its Security Management Tool appeared first on CISO MAG | Cyber Security Magazine.

Horangi stated that it will use the new proceeds to expand its business reach in Southeast Asia and strengthen its cloud security product—Warden—in the region. Warden protects organizations using public cloud infrastructure from critical security threats and compliance violations in the cloud. Horangi has over 50 clients across various sectors such as government, technology, financial services, and retail. The company builds security products that enable the rapid delivery of incident response and threat detection for its customers.

Commenting on the new investment, CEO and Co-Founder Paul Hadjy of Horangi, said, “Southeast Asia is one of the fastest-growing economies and digitizing rapidly, but due to the shortage of security expertise in the region, organizations are increasingly turning to security experts like Horangi. This is especially prevalent in Indonesia, where we have been focused on since 2016. Having a strong team, local insights and technology capabilities allow us to partner with strategic investors to help propel our next growth stage.”

Most cybersecurity startups based-out in Singapore and Southeast Asia are working on enhancing the cybersecurity standards in the region. Several industry experts highlighted the urgent need for stronger safeguards against cyberattacks. Earlier, the Singapore government established cybersecurity standards with the Association of Southeast Asian Nations (ASEAN) to strengthen the protection of critical information infrastructure in the region.

In a similar development, the governments of Singapore and the U.S. joined hands to strengthen their collaboration in the infrastructure sector, digital economy, and cybersecurity. Both countries renewed their Collaboration Platform Memorandum of Understanding (MOU) and signed a Declaration of Intent (DOI) to work together on a Singapore-U.S. Cybersecurity Technical Assistance Program for ASEAN.

The post Horangi Raises US$20 Million in Funding to Strengthen Cybersecurity in Southeast Asia appeared first on CISO MAG | Cyber Security Magazine.

Founded by Dor Knafo and Gil Azrielant, the California-based startup stated that the new funding will help the company launch its cloud-native security and analytics platform that offers organizations simple and secure control of private application access. Axis Security claims that its Application Access Cloud platform was built on a zero-trust approach and offers a new agentless model that solves the issue of implicitly open network access and removes the pain points of network-based security associated with Virtual Private Networks (VPNs).

Commenting on the new funding, Dor Knafo, co-founder and CEO of Axis Security, said, “Axis Security is helping to solve one of the most complex security challenges for IT teams. Enabling access to the basic tools of digital transformation should not be one of the biggest risks an organization takes. We’re giving IT teams what they’ve been lacking when it comes to applications and that is a single managed solution for access, security, control, and scalability without the complexity.”

Curtis Simpson, Chief Information Security Officer at Axis Security, said, “This new zero trust solution from Axis offers a modern solution to a modern problem. It enables organizations to truly monitor and manage third-party risk and is a true enabler to move users from a generally flat network to a better, more secure experience with nothing more than an internet connection. With new zero trust approaches that focus on secure application access, we are able to completely shift our strategy to securing our IT infrastructure, so that business can be accelerated, not brought to a halt. This is the way of the future.”

The post Axis Security Raises US$17 Million Funding, Emerges from Stealth appeared first on CISO MAG | Cyber Security Magazine.

Founded in 2013, SentinelOne provides autonomous endpoint protection services to organizations to help them prevent, detect, respond, and hunt attacks across all major vectors. The company claims that its security platform is designed to save customers time by applying AI to automatically eliminate threats in real-time for both on-premise and cloud environments.

Speaking on the new funding, Tomer Weingarten, CEO and Co-founder of SentinelOne, said, “The cybersecurity demands of today’s enterprises have evolved, and we’ve taken endpoint protection far beyond what it once was. Instead of solely protecting laptops, desktops, and servers with EPP and EDR capabilities, we protect the entire network edge with flexible, autonomous technology–from containerized workloads in the cloud and data center to IoT devices. Leveraging AI to process enormous amounts of data in real-time allows our customers to stay secure from all vectors of attack. Delivering value to customers well beyond the traditional endpoint is what positions SentinelOne as the fastest growing and most promising cybersecurity platform.”

SentinelOne Partnerships

Last month, SentinelOne partnered with CRITICALSTART, a provider of managed detection and response (MDR) services, to jointly develop next-generation endpoint, cloud, and IoT protection security solutions. CRITICALSTART helps enterprises protect their data systems while reducing their security risks. The company offers a set of security solutions from the delivery of managed security services to security-readiness assessments like the defendable network, professional services, and product fulfillment.

In 2019, SentinelOne secured US$120 million investment in its Series D funding round which was also led by Insight Partners. The other investors that participated in the funding round included Samsung Venture Investment Corporation, NextEquity, Third Point Ventures, Redpoint Ventures, Granite Hill, and Data Collective (DCVC).

The post SentinelOne Raises US$200 Million for Next-Gen Endpoint Protection appeared first on CISO MAG | Cyber Security Magazine.