Date post: | 14-Aug-2015 |
Category: |
Economy & Finance |
Upload: | ross-blankenship |
View: | 11,140 times |
Download: | 3 times |
Angel Kings LLC
*The Cybersecurity Report: Emerging Global Threats from Cyber Attacks
*Top cybersecurity companies: public & private startups*Cybersecurity report answering: the Who, What, Where, How and Why of Cyber Attacks
*The information contained herein is for informational purposes only and is not a solicitation, only an example of fundraising and what to expect when researching companies. Logos and trademarks herein are properties of their respective owners.
By Ross BlankenshipExpert on venture capital and cybersecurityAuthor of best-selling book, Cyber Nation
The Worldwide Threat of Cyber Attacks
Source: Forrester Research, MarketsandMarkets
The cybersecurity marketplace will continue to grow aggressively.
Over the past two years, security spending as a percentage of the total IT budget rose across most industries. This number is only expected to increase in light of recent security breaches.
Worldwide spending on information was $95.6 billion in 2014. Total information security spending is projected to grow at 10.3% CAGR in the following 5 years.
Who do cyber attacks threaten the most?
B2BB2B B2CB2C GovernmentsGovernments Security FirmsSecurity Firms
Pain PointsPain
Points
Preventing data breaches and stolen information
Security architecture and process design
Preventing account abuse or fraud from customers
Integrating IT security into core business functions and creating ownership
ExamplesExamples
Preventing personal, professional, and financial accounts from being hacked
“Peace of mind” and alleviating fears of cyber crime, whether real or perceived, due to media coverage of recent hacks
National security Agency sharing and
collaboration (FBI, CIA, etc.)
Geopolitical stance and perceived ability to defend itself and allies from cybercrime
Staying one step ahead of the cyber criminals
Fierce competition from other firms; finding one’s niche
Understanding the pain points of all potential customer groups
Cyber attacks have forced CIO’s to reconsider their cybersecurity capabilities.
Source: Gartner Research, Industry Blogs
Business disruption attacks require new priority from corporate leadership
Business impact analyses must consider aggressive business disruption attacks leading to loss of continuity of operations. Response and recovery plans that cover both business processes and IT services should be developed to address these exploits
CIO’s must pivot from blocking and detecting attacks, to detecting and responding attacks to breaches
Preventive controls such as firewalls, antivirus and vulnerability management, should not be the only focus of a mature security program. Organizations should focus on rapid breach detection using endpoint threat detection and remediation tools and network traffic analysis tools, and invest in forensic teams and software to analyze the resulting alerts and memory samples.
Non-IT processes must also be assessed
Full-spectrum penetration testing that evaluates IT and non-IT business process environments is crucial. An incident response manager may be required to oversee and manage attack events. The incident response leader will need skills to work across IT and non-IT departments and external groups — including legal, law enforcement, HR, forensics, corporate communications, public relations, insurance providers and network service providers
The average total cost of a data breach to major US companies is $12.7 million.
A robust underground market for data economy fuels and incentivizes cyber criminals.
Source: Forrester Research
Common cybercrime “business models”
Email addresses and passwords, credit card numbers, Social Security numbers, account log-in credentials, and other personal information are all data that cybercriminals can use to commit a wide range of crimes, from identity theft to fraud to reselling in the underground market economy.
• Buy and sell stolen information in online marketplaces-Stealing credit card data and personal information is lucrative for cybercriminals because it provides direct andeasy gains in the underground marketplace. Prices for a customer’s personal information can range from $8 to $45,underscoring the low-risk high-reward nature of cybercrime.
• Crime-as-a-service- In the underground markets, organizations and individuals can buy or sell exploit kits,botnets, denial of service attacks, or just their skills. Services can run from $1 for 1,000 CAPTCHA-breakingsto $350 to $450 for consulting services such as botnetsetup
• Attracting capital “investors”- Skilled individuals will always be in demand in the eyes of organizations —namely, organized crime syndicates — that seek to make a profit. In some cases, individuals are coerced or recruited by these organizations for the purposeof leveraging their talents
• Market their supplies and services like a business-"Suppliers" of data in this underground market economytoday operate "businesses" that may involve everything from marketing themselves online via Twitter to providingbulk discounts, free trials, and customer support forcustomers (criminals who purchase this stolen data).
Where are the criminals coming from?
Source: Bloomberg
China, Russia, and Turkey are the countrieswith the most foreign cybercriminals. The USAhowever, remains the home of where over 33%of cyber attacks originate
Governments and customers react and raise the cost of being breached
Source: Gartner Research, Industry Blogs
Data and privacy breaches provide lucrative payouts for cybercriminals, but the businesses targeted incur tangible and intangible costs as a result. Today, the costs incurred having being breached comes not only from customer but from legislating bodies as well.
Zappo’s
Almost 24 hours after Zappos revealed that it was a victim of a cyber attack in January 2012 that exposed more than 24 million customers' account information, a customer filed a suit alleging Zappos did not have the data properly safeguarded and was in violation of the Fair Credit Reporting Act
Triple-S SaludPuerto Rican insurer Triple-S Salud faced a $6.8 million fine from the Puerto Rican government for exposure of protected health information (PHI), in violation of HIPAA. In addition to the fines, administrative sanctions will be placed on Triple-S Salud, which include the suspension of new enrollments into one of its plans and the requirement to notify affected individuals of their right to opt out of their program.
1. Customer Litigation: Once the breach notification goes public, companies can expect to face legal action from customers.Common reasons cited for damages include actual loss fromidentity theft, emotional distress, cost of preventing future losses, and the increased risk of future harm. Shoppers trust that their personal and financial information to be secure and not shared with anyone when they shop; a loss of this trust incurs both financial and reputational losses to the breached company.
2. Government Fines and Sanctions: Organizations that have experienced a breach must face the scrutiny and regulations of the government. While data protection laws vary country by country, or even state by state in the case of the US, government bodies can issue fines for violations of data protection. In the US, the Federal Trade Commission's win against Wyndham Hotels and Resorts solidified the FTC's role and authority as a data security regulator in the US, allowing it to continue pursuit of action against the company
Case Study: Target
Source: Gartner Research, Forrester Research, Industry Blogs
Target Corporation is an American retailing company, and the second-largest discount retailer in the United States. In 2014, it had over $72 billion in revenue and 1934 stores in North America.
Victim
The Target data breach was a result of hackers gaining undetected access to the network with credentials stolen from a refrigeration and HVAC company that does work for a number of Target locations.
Hackers gained access to as many as 110 million customer names, card numbers, expiration dates, and CVV security codes of the cards issued by financial institutions.
Attack
Target's computer security team was notified of the breach via the FireEye security service they employed, had ample time to disrupt the theft of credit cards and other customer data, but did not act to prevent theft from being carried out.
Cybersecurity
At least 90 lawsuits were brought against Target in the aftermath of the breach. All told, Target could face a $90 fine for each cardholder’s data compromised, which translates to the $3.6 billion liability.
Profits fell nearly 50% in that fiscal quarter. Target’s share price fell 11% during the same time.
Impact
Target reports costs associated with breach to exceed $148 million, and EPS to drop 22%.
Case Study: Sony
Source: Macquarie Research, Gartner Research, Industry Blogs
Sony Pictures Entertainment Inc. is the American entertainment subsidiary of Japanese multinational technology and media conglomerate Sony. It has been responsible for producing/distributing films such as Spider-Man, Men in Black, Resident Evil, and more recently, The Interview. In 2014, it had revenues exceeding $8 billion.
Victim
In December 2014 the Sony Pictures computer network was compromised, disabling many computers. Later the same week, five of Sony Pictures' movies were leaked, as well as confidential data about 47,000 current and former Sony employees
On December 16, the hackers issued a warning to moviegoers, threatening to attack anyone who sees The Interview during the holidays and urging people to "remember the 11th of September 2001“.
Attack
Sony has since hired FireEye to plug its breach.
Cybersecurity
Macquarie Research analysts projected Sony would likely take an impairment charge of 10 billion yen ($83 million) related to the incident
Furthermore, hackers have released a trove of documents that include contracts and marketing plans that could influence competitors' strategies and lead to a loss of trade secrets and IP for Sony
Impact
The current quarter has cost $15 million in investigation in remedial costs. Total costs are expected to exceed $100 million in financial damage, not including loss of IP
Case Study: Anthem
Source: Gartner Research, Industry Blogs
Anthem Inc. is the largest for-profit managed health care company in the Blue Cross and Blue Shield. In 2014, it had revenues of $61.7 billion, and over 37,000 employees.
Victim
On February 4, 2015, Anthem, Inc. disclosed that criminal hackers had broken into its servers and potentially stolen over 37.5 million records that contain personally identifiable information from its servers. The compromised information contained names, birthdays, medical IDs, social security numbers, street addresses, e-mail addresses and employment information, including income data.
Attack
Anthem is currently working with AllClear ID to offer 24 months of identity theft repair and credit monitoring services to current or former members of an affected Anthem plan dating back to 2004..
The company has said to be conducting an extensive internal IT forensic investigation to determine what members are impacted.
Cybersecurity
Over 80 million people (members, past members, employees) are expected to be affected by the Anthem security breach. Class-action lawsuits have been mounted since Anthem’s announcement in February.
Anthem said it doesn’t expect the incident to affect its 2015 financial outlook, “primarily as a result of normal contingency planning and preparation.”
Impact
Anthem should expect to pay between $100 to $200 per breached record. With as many as 80 million people affected, that comes out to $8 billion to $16 billion
Source: PwC Global State of Information Security, Forrester Research
Companies and legislative bodies actively investing and and prioritizing in cyber security.
In the annual PwC, CIO, and CSO survey of more than 9,600 global executives, 41 percent of US respondents had experienced one or more security incidents during the past year, a number that continues to rise. This situation is compounded by the fact that given recent economic uncertainty, security has not been a priority in the recent past.
Lobbying firms are anticipating increased policy-making in data security and privacy to keep pace with, or catch up to, the evolving threat landscape and technology environment. According to lobbying analytics firm Capitol Metrics, the number of lobby firms that advocated on behalf of clients on data and security issues skyrocketed from 74 to 220 between 2008 and 2012.
Capitol Hill
Over the years, global efforts have culminated in the closing of various online market forums for exchange of stolen data. In April 2012, a global two-year operation involving officers from Australia, the US, Britain, Germany, the Netherlands, Ukraine, Romania, and Macedonia shut down dozens of websites that offered credit card data and related details.
Global
Many organizations struggle to adequately enforce the rules and standards of their security policy due to corporate culture and a hesitance to enforce the consequences of noncompliance. CISOs need to reevaluate their current policies to make sure that its culture reinforces the "human firewall."
Policy/Process
Zero Trust is emerging as a new model for information security that is better-suited for the new threat landscape. In addition, the concept of "killing data" — encrypting data to devalue if it falls into the hands of cybercriminals — is gaining mindshare as a new default defensive measure for the enterprise.
Architecture
Cybersecurity Trends
Current State of Cybersecurity
Source: Forrester Research
Cybersecurity effectiveness and its metrics are being challenged on all fronts
Information security metrics have historically focused on security policy compliance and operational issues. Metrics like these demonstrate that security teams are working very hard, but they don't really demonstrate effectiveness. Cybersecurity is an uncertain business, and this requires that CISOs move from compliance-based reporting to risk-based reporting.
Readiness, Response, and Recovery
• Security readiness measures your company's security posture. Readiness metrics could include the percentage of systems with current patches as compared to a standard baseline, how many staff successfully completed awareness training, or firewall rule status. Readiness reports should show trends for this information on a quarterly or monthly basis.
• Benchmarks against previous dates should drive future decisions. Metrics could include the number of network exploit attempts this month as compared with last month or the number of vulnerabilities closed this month as compared with last month. Like the readiness reports, these metrics should show key trends, monthly and quarterly, and they should show event trends and attack patterns.
• Speed in which an organization returns to normal operation is a critical measurement of success. Metrics in this category could include disciplinary personnel actions taken, changes made to security readiness processes, forensic actions, legal response, and data and system restoration time. Event patterns are the most important information to report, showing what worked and what didn't.
Source: Gartner Research, Forrester Research
Companies are responding aggressively to data and cybersecurity threats.
Recent high profile cybersecurity breaches of Target, Sony, and other high profile targets have companies playing catch-up to cybercriminals. Here are some of the main weapons companies have at their disposal.
• Enhanced use of encryption, and more careful attention to the maintenance and proper configuration of existing encryption systems, is one of the first lines of defense used to thwart would-be attackers.
• Increased scrutiny of internal data use is another common response to Target’s woes. Behavioral analytic technologies allow firms to monitor users within the company as well as end users, remaining alert for suspicious behavior that accompanies theft or attack with malware.
• Risk assessment and software analysis to screen for vulnerabilities is gaining a front seat at many organizations. Keeping software up-to-date to avoid known weaknesses and testing proprietary software for unnoticed vulnerabilities are both front-line defensive maneuvers that are receiving more attention in 2014.
• Active defense is a relatively new concept in computer security that is garnering extra attention these days. The idea is to convince hackers that they are into their target area, when they’ve actually been diverted and trapped in a shell where they can be easily identified and in some cases, retaliated against.
• Following up on network threats is a necessity that requires manpower organizations don’t always have available. Active monitoring and maintenance by managed service providers and hiring forensics experts to respond to threats are two popular solutions.
Fortune 500 Cybersecurity Providers
IBM (IBM)
Company Description
IBM® Security solutions help detect, address, and prevent security breaches through integrated hardware and software solutions. Powered by deep analytics and trusted IBM Security expertise, our robust portfolio of comprehensive, scalable industry-leading tools delivers unparalleled security intelligence with reduced complexity and lower maintenance costs.
Marquee ClientsProducts/Services Offered
2014 Revenue $92.8 B
CEO Ginni Rometty
Headquarters Armonk, NY
M&A Considerations
• Trusteer Pinpoint Criminal Detection helps protect websites against account takeover and fraudulent transactions by combining traditional device IDs, geolocation and transactional modeling, and critical fraud indicators. This information is correlated using big-data technologies to link events across time, users and activities.
• Security Key Lifecycle Manager centralizes, simplifies and automates the encryption and key management process to help minimize risk and reduce operational costs
• InfoSphere Guardium Data Activity Monitor prevents unauthorized data access, alerts on changes or leaks to help ensure data integrity, automates compliance controls and protects against internal and external threats
• Firewall management is designed to reduce the complexity and burden of managing and monitoring firewalls manually. Offers near-continuous monitoring, management and analysis of firewall logs
• Security Architecture and Program Design helps you evaluate the effectiveness of your security architecture to better manage evolving cyber threats. We also work with you to design a program to align security practices with business requirements and help reduce risk
• IBM acquires Trusteer, a specialist in cybersecurity primarily for financial services for $1B in August 2013
• IBM acquires Crossideas, an identity and access management vendor for an undisclosed amount in July 2014
• IBM acquires Lighthouse Security Group, an identity and access management company for an undisclosed amount in August 2014
• AT&T and IBM announced in February 2014 a strategic alliance to provide a set of comprehensive security services that, if successful, would define the next generation of managed security services providers
Cisco (CSCO)
Company Description
Cisco® Cybersecurity solutions make sure that security is a fundamental component of the intelligent network fabric by using a multilevel approach, building security controls within and around the core network. In-depth security requires an adaptive, responsive, and always-on approach that is also architectural.
Marquee ClientsProducts/Services Offered
2014 Revenue $47.1 B
CEO John Chambers
Headquarters San Jose, CA
M&A Considerations
• Cisco Advanced Malware Protection provides an efficient process for solving threats by going beyond detection. Offers Point in Time Protection and Retrospective Security together.
• Cisco Identity Solutions provide visibility into who and what is connected to your network, automation for simplifying operations and adapting to changing needs, and controls for limiting access to information and resources.
• Cisco Wireless Security Solutions provides a comprehensive approach to wireless security, offering enterprises the ability to address the threats of access and eves dropping. This at‐a‐glance focuses on the externalthreats that a WLAN will encounter and the mechanisms to detect and mitigate these threats.
• Cisco Secure Mobility Solutions provide virtual office solutions with full IP phone, wireless, data, and video services to staff wherever they may be located. Security capabilities include spam protection, data loss prevention, virus defense, and email encryption tracking.
• Cisco acquires Cognitive Security, a company focused on applying artificial intelligence techniques to detect cyber threats for an undisclosed amount in January 2013
• Cisco acquires SourceFire, a network security and anti-malware appliance developer for $2.7 B in July 2013
• Cisco acquires ThreatGrid, a malware analysis and threat intelligence company an undisclosed amount in June 2014
Hewlett-Packard (HP)
Company Description
HP's enterprise security software and solutions provide a proactive approach to security that integrates information correlation, application analysis and network-level defense.
Marquee ClientsProducts/Services Offered
2014 Revenue $111.5 B
CEO Meg Whitman
Headquarters Palo Alto, CA
M&A Considerations
• HP Fortify Static Code Analyzer helps verify that your software is trustworthy, reduce costs, increase productivity and implement secure coding best practices. Static Code Analyzer scans source code, identifies root causes of software security vulnerabilities and correlates and prioritizes results—giving you line–of–code guidance for closing gaps in your security.
• ARCSIGHT ESM is enterprise security management software that combines event correlation and security analytics to identify and prioritize threats in real time and remediate incidents early. Correlates data from any source in real time to quickly detect threats before they do damage. Collects and categorizes up to 100,000 events per second for instant detection of activities affecting anything on your network, including insider or zero-day attacks.
• HP Atalla Information Protection and Control solves the complex challenge of providing data classification and data security by providing organizations the means to bring protection to the data itself. HP Atalla IPC applies protection at a point where information is created, and makes that protection persistent, so it follows the information wherever it goes. This secures sensitive data no matter where it actually resides.
• HP acquires ArcSight, a company that provides data security analytics for security information and event management for $1.5 B in October 2010
Publicly Listed Cybersecurity Providers
Marquee ClientsProducts/Services Offered
2014 Revenue $425.7 M
CEO Dave DeWalt
Headquarters Milpitas, CA
M&A Considerations
• FireEye Adaptive Defense is a new approach to cyber security that delivers technology, expertise, and intelligence in a unified, nimble framework. Our state-of-the-art technology protects you with our patented virtual-machine detection (MVX™) engine. Find cyber attacks that bypass signature-based tools and common sandboxes.
• Malware Analysis (AX series) products provide a secure environment to test, replay, characterize, and document advanced malicious activities. Malware Analysis shows the cyber attack lifecycle, from the initial exploit and malware execution path to callback destinations and follow-on binary download attempts..
• FireEye Threat Intelligence provides intel and analysis to help you understand cyber threats, identify and stop cyber attacks, and reduce the impact of compromise. Automates the detection and prevention of zero day and other advanced cyber attacks with our global threat intelligence ecosystem. Accelerates incident response and reduce the time to investigate and resolve security incidents.
• In September 2013, FireEye became a public company, trading on the NYSE under the ticker FEYE, raising $304 M in their IPO at a market capitalization of $4.2 B (~26x revenue)
• In December 2013, FireEye bought Mandiant, a computer forensics specialist company for $1.05 B
Company Description
FireEye Inc. is a publically listed US network security company that aims to provide automated threat forensics and dynamic malware protection against advanced cyber threats, such as advanced persistent threats and spear phishing.
FireEye (FEYE)
Source: Hoovers
Palo Alto Networks (PANW)
Company Description
Palo Alto Networks provides a wide suite of enterprise-level next generation firewalls, with a diverse range of security features for your network.
Marquee ClientsProducts/Services Offered
2014 Revenue $598.2 M
CEO Mark McLaughlin
Headquarters Santa Clara, CA
M&A Considerations
• The PA-7050 protects datacenters and high-speed networks with firewall throughput of up to 120 Gbps and, full threat prevention at speeds of up to 100 Gbps. To address the computationally intensive nature of full-stack classification and analysis at speeds of 120 Gbps, more than 400 processors are distributed across networking, security, switch management and logging functions. The result is that the PA-7050 allows you to deploy next-generation security in your datacenters without compromising performance.
• Panorama provides you with the ability to manage your distributed network of our firewalls from a centralized location. View of all your firewall traffic; manage all aspects of device configuration; push global policies; and generate reports on traffic patterns or security incidents - all from one central location..
• Palo Alto Networks Threat Prevention security service protects against malware delivery through custom-built signatures that are based on content — not hash — to protect against known malware, including variants that haven’t been seen in the wild yet. Offers intrusion prevention, SSL decryption, and file blocking to ensure security needs
• In July 2012, Palo Alto Networks became a public company, trading on the NYSE under the ticker PANW, raising $260.4 M in their IPO at a market capitalization of $2.8 B (~13x revenue)
• Morta Security was acquired for an undisclosed sum in January 2014
• Cyvera was acquired for approximately $200 million in April 2014
Source: Hoovers
CyberArk (CYBR) – Israeli-based company
Company Description
CyberArk specializes in providing IT security from internal threats—that is, cyberattacks launched from within an organization, rather than from outside its perimeter
Marquee ClientsProducts/Services Offered
2014 Revenue $103.0 M
CEO Udi Mokady
Headquarters Newton, MA
M&A Considerations
• Privileged Threat Analytics is an expert system for privileged account security intelligence, providing targeted, immediately actionable threat alerts by identifying previously undetectable malicious privileged user and account activity. The solution applies patent pending analytic technology to a rich set of privileged user and account behavior collected from multiple sources across the network. CyberArk Privileged Threat Analytics then produces highly accurate and immediately actionable intelligence, allowing incident response teams to respond directly to the attack.
• CyberArk SSH Key Manager is designed to securely store, rotate and control access to SSH keys to prevent unauthorized access to privileged accounts. SSH Key Manager leverages the Digital Vault infrastructure to ensure that SSH keys are protected with the highest levels of security, including the encryption of keys at rest and in transit, granular access controls and integrations with strong authentication solutions
• CyberArk Enterprise Password Vault enables organizations to secure, manage and track the use of privileged credentials whether on premise or in the cloud, across operating systems, databases, applications, hypervisors, network devices and more
• In September 2014, CyberArk became a public company, trading on the NASDAQ under the ticker CYBR, raising $85.8 M in their IPO at a market capitalization of $414 M. (~11x revenue)
Source: Hoovers
Top Cybersecurity Startups
Source: CBInsights, Gartner Research
The cybersecurity market is poised for disruption from start-up companies.
Cybersecurity is more than the latest investment fad for today’s savvy investor. Recent events have led to significant growth in the number of startups focused on cybersecurity, and to the number and diversity of investment opportunities for early stage investors. In 2013 alone, venture capital firms invested nearly $1.4 billion in 239 cybersecurity companies
Among top-tier VC investing firms, Intel Capital is the most active investor in cybersecurity startups having invested in more than 20 companies since 2010. Accel Partners and KPCB took second and third place respectively, investing in more than 15 unique companies each.
Authy*
Company Description
Secure Yet Easy-to-Use Two-Factor Authentication for Websites and Mobile Apps. Protect your daily apps like Facebook, Dropbox, Evernote, AWS, Outlook and many others. Use Authy to thwart phishing and man-in-the-middle attacks, quickly and easily.
Marquee ClientsProducts/Services Offered
2014 Revenue ---
CEO Daniel Palacio
Headquarters San Francisco, CA
M&A Considerations
• Authy designed and built a powerful dashboard with all the basic and advanced features like create infinite applications, add collaborators, setting your SMS, calls and many other options created to help you manage your applications.
• Enable, set and decide what do you want to have in your application to create the best experience for your users and keep them happy.
• Our payments system lets you know exactly what you are using and what you are paying. So you can always know what is your account status up to date.
• Whether you require PCI, HIPPA, FIPS or any other compliance requirements, Authy helps you easily achieve and stay compliant.
• Security policies are an essential part of an scalable and secure Two-Factor Authentication deployment. Authy has a powerful policy engine that allows you to automatically control how your Authentication behaves at it's deepest level.
• Authy uses 256 bit's private keys, which can be rotated instantly on demand. All keys are also fully manageable. You can remotely disable and reset keys all with a push of a button. We also provide remote health checking capabilities that help you keep your organization running 24/7 and your users happy.
• Authy was acquired for an undisclosed sum by Twilio in February 2015.
*An Angel King Portfolio Company
Source: Crunchbase
Lookout
Company Description
Protecting individuals and enterprises, Lookout predicts and stops mobile attacks before they do harm.
Marquee ClientsProducts/Services Offered
2014 Revenue ---
CEO Jim Dolce
Headquarters San Francisco, CA
M&A Considerations
• Predictive Security - Lookout’s advanced security connects the dots between code, app behavior, and known attackers to stop threats – all in the cloud without impacting your device.
• Missing Device - Forget that panicked feeling when you can't find your smartphone. Lookout gives you the control you need to get your lost or stolen device back.
• Theft Alerts - Lookout turns your device's features – from the front-facing camera to the lock screen – into defensive countermeasures that make thieves think.
• Data Backups - Losing or damaging your device doesn't have to mean losing what's on it. Automatic backups of your contacts, photos, and call history make sure they’re always
• Secure App Stores - Automatically vet applications to ensure policy compliance before making them available to your organization, as well as mobile apps to keep user safe
• Raised $282 over 8 rounds from investors including Morgan Stanley, Andreessen Horowitz, Accel Partners, and Greylock Partners
Source: Crunchbase
BlockScore
Company Description
BlockScore is an identity verification and anti-fraud solution for online transactions.
Marquee ClientsProducts/Services Offered
2014 Revenue ---
CEO John Backus
Headquarters Palo Alto, CA
M&A Considerations
• Customer Identity Verification - We use many data sources to verify the information your customers provide. We correlate data across credit bureaus, motor vehicle records, address histories, watchlists, and other records in order to provide a superior solution to single-source verification services.
• Knowledge Based Authentication - We provide a series of questions to which only your customer knows the answer using information separate from someone’s identity. This provides a better, practical solution to photo ID verification because it is difficult to know correct answers to these questions unless you are actually the person.
•
• Compliance - As part of every verification, we instantly scan dozens of government watchlists and red flag lists to protect your business from wanted individuals. We can optionally proactively scan your entire user base every time the list changes and inform you if anything changes.
• Fraud Alert - We detect mass fraud and use of false identities across our network. When lists of stolen identities hit the black market, we quickly learn of problematic identities and proactively notify you, limiting your exposure to fraudulent activity.
• Raised $2M over 2 rounds from YC, Khosla Ventures, and Battery Ventures, among others
Source: Crunchbase
Sift Science
Company Description
Sift Science fights fraud with machine learning. Machine learning teaches a computer to mine data for statistical patterns, and continuously learn and adapt as new data streams in.
Marquee ClientsProducts/Services Offered
2014 Revenue ---
CEO Jason Tan
Headquarters San Francisco, CA
M&A Considerations
• Reduce Chargebacks - Zero in on investigating orders that matter and make quick, accurate decisions. Using the Sift Science Console, see all of your data in one place, including: Signals identifying suspicious behavior, the ability to filter users by IP address, device fingerprint and more network visualizations so you can see relationships between users and accounts
•
• Fraud Detection - With every new piece of your data, Sift more precisely adapts to your business and helps you stay ahead of ever-changing fraud tactics. Prevent fraud with automated learning on our award-winning platform using advanced data science techniques. Harness the same powerful technologies used by Amazon and Google.
• Distill Patterns from Data - We sift through your data for subtle fraudulent behaviors that a rules-based system would miss. Behind the scenes, we automatically build a statistical model with your unique data and patterns found on our network. Harness the power of data-driven decision-making in a single platform.
• Raised $23.6M over 3 rounds from First Round, Union Square Ventures, and YC
Source: Crunchbase
BugCrowd
Company Description
Crowdsourced cybersecurity. Bugcrowd is the premier marketplace for security testing on web, mobile, source code and client-side applications.Bugcrowd solves the undersupply of cybersecurity professionals by giving businesses the ability to engage with their curated, reputation-driven community of over 13,000 security professionals.
Marquee ClientsProducts/Services Offered
2014 Revenue ---
CEO Casey Ellis
Headquarters San Francisco, CA
M&A Considerations
• Testing: Researchers test your site and report vulns to Bugcrowd. During this time, Bugcrowd is validating submissions.
• Final validations and report: Bugcrowd finishes validations, and finalizes your assessment report.
•
• Finish: A streamlined report of the valid findings our researchers discovered.
• Raised $7.7M over 3 rounds from Paladin Capital Group, Rally Ventures, and Square Peg Capital, among others
Source: Crunchbase
Summary
Source: Gartner Research, DigitalChalk
Four categories frame the future battleground for cyber warfare.
Four key trends are poised to disrupt the IT Strategy consulting marketEmployee Training
• 77% of American Corporations use some form of online learning
• The US and Europe account for over 70% of the global eLearning industry
• By 2019 half of all college courses will be taught online
• Access to mass populations and their parent organizations are at an all time high
Hardware (Drones)
Connected Devices
• 89% of mobile media time is spent on mobile apps
• 80% of internet users now own a smartphone
• Internet of Things is creating an explosion of connected devices worldwide
• Mobile security options and computing power remains nascent relative to traditional security functions of desktops and laptops
Active Defense
• Practically all drones have computers and onboard logic, and for the most part are communicating with a control system through a communications channel making them susceptible to a cyber-attack.
• There has been a thriving community of drone hackers already and several open source projects available such as Skyjack which uses your drone to take over the drones around it
• A honeypot is defined as “a computer system on the Internet that is expressly set up to attract and ‘trap’ people who attempt to penetrate other people’s computer systems
• Sinkholing is the impersonation of a botnet command-and-control server in order to intercept and receive malicious traffic from its clients
• Threat intelligence is “consuming information about adversaries, tools or techniques and applying this to incoming data to identify malicious activity
Which industries in America face the biggest threats from cyber attacks?
Healthcare & Insurance
Defense
Internet of Things
• Hardware and robotics account for a significant increase in hospital care/surgical devices
• Doctors and nurses are sharing important patient data via mobile and cloud. HIPAA at risk.
• Research labs for pharmaceutical companies are also increasingly cloud-based.
• Patient information being falsely used for procuring health insurance.
Biggest threats: patient privacy, patient safety with drug development, hardware malfunctioning with medical devices, and insurance industry theft.
• American defense (large cap) spending is increasingly spent on hardware such as drones and space-based defense/offense measures.
• Major energy, financial grids and networks are subject to attacks by foreign entities.
• Police and law enforcement is now cloud-based with new sharing that could be hacked.
Biggest threats: operational protection of markets, hardware/drone operations, police/safety.
• Millions of homes projected to be connected to Internet of Things (“IoT”) by 2020.
• Major corporations like Google, General Electric, Cisco, and Honeywell will need to ensure all Wi-fi devices and internet based software/hardware hybrid protects are protected.
• Access to consumer homes bring inherent and growing risks for safety and privacy.
• Biggest threats: Wi-fi devices, hardware such as thermostats and smoke detectors, routers and internet-connected devices
#1
#2
#3
The cybersecurity industry will increase by an additional $250 billion by 2020.
Source: Crunchbase
Investor returns in cybersecurity start-ups are at an all-time high
Investor Company Exit Price Capital Round
ROI*
Sequoia Capital
FireEye $1.5 B $6.5 M (A) 46x
Juniper Networks
FireEye $1.5 B $14.5 M (B) 34x
Greylock Partners
Palo Alto Networks
$2.8 B $10 M (A) 280x
Sequoia Capital
Palo Alto Networks
$2.8 B $18 M (B) 51x
Goldman Sachs
CyberArk $414 M $40 M (B) 3.45x
*Estimated
Recent Cyber Attacks:
To give examples of how cyber attacks can be so diversified and impact every industry.
Disclosure: investing in startups carries a high degree of risk. Financial and operating risks confronting both early and developmental-stage companies, as well as more mature expansion-stage companies are significant. Many emerging growth companies go out of businesses every year. It is difficult to know how companies will grow, if at all, or what changes may occur in the market. A loss of an investor's entire investment is possible and no profit may be realized as nothing is guaranteed, ever. Investors are responsible for conducting their own due diligence.
UCLA Health System Attacked.
Disclosure: investing in startups carries a high degree of risk. Financial and operating risks confronting both early and developmental-stage companies, as well as more mature expansion-stage companies are significant. Many emerging growth companies go out of businesses every year. It is difficult to know how companies will grow, if at all, or what changes may occur in the market. A loss of an investor's entire investment is possible and no profit may be realized as nothing is guaranteed, ever. Investors are responsible for conducting their own due diligence.
According to Business Insider, “A months-long cyber attack on the University of California, Los Angeles hospital system put at risk the personal information for up to 4.5 million people, officials said Friday.
UCLA Health said in a statement that while there's no evidence hackers acquired personal or medical data, it can't be ruled out yet.
Officials said they were working with the FBI to track the source of the attacks.
The FBI said in a statement that the agency was looking into the nature and scope of the cyberattack, as well as the person or group responsible.”
Estimated Cost: $100 Million Dollars across 4 hospitals on two campuses
The Federal Government – Office of Personnel Management (“OPM”) Attacked.
Disclosure: investing in startups carries a high degree of risk. Financial and operating risks confronting both early and developmental-stage companies, as well as more mature expansion-stage companies are significant. Many emerging growth companies go out of businesses every year. It is difficult to know how companies will grow, if at all, or what changes may occur in the market. A loss of an investor's entire investment is possible and no profit may be realized as nothing is guaranteed, ever. Investors are responsible for conducting their own due diligence.
According to the OPM:
Personnel data of nearly 5 million former Federal government employees was stolen in April of 2015. This includes full names, birth dates, Social Security numbers, and home addresses.
An additional 20+ million persons’ private data were stolen from previously conducted background checks. These background checks were supposed to be “Top Secret.”
The suspect culprit: the Chinese government.https://www.opm.gov/cybersecurity/
Estimated Cost: $20 Billion Dollars over next 5 years
Ashley Madison (Website) Attacked. Online cheating site.
Disclosure: investing in startups carries a high degree of risk. Financial and operating risks confronting both early and developmental-stage companies, as well as more mature expansion-stage companies are significant. Many emerging growth companies go out of businesses every year. It is difficult to know how companies will grow, if at all, or what changes may occur in the market. A loss of an investor's entire investment is possible and no profit may be realized as nothing is guaranteed, ever. Investors are responsible for conducting their own due diligence.
According to the Krebs on Security:
Large caches of data were stolen from site AshleyMadison.com – to the tune of nearly 37 million users.
Additional user databases, financial records and other proprietary data were stolen.
The owner, “Avid Life Media (ALM) confirmed the hack… and said the company is working diligently and feverishly” to respond.
Estimated Cost: A lost IPO opportunity + $2 Billion Dollars in Revenue
Information herein provided by:
The Angel Kings Funds
#1 Way to Invest in Cybersecurity Startups
Learn more at AngelKings.com
Disclosure: investing in startups carries a high degree of risk. Financial and operating risks confronting both early and developmental-stage companies, as well as more mature expansion-stage companies are significant. Many emerging growth companies go out of businesses every year. It is difficult to know how companies will grow, if at all, or what changes may occur in the market. A loss of an investor's entire investment is possible and no profit may be realized as nothing is guaranteed, ever. Investors are responsible for conducting their own due diligence.
The author of this cybersecurity report is Ross Blankenship.http://rossblankenship.com
-Ross Blankenship is a leading expert on cybersecurity & startups.-Author of best-selling book on cybersecurity, Cyber Nation.
Disclosure: investing in startups carries a high degree of risk. Financial and operating risks confronting both early and developmental-stage companies, as well as more mature expansion-stage companies are significant. Many emerging growth companies go out of businesses every year. It is difficult to know how companies will grow, if at all, or what changes may occur in the market. A loss of an investor's entire investment is possible and no profit may be realized as nothing is guaranteed, ever. Investors are responsible for conducting their own due diligence. Learn how to invest in startups, now.