The Security Startup Challenge: Winners Offer Innovative Ideas

The technology and security industries are struggling to keep up with an ever-growing list of problems and cyberattack vectors. There has been a consistent call for new solutions to address evolving cyberspace challenges. One popular answer: New innovative startup companies to help. In order to accelerate these companies, the 'Security Startup Challenge' was formed earlier this year by Kaspersky Lab and several partners. And now, we have the winners.

by / August 16, 2015

Security Startup Challenge Winners

Credit: The Security Startup Challenge

Back in February 2015, Kaspersky Lab launched an online bootcamp to eye security startups around the world. The idea: to partner with other companies such as venture capital firms to form a security business accelerator and global startup competition. Here is a quote from that initial announcement:

“Technology megatrends such as mobile, cloud computing and the Internet of Things are leaving consumers increasingly, and unwittingly, exposed to cybercrooks. Perhaps more worrying is the fact that criminal syndicates operating on the Internet are as scalable as any other Internet-enabled business,” says Mangrove’s Michael Jackson, commenting on the launch in a statement. “We need to innovate our approach to cybersecurity to meet the demands of this new hyper-connected world.”

This new Security Startup Challenge is part of a wider global trend to form nonprofit business accelerators, security incubators and new company competitions to uncover fresh, innovative ideas to solve complex online cyberproblems.  

What Is the Security Startup Challenge?

The Security Startup Challenge (SSC 2015) seeks to “empower startups to protect the world from cyberthreats.” Here’s how the program is described at their website:

The event has partnered with Kaspersky Lab, a major global cybersecurity player, and Mangrove and ABRT venture funds to create a three-month acceleration program which will help you transform your business. If you’ve founded a startup which offers a cybersecurity solution, input from expert industry mentors will help turn your technology into a world-class product. You’ll also benefit if your startup gets its competitive edge from security, whether your focus is in healthcare, fintech, telcos, mobile, the Internet of Things, or the Cloud.

This approach is not totally unique. Similar programs have been launched in the USA, Asia and in Europe. For example, VentureBeat reported that Cyber London (CyLon for short) was formed in January 2015 to also focus on cybersecurity in Europe. You can read about CyLon’s public-/private- sector goals here at its website.

Nevertheless, this Security Startup Challenge competition approach is perhaps the most global challenge I have seen, with the winners not tied to one particular place.

In my view, technology and security leaders in federal, state and local governments need to take note of this startup and incubator trend, and especially the solutions being offered as potential answers to evolving online problems. I have also seen many similar programs in state governments, such as Maryland, with the goal of attractive companies to their state. The U.S. federal government also has several technology startup initiatives

Solutions Offered

Coverage of this competition was impressive by global media outlets, such as this coverage from the Philippines. Here’s a peek into some of the solutions developed by the finalists:

Security for connected cars: The automotive industry is undergoing serious disruption with the coming of connectivity in vehicles. It’s a fact: connected cars can be hacked and could be a source of fatal accidents. Startup firm Security in Motion is toying with the idea of providing security to these wired vehicles. Its software-based solution, built with Android OS, includes anti-malware protection, device fingerprinting for identifying mobile devices connected to the car, and alerts on messages from the car’s infotainment system.

Consumer protection: The consumer space is fraught with threats from malware to trojans to password stealers and more. Users are told to use complex passwords, change it every so often and never use the same passwords for different accounts. Startup firm Excalibur, however, offers to eliminate passwords and usernames with a solution that uses the mobile phone as a universal digital key.

Another team, Keygo, is promising more privacy and security for consumers through an encryption technology that can keep files, messages and chats private. Keygo encrypts data in a private cloud with a unique password that only the user has access to. Startup team Whisper, on the other hand, proposes to encrypt data to ensure that conversations and files are safe.

And the Security Startup Challenge Winners Are…

The competition finals were just held from Aug. 10-13 at the Massachusetts Institute of Technology in Boston, where $80,000 was split among four teams, with first prize being $50,000, $20,000 for second, and $10,000 for third (which was a tie).

As described in this press release, the winner announced included:

  • The first place, $50,000 and post-program support went to Excalibur. The company provides seamless authentication to any legacy system such as PC/Mac/webpage to help mankind move away from passwords using a phone as a security token.
  • The second place and $20,000 went to Pipe, a secure browser-to-browser file transfer service without a file size limit.
  • The third place and $10,000 was shared by two teams -- Cyber DriveWare, a company that provides enterprises and critical infrastructures the ability to protect themselves against malware related business disruption attacks via a patent-pending paradigm consisting of filter drivers and unique meta-data analyses; and ZeroDB, developer of an end-to-end encrypted database without exposing data or keys to the server.

I like this summary quote from an event organizer.

"As we enter a new period marked by digital advancement and hyper-connectivity, existing cybersecurity practices need to be entirely re-thought. This initiative brought together teams from 14 countries and provided a forum for the dynamic sharing of experience. It was also fascinating to see them engage directly with industry players in banking, infrastructure, services, cybercrime, venture capital and the public sector. As well as challenging accepted ideas and approaches, they were able to test and adapt their USPs, business models and sales pitches in real time," comments David Waroquier, partner at Mangrove Capital Partners.

Here is a YouTube video, with one finalist team's interview: 

Final Thoughts

As mentioned in this article for I wrote for CSO Magazine at the end of last year, security startups have a difficult time selling to most government customers. That case study looked at one attempt in Michigan to bring in new startup products from Israel, and I was very open about the challenges we faced. Eventually that company was bought by Microsoft.

And my point is that most security teams struggle to implement hot new products, even when they know they need them. There are numerous reasons for this, such as governance models, organizational culture and government procurement challenges. Regardless of the reasons, it is hard for very small or startup companies to sell bleeding-edge technology to most government organizations. I offered some tips to help vendors overcome these sales hurdles, in a followup blog.

But regardless of these past difficulties, I agree with the quote from David Waroquier that we need to think differently about implementing security solutions moving forward. The old ways aren’t working. More on that mindset next time.

My advice: Take a look at these (and other) security startup solutions and new ideas to help secure your enterprise. And learn from their approaches to bringing technology and security innovation to market. 

Dan Lohrmann Chief Security Officer & Chief Strategist at Security Mentor Inc.

Daniel J. Lohrmann is an internationally recognized cybersecurity leader, technologist, keynote speaker and author.

During his distinguished career, he has served global organizations in the public and private sectors in a variety of executive leadership capacities, receiving numerous national awards including: CSO of the Year, Public Official of the Year and Computerworld Premier 100 IT Leader.
Lohrmann led Michigan government’s cybersecurity and technology infrastructure teams from May 2002 to August 2014, including enterprisewide Chief Security Officer (CSO), Chief Technology Officer (CTO) and Chief Information Security Officer (CISO) roles in Michigan.

He currently serves as the Chief Security Officer (CSO) and Chief Strategist for Security Mentor Inc. He is leading the development and implementation of Security Mentor’s industry-leading cyber training, consulting and workshops for end users, managers and executives in the public and private sectors. He has advised senior leaders at the White House, National Governors Association (NGA), National Association of State CIOs (NASCIO), U.S. Department of Homeland Security (DHS), federal, state and local government agencies, Fortune 500 companies, small businesses and nonprofit institutions.

He has more than 30 years of experience in the computer industry, beginning his career with the National Security Agency. He worked for three years in England as a senior network engineer for Lockheed Martin (formerly Loral Aerospace) and for four years as a technical director for ManTech International in a US/UK military facility.

Lohrmann is the author of two books: Virtual Integrity: Faithfully Navigating the Brave New Web and BYOD for You: The Guide to Bring Your Own Device to Work. He has been a keynote speaker at global security and technology conferences from South Africa to Dubai and from Washington, D.C., to Moscow.

He holds a master's degree in computer science (CS) from Johns Hopkins University in Baltimore, and a bachelor's degree in CS from Valparaiso University in Indiana.

Follow Lohrmann on Twitter at: @govcso