Credit: The Security Startup Challenge
Back in February 2015, Kaspersky Lab launched an online bootcamp to eye security startups around the world. The idea: to partner with other companies such as venture capital firms to form a security business accelerator and global startup competition. Here is a quote from that initial announcement:
“Technology megatrends such as mobile, cloud computing and the Internet of Things are leaving consumers increasingly, and unwittingly, exposed to cybercrooks. Perhaps more worrying is the fact that criminal syndicates operating on the Internet are as scalable as any other Internet-enabled business,” says Mangrove’s Michael Jackson, commenting on the launch in a statement. “We need to innovate our approach to cybersecurity to meet the demands of this new hyper-connected world.”
This new Security Startup Challenge is part of a wider global trend to form nonprofit business accelerators, security incubators and new company competitions to uncover fresh, innovative ideas to solve complex online cyberproblems.
What Is the Security Startup Challenge?
The Security Startup Challenge (SSC 2015) seeks to “empower startups to protect the world from cyberthreats.” Here’s how the program is described at their website:
The event has partnered with Kaspersky Lab, a major global cybersecurity player, and Mangrove and ABRT venture funds to create a three-month acceleration program which will help you transform your business. If you’ve founded a startup which offers a cybersecurity solution, input from expert industry mentors will help turn your technology into a world-class product. You’ll also benefit if your startup gets its competitive edge from security, whether your focus is in healthcare, fintech, telcos, mobile, the Internet of Things, or the Cloud.
This approach is not totally unique. Similar programs have been launched in the USA, Asia and in Europe. For example, VentureBeat reported that Cyber London (CyLon for short) was formed in January 2015 to also focus on cybersecurity in Europe. You can read about CyLon’s public-/private- sector goals here at its website.
Nevertheless, this Security Startup Challenge competition approach is perhaps the most global challenge I have seen, with the winners not tied to one particular place.
In my view, technology and security leaders in federal, state and local governments need to take note of this startup and incubator trend, and especially the solutions being offered as potential answers to evolving online problems. I have also seen many similar programs in state governments, such as Maryland, with the goal of attractive companies to their state. The U.S. federal government also has several technology startup initiatives.
Coverage of this competition was impressive by global media outlets, such as this coverage from the Philippines. Here’s a peek into some of the solutions developed by the finalists:
Security for connected cars: The automotive industry is undergoing serious disruption with the coming of connectivity in vehicles. It’s a fact: connected cars can be hacked and could be a source of fatal accidents. Startup firm Security in Motion is toying with the idea of providing security to these wired vehicles. Its software-based solution, built with Android OS, includes anti-malware protection, device fingerprinting for identifying mobile devices connected to the car, and alerts on messages from the car’s infotainment system.
Consumer protection: The consumer space is fraught with threats from malware to trojans to password stealers and more. Users are told to use complex passwords, change it every so often and never use the same passwords for different accounts. Startup firm Excalibur, however, offers to eliminate passwords and usernames with a solution that uses the mobile phone as a universal digital key.
Another team, Keygo, is promising more privacy and security for consumers through an encryption technology that can keep files, messages and chats private. Keygo encrypts data in a private cloud with a unique password that only the user has access to. Startup team Whisper, on the other hand, proposes to encrypt data to ensure that conversations and files are safe.
And the Security Startup Challenge Winners Are…
The competition finals were just held from Aug. 10-13 at the Massachusetts Institute of Technology in Boston, where $80,000 was split among four teams, with first prize being $50,000, $20,000 for second, and $10,000 for third (which was a tie).
As described in this press release, the winner announced included:
I like this summary quote from an event organizer.
"As we enter a new period marked by digital advancement and hyper-connectivity, existing cybersecurity practices need to be entirely re-thought. This initiative brought together teams from 14 countries and provided a forum for the dynamic sharing of experience. It was also fascinating to see them engage directly with industry players in banking, infrastructure, services, cybercrime, venture capital and the public sector. As well as challenging accepted ideas and approaches, they were able to test and adapt their USPs, business models and sales pitches in real time," comments David Waroquier, partner at Mangrove Capital Partners.
Here is a YouTube video, with one finalist team's interview:
As mentioned in this article for I wrote for CSO Magazine at the end of last year, security startups have a difficult time selling to most government customers. That case study looked at one attempt in Michigan to bring in new startup products from Israel, and I was very open about the challenges we faced. Eventually that company was bought by Microsoft.
And my point is that most security teams struggle to implement hot new products, even when they know they need them. There are numerous reasons for this, such as governance models, organizational culture and government procurement challenges. Regardless of the reasons, it is hard for very small or startup companies to sell bleeding-edge technology to most government organizations. I offered some tips to help vendors overcome these sales hurdles, in a followup blog.
But regardless of these past difficulties, I agree with the quote from David Waroquier that we need to think differently about implementing security solutions moving forward. The old ways aren’t working. More on that mindset next time.
My advice: Take a look at these (and other) security startup solutions and new ideas to help secure your enterprise. And learn from their approaches to bringing technology and security innovation to market.
Daniel J. Lohrmann is an internationally recognized cybersecurity leader, technologist, keynote speaker and author.
During his distinguished career, he has served global organizations in the public and private sectors in a variety of executive leadership capacities, receiving numerous national awards including: CSO of the Year, Public Official of the Year and Computerworld Premier 100 IT Leader.
Lohrmann led Michigan government’s cybersecurity and technology infrastructure teams from May 2002 to August 2014, including enterprisewide Chief Security Officer (CSO), Chief Technology Officer (CTO) and Chief Information Security Officer (CISO) roles in Michigan.
He currently serves as the Chief Security Officer (CSO) and Chief Strategist for Security Mentor Inc. He is leading the development and implementation of Security Mentor’s industry-leading cyber training, consulting and workshops for end users, managers and executives in the public and private sectors. He has advised senior leaders at the White House, National Governors Association (NGA), National Association of State CIOs (NASCIO), U.S. Department of Homeland Security (DHS), federal, state and local government agencies, Fortune 500 companies, small businesses and nonprofit institutions.
He has more than 30 years of experience in the computer industry, beginning his career with the National Security Agency. He worked for three years in England as a senior network engineer for Lockheed Martin (formerly Loral Aerospace) and for four years as a technical director for ManTech International in a US/UK military facility.
Lohrmann is the author of two books: Virtual Integrity: Faithfully Navigating the Brave New Web and BYOD for You: The Guide to Bring Your Own Device to Work. He has been a keynote speaker at global security and technology conferences from South Africa to Dubai and from Washington, D.C., to Moscow.
He holds a master's degree in computer science (CS) from Johns Hopkins University in Baltimore, and a bachelor's degree in CS from Valparaiso University in Indiana.
Follow Lohrmann on Twitter at: @govcso
Building effective virtual government requires new ideas, innovative thinking and hard work. From cybersecurity to cloud computing to mobile devices, Dan discusses what’s hot and what works in the world of gov tech.