Uncategorized

We speak to Pankit Desai, co-founder and CEO of ICE71 Scale start-up Sequretek, one of the Financial Times’ most promising APAC companies—and more recently a RAISE2020 awardee—about what it takes to get to such business apexes.

Q: What do you do at Sequretek?

I am co-founder and CEO at Sequretek, with primary responsibilities around business development, operations and fundraising. Prior to Sequretek, I have had leadership stints with IBM, Intelligroup, NTT Data for over two decades.

Sequretek offers solutions in Endpoint Detection Protection and Response (EDPR), Identity Governance and Administration (IGA), and Managed Detection and Response (MDR). A combination of our products and a 24×7 managed security services, covers majority of the problems that an enterprise might encounter.

Q: Can you share an example or two where Sequretek has helped your client to achieve simplicity in terms of security? 

Let me take two examples on opposing ends of a size spectrum.

One of the largest private sector bank (5,000+ branches) with over 125,000 employees and 700+ applications/services was struggling to get an answer to this question of “who has access to what”? They tried implementing traditional identity management solutions, but after spending a few million dollars and over two years, their coverage was barely 5% of the technology landscape. They evaluated Sequretek’s IGA and they were able to implement the product in six months and have covered more than 50% of the technology landscape, with balance being targeted for completion within the year. Their compliance organization which used to scramble resources every year before the regulatory audit or User Access Review requirements, now is able to get all of it done through a simple dashboard report.

India is home to over 1,500 co-operative banks. Most of these banks are in the rural areas and serve the farmers and poor people. These banks have been the backbone through which most of the government schemes for underprivileged get distributed. Over the past few years, these banks have invested in technologies to stay abreast of the transformation that is impacting the sector, and with it there have been several high profile cyber breaches. There is now significant pressure from the local regulator to invest in security to mitigate the risks. Most of these banks, lack skillset to understand what security measures they need to undertake to improve their security. We worked with their industry body to create a program that build a security framework around offerings that allowed these banks to improve their compliance and security posture without burning a hole in their pocket. The program had several technology awareness sessions, across the hierarchy, that were baked in to improve their appreciation of technology, till date over 1,000 people have undergone this training.

Q. Sequretek was rated as one of APAC’s fastest growing companies by the Financial Times for 2020. Congratulations! Can you share with us what got you here today, perhaps your business mantra for aspiring cybersecurity entrepreneurs?

Early this year Financial Times picked us as one of the fastest growing companies (#206/500) in APAC and just very recently, we were recognized as a winner in the category of tech centric companies sector agnostic applicability, at RAISE2020 a global AI event hosted by the government of India. While the first one was all about the financial success of the company, the second is a vote of confidence on our technology and ability to execute in the marketplace.

As an entrepreneur, it is indeed quite redeeming to see the company get to where it is today. While it may sound cliched, our mantra has always been “do right by your customer” and the rest will follow. We have put that thought process into practice and I am proud to see our customers’ stand by us through thick or thin. It doesn’t matter how good your product is, or how good of a team you have built for yourself, if you are not in a position to get a happy customer, it will not get you anywhere. As a company, we have barely spend any money in marketing, it is customer referrals that have allowed us to scale year on year.

Q: How is the cybersecurity sector like in India and Singapore, are opportunities and challenges the same? What are prospects you see in Singapore and the greater APAC region?

For most part cybersecurity in industry and geography agnostic, this has allowed most companies in this space therefore to scale without much requirements for localization as compared to some of the other technology areas. Having said that, there are nuances from a tech maturity levels perspective and local regulatory norms, that may change how customers in different parts of the world perceive the need for security. In India, you will find companies at the top end of the spectrum who have used technology to differentiate themselves at global scale and are understandably quite ahead in their security journey. On the other hand there are millions of small and medium enterprises for whom security is almost an alien concept, which is where most of the recent attacks are concentrated.

If I was to look at APAC region, one will find companies in Singapore for most part will be well versed in technology usage and a much better appreciation for the need in investing in cybersecurity. However, there are countries in south east Asia that are not at the same level, and the challenges that I mentioned earlier will definitely be present. I see our message of “Simplify Security” resonate across the region, for this very reason.

Q: Describe cybersecurity in less than 30 words.

Cybersecurity is an enabler to your transformation and not an inhibitor.

Here’s the latest news roundup on our ICE71 startups:

• ICE71 Scale start-up Bitglass has been featured in this interview with TechDay
• Chainkit, an ICE71 Accelerate alum, has signed a distribution deal with DNA Connect
• ICE71 Accelerate alum GamaSec has appointed Tech Wise Solutions as its distributor in Africa
• ICE71 Accelerate alum Kinnami has joined Space Camp, a space tech accelerator programme by U.K.’s Seraphim Capital
• ICE71 Scale start-up Red Piranha shares how it managed to secure a $5 million deal through cyber speed dating in Jakarta
• Attivo Networks, an ICE71 Scale company, has been named “Threat Detection Solution Provider of the Year” by CyberSecurity Breakthrough Awards
• ICE71 Scale company CYFIRMA has released a Southeast Asia (SEA) and Japan Threat Landscape Report predicting the cybersecurity challenges for the second half of 2020

More news on ICE71 and our startups here.

Here’s the latest news roundup on our ICE71 startups:

• ICE71 Scale company Attivo Networks has been named a finalist for the New Zealand Reseller News Innovation Awards 2020 and its CFO, Jilbert Washten, has been named a winner at Finance Monthly CFO Awards 2020
• Cyble, an ICE71 Scale company, has launched AmiBreached – a data breach monitoring mobile app which scores users exposure in the deepweb and darkweb
• The acquisition of ICE71 Scale start-up Shape Security by F5 Networks has been named one of the biggest M&A deals of 2020
• Red Piranha, an ICE71 Scale start-up, has officially been licenced with the widely trusted “Australian Made” certification trademark
• ICE71 Scale company CYFIRMA has been awarded the “2020 Asia-Pacific Cyber Intelligence Technology Innovation Leadership Award” in the Frost & Sullivan 2020 Best Practices Awards
• ICE71 Accelerate alum Kinnami among 10 semi-finalists in $20K competition focused on dual-use technology hosted by UMass Lowell Research Institute.

More news on ICE71 and our startups here.

Here’s the latest news roundup on our ICE71 startups:

• ICE71 Accelerate alum Keyless has closed a $2.2M funding round, bringing total funds raised to $6.2M since 2019.
• ICE71 Scale start-up Digital Shadows has been named among Top 10 funded cybersecurity start-ups in the UK this year.
• In recognition of women who have advanced the cybersecurity industry in Singapore, WISECRA, MySecurity Media and ICE71 Scale start-up Responsible Cyber have partnered to announce the ‘Top 20 Women In Cyber Security in Singapore’.
• ICE71 Scale start-up Attivo Networks has clinched three awards in different categories at the 2020 IT World Awards, and nominated a Security Vendor of the Year Finalist in the Australian Reseller News Innovation Awards 2020.

More news on ICE71 and our startups here.

Here’s the latest news roundup on our ICE71 startups:

• CYFIRMA, an ICE71 Scale start-up, has been listed among the Top 100 Cybersecurity Start-ups for 2020 by Cyber Defence Magazine. The company has also just announced their new cloud-based, AI-powered cybersecurity platform designed for businesses.
• Carolyn Crandall and Sarah Ashburn of ICE71 Scale start-up Attivo Networks has been nominated for Cyber Defence Magazine’s Top 100 Women in Cybersecurity for 2020
• neoEYED CTO Tamaghna Basu’s Black Hat USA 2020 presentation on identity attacks using AI clones has been covered by Dark Reading in an in-depth report. The ICE71 Accelerate alum has also shared more about his experiment in a video interview with the Dark Reading News Desk
• ICE71 Scale company, Cyble, has discovered leaked user records of UberEats on the DarkWeb, and uncovered abuse of government and college sites to promote malware material

More news on ICE71 and our startups here.

In the RSA Conference APJ 2020 session “Getting the security and flexibility balance right in a COVID-19 world”, Magda Chelly, co-founder of Responsible Cyber shared her insights around digital transformation and security risk considerations in current times.

It’s ultimately about productivity
Improved and continuous productivity is a key driver of digital transformation for companies. It is less about regulatory or cybersecurity reasons. “In terms of APAC, I noticed that digital transformation adopted by companies are very much related to a sense of speed, to allow productivity to continue for employees.”

Amid COVID-19, health measures around the world have made remote work a necessity rather than an option. This need in turn pushes for digital transformation for many companies.

The perimeter is dead: Security without boundaries
With COVID-19 accelerating digital transformation, enabling employees to work from anywhere, cybersecurity risks are emerging with increasing prevalence of cyber attacks due to this flexibility of working.

There are COVID-19-themed attacks (link) in the form of phishing, malware and others, all of which exploit what makes us human, and contribute to an increased number of enterprise attack vectors. “As usual, the weakest link is the human factor,” Magda shared. Human fallibility remains to be the enemy of control, especially with phishing attacks.

On endpoint management, she cautions that companies might still be exposed to different risk scenarios. She cited an example on passwords. “We have seen new policies that passwords should not rotate, for example, but if your employees are working from home, and eventually working from their own devices, they are using those devices to perform business activities. They might be using
the same password for their social media and corporate accounts.”

And there are other unpredictable risk scenarios. Besides their own home WiFi, employees could be on insecure and uncontrolled networks in quarantining hotels, and VPNs may not work here. They might also have technical difficulties with work email and end up using their personal email, another bane of security.

New approaches to security
Magda urges cybersecurity professionals and leaders to go out of their comfort zone and adopt a data-driven mindset when it comes to assessing emerging cyber risks. “Have your 3, 5, 10 new emerging cyber risk scenarios, and then quantify them.” She recommends cross-collaboration with other business teams like IT and compliance to uncover factors for quantifying data, particularly those that make sense and matter to stakeholders.

When it comes to cyber resilience and awareness building, cybersecurity professionals need to increase their visibility and reachability within the business, not just through traditional means of communication like newsletters which can seem distant.

And as they say, the perimeter is dead. The future of security lies in a non-perimeter-based approach – and zero trust, which places users at the centre of the security strategy.

Magda is a thought leader and frequent speaker at cybersecurity forums and events. She is a valuable member of the ICE71 community, and her start-up Responsible Cyber is both an ICE71 Accelerate alum and an ICE71 Scale company.

ICE71 is a proud community partner of RSA Conference APJ 2020. Watch conference content on demand here.

Here’s the latest news roundup on our ICE71 startups:

• Scantist, ICE71 Accelerate alum, and Amaris.AI, ICE71 Scale start-up, are amongst 9 cybersecurity firms to be awarded up to $1M funding to defend Singapore’s critical systems and smart nation projects.
• In a report by Business Times, co-founder of ICE71 Scale company, Polaris Infosec, Lee Heng Yu, has commented on the inadequacies that SMEs face in data protection and highlighted that attacks passing through its network have more than doubled in the first half of 2020.
• Beenu Arora, founder and CEO of ICE71 Scale start-up, Cyble, has cited proper implementation and management of IAM practices amongst other measures in this Forbes feature on successful adoption of “zero-trust” strategies.
• Attivo networks, an ICE71 Scale start-up, has revealed 3 products to compete in the 2020 ‘ASTORS’ Awards Program.
• ICE71 Scale company, neoEYED, has been named as one of the top 3 innovators of 2020 by UniCredit StartLab.
• Start-ups Seconize (ICE71 Accelerate alum), Uniken (ICE71 Scale), and SequreTek (ICE71 Scale), are among 8 start-ups named for ground-breaking innovations essential to secure remote working environments.
• Votiro, an ICE71 Scale company, has formed a partnership with Thales for government cybersecurity.
• Red Piranha, an ICE71 Scale start-up, has created the first electronic Chief Information Security Officer (eCISO) service.
• ICE71 Scale start-up, Digital Shadows, has announced solution integration within project tracking platform, Atlassian Jira.

More news on ICE71 and our startups here.

Here’s the latest news roundup on our ICE71 startups:

• ICE71 Accelerate startup, neoEYED, collaborates with Japan Communications Inc. to strengthen FPoS using mobile AI analysis and authentication.
• 16 ICE71 Accelerate startups raise $18 million collectively since July 2018; to fund next stage of growth.
• Chainkit, ICE71 Accelerate company, partners with Carahsoft to offer military grade solutions with deep tamper detection and absolute compliance attestation, empowering law enforcement and federal agencies with robust cybersecurity tools.
• ICE71 Scale alum, GTRIIP, reinvents hotel check-in with mobile application using artificial intelligence and machine learning, reducing check-in time and bringing convenience for users amidst the COVID-19 pandemic.
• Digital Shadows, ICE71 Scale startup, announce new capabilities within its SearchLight solution to enable organizations to track whether credentials exposed in data breaches are ‘valid’ and hence a current risk.
• Magda Chelly of ICE71 Scale startup, Responsible Cyber, discusses the global infosec landscape and speaking at RSA Conference 2020.
• ICE71 Scale startup, Votiro, partners with M.Tech to offer new cybersecurity solutions for Asia-Pacific market.
• Another ICE71 Scale company, Attivo Networks, announces solutions integrations with FireEye which offer real-time, in-network threat detection and automated response.
• ICE71 Accelerate firms, Cyble and Seconize, give their take on opportunities and vulnerabilities faced by the cybersecurity industry in the “new normal”.
• Emilie Philippe of ICE71 Scale company, Webdrone, talks about cybercrime fighting with ‘virtual e-drones’.
• Scantist, ICE71 Accelerate startup, shares how the company was formed after finding critical vulnerabilities in the widely used Adobe Reader software.

More news on ICE71 and our startups here.

Here’s the latest news roundup on our ICE71 startups:

• ICE71 Accelerate alum Aiculus bags close to SGD1mil in seed funding led by Cocoon Capital.
• Nine cybersecurity startups in cohort 4 of ICE71 Accelerate (Assimil8, Chainkit, GamaSec, Guardara, Kapalya, Kinnami, neoEYED, Olympus Sky Technologies, and Scantist) took a virtual Demo Day stage on 25th June to pitch their innovative solutions. Read the e27 story. Demo Day also mentioned in Yahoo! Finance, Markets Insider, AsiaOne, SBR Daily Briefing and more.
• ICE71 Accelerate alum GuardRails CEO and co-founder Stefan Streichsbier talks about security for the DevOps age.
• ICE71 Accelerate alum GamaSec partners with Tech Wise to offer enterprise-level cybersecurity to SMMEs
• ICE71 Scale startup Privasec’s subsidiary DroneSec has released its first SaaS threat intelligence platform for the drone, counter-drone, and UTM system industries.
• Uniken, an ICE71 Scale startup was recently acclaimed by Frost & Sullivan for enhancing identity and access control with its Mobile-first REL-ID Solution.
• Sequretek, an ICE71 Scale company has been selected as one of 10 start-ups to participate in the upcoming FIS 2020 Fintech Accelerator. The programme, based the US, will be held online; it aims to identify and foster startup financial technology firms with promising technologies that can be used in banking and finance.
• Cyfirma, another ICE71 Scale startup, was mentioned in this Straits Times article about a potential phishing campaign using a fake Singapore Ministry of Manpower (MOM) email address.
• ICE71 Scale company Shape Security took home the award for Application Security – Medium-sized Company at the 2020 Fortress Cyber Security Awards. The company was also named one of “10 hot cybersecurity companies to follow in July 2020” by Cybercrime Magazine.

More news on ICE71 and our startups here.

Did you know that our ICE71 Accelerate past cohort alums have been making waves in the news? These include:

• GuardRails has raised 1mil in seed round led by Cocoon Capital
• Keyless was featured on Singapore Business Review’s 20 Hottest Startups and has bagged $2.2m in pre-seed money
• Cyble is in Forbes’ list of The 20 Best Cybersecurity Startups To Watch In 2020 and has been quoted many times on the media for reporting cyber threats such as the discovery of 500,000 Zoom credentials sold over the dark web
• 689Cloud has integrated into Ricoh’s New Document Protection Service to Enable Secure Document Tracking

..and many more!

Meet the cohort 4 startups! Watch Demo Day at https://www.accelerate4-demoday.ranosys.net/client/ice_71/

As mobility and smart cities are developing, cybersecurity is becoming the hottest ticket to investing. Michael Blakey, Managing Partner and co-founder of Cocoon Capital shared his insights as an experienced angel investor and VC leader at this ICE71 Investor Series webcast.

Why invest in cybersecurity?

The amount of data and things that need to be secured is growing on a regular basis. Security business is fast-paced, with unfilled gaps along with rising technologies.

For large corporations and even governments, Michael said, “The big fear at the moment is not about the technology. It’s not about the IoT nor the smart devices, it’s about whether we will lose control (and be vulnerable to attacks). You’ve got to protect all these little devices, the cars and everything else which are moving around, and it’s much harder to do.”

There will be huge investment opportunities for cybersecurity companies if they can solve a relevant problem waiting to be solved. He opines, “If cybersecurity companies get their solution right, they can grow very quickly.”

Newbie tech investors: Good to know

For tech investments, it would take about 7 to 8 years before you see any returns, said Michael to would-be tech investors.

New investors can join other investor networks to gain experience and learn from them. This would also generate better deal flows as like-minded investors come together. “In Singapore, there’s a number angel investor networks like Angel Central and Bansea, you can join them and find people that have similar interest (in terms of the type of investee companies), and these people might be a little bit more experienced, people whom you can learn from. You can start small and learn through your mistakes. How everybody does investing would be different, there aren’t many many wrong ways of doing this but definitely not one right way of doing,” Michael shared.

People, especially founders, are key to an investor’s decision

A lot of emphasis is given to the founding teams when investors like himself needs to make a decision on what to invest in, especially when he can only invest in a few startups per year.

Founders must have the ability to build good teams that will consequently see through their product development and take to market. They should also have extensive market experience within the market of their target customer, particularly in cybersecurity. Any founder should correctly define the problem statement in those few crucial slides of their pitch deck. They must stand out to investors in the way they approach them. To Michael, demonstrating efforts in doing so would translate to how the same founder would attract a potential customer, a proof point for an investor to take the leap of faith.

Michael cites an example of investing in an ICE71 Accelerate cohort 2 startup, GuardRails, even though it is unusual to invest in a one-man team: “We invested in (one of your accelerator cohort companies, which was pretty much a one-person company and (the founder) had a couple of contractors that were were helping him. We spent a lot of time getting to know them figuring out if they have the right skill set, not just to build a technology but to build a team to one of the leadership capabilities.”

The other factors that influences his decisions as an investor include whether the startup is solving a real problem, and timing.

“Are they solving a real problem? I see some amazing technology that’s being built. But quite often, it’s technology that’s looking for a problem, not the other way around,” Michael lamented. “This is why I do more B2B than B2C. It’s harder with the consumers. With B2B, cybersecurity is (a real issue) that the board discusses.” He points out that cybersecurity is quite an interesting space to be in because it is something every board of every major corporation is concerned about. On timing, he’d ask if the cybersecurity startup is coming in too early or too late. He’d also ask, ”Where are they in terms of where the spaces (of opportunities) are?”

Investing in cybersecurity post COVID-19

Investing will still continue, albeit at a much slower pace, so founders need to work a little bit harder and yet lower their expectations of fundraising.

He said, “The reality is, as you might have noticed, I never talked about traction, rather I’m looking at people. Whether it’s today, last year, or next year, good teams are still good teams. And if you talk to most people who’ve been around long enough, they’ll all say the best investments they have ever made are the ones in a downturn. So, for founders, you’ll just have to work that a little bit harder. Change your expectations. If you were looking to raise one and a half million, maybe reduce the target funding amount and expect the fundraising period to take longer.”

He cautions that valuations are going to be around 20 to 30% of what companies would have gotten in 2019. To tide through COVID-19 effects, he advises startups to look into sensible cost-cutting, like making necessary salary cuts to prep for the worst, and also demonstrate adaptability during this time.

Watch the full video to learn more!

Be a part of our ICE71 community for more updates like this. Join our mailing list.

We caught up with Mitali Rakhit of Guardara, a member of ICE71 Accelerate’s fourth cohort.

Q: Tell us more about yourself.

I’m Mitali Rakhit, CEO and co-founder of Guardara, and we’re based in London, UK.

Q: What inspired you to start your startup? What is your goal or dream for your startup?

My cofounder and CTO, Zsolt Imre, used an early prototype of our product at the world’s largest telecommunications device manufacturer, and was able to find more security and QA issues than a leading competitor. The client wanted to buy the product.

At Guardara, we are passionate about building a world with more secure code. Our dream is to be able to move fuzz testing earlier into the software development lifecycle and to be able to automate it completely.

Q: What is the problem you want to solve with your product or solution? Tell us more about your solution.

FuzzLabs is focused on fuzz testing for quality assurance. FuzzLabs can find more issues faster, is easier to integrate and more flexible. We are making the product as easy to use as possible in order to reach a wider audience.

Q: Who might find use for your solution?

Enterprise product security teams that work on high-availability products, such as ICS, IoT, medical devices, telecom, defense, aerospace, and automotive solutions.

Q: What have you enjoyed the most being a part of the ICE71 Accelerate programme?

I have enjoyed getting to work with our fantastic mentors and peers in the cohort. I have learned that good things take time, and persistence is the key to success.

Learn more about Guardara at guardara.com

We caught up with Stephanie Robinson of Assimil8, a member of ICE71 Accelerate’s fourth cohort.

Q: Tell us more about yourself.

I’m Stephanie Robinson, CEO and co-founder of Assimil8. We’re based in Brisbane, Australia.

Q: What inspired you to start your startup? What is your goal or dream for your startup?

Assimil8 was formed in 2018 as I was struggling to bring together data sets from disparate systems in order to make high level
recommendations for relationship management – specifically, I could not see how relationships were connected without completing a time consuming and manual process.

Working together with my CTO and co-founder Simon Robinson to develop the IDRIS tool – a cybersecurity solution by our startup Assimil8 – has been an amazing experience. Having spent most of our lives overlapping careers, it’s been especially rewarding to move forward with IDRIS together by means of Assimil8.

Over the years we have had many ideas, but IDRIS was really the one we felt most strongly had all the ingredients for success, to meet a genuine need in a growing market. Our goal is to find partners who can recognise both the immediate cybersecurity market opportunity and the wider applications of this technology.

Q: What is the problem you want to solve with your product or solution? Tell us more about your solution.

We know that SMEs are asking for better value from their cybersecurity providers, more efficiency at a lower cost. We also know that SMEs are not only more likely to be the target of an attack, but that an attack is far more likely to result in the closure of the business.

Most SMEs receive raw threat data via a tool created for enterprise, so we asked ourselves this – why is there nothing on the cybersecurity market designed for this part of the economy, given that these businesses support close to three quarters of jobs worldwide? We believe it comes down to three critical factors – cost, skills and psychological barriers. It is not easy to get good cybersecurity advice, and to understand or act on it.

Our solution IDRIS utilises sophisticated graph technologies to provide visual network views, which allow the user to identify anomalies or patterns for investigation, without the need for high-level technical skills. IDRIS does not come with an enterprise licence fee, and with IDRIS it is far easier to interpret results than traditional rows of raw data. The tool can provide a view of threats across an entire network, increasing the likelihood of identifying a threat and, crucially, its connections within that network.

Q: Who might find use for your solution?

More than three quarters of small and medium sized businesses expect at least half of their cybersecurity needs to be outsourced within the next five years, and 78% of these businesses plan to invest more in cybersecurity within the next year, according to the results of a 2019 Continuum survey of global SMEs.

Our plan is to provide these outsourced service providers with a competitive edge in an increasingly competitive market. IDRIS will be launched using an open source model, and we would like to set the bar that any good forensic analyst service would be using IDRIS. Think of IDRIS as plain English for network threat identification.

Q: What have you enjoyed the most being a part of the ICE71 Accelerate programme?

Learn more about Assimil8 at assimil8.com.au

 

We caught up with Valentin Bercovici of Chainkit, a member of ICE71 Accelerate’s fourth cohort.

Q: Tell us more about yourself.

I am Valentin (Val) Bercovici, Founder and CEO of Chainkit, based in San Francisco, California, USA.

Q: What inspired you to start your startup? What is your goal or dream for your startup?

What inspires me every day is about levelling the playing field for victims of cyber crime and attacks – creating the next great cybersecurity company!

Cybersecurity has an existential crisis around the stealth of attacks. Privileged (admin or root) accounts are easily abused by malicious insiders and external bad actors alike. And with those escalated privileges, they execute their attack chains and cover their tracks with impunity. Balancing the canonical C-I-A Security Triad/Triangle with stronger integrity solutions for deep (military-grade) tamper-detection, solves this existential crisis.

At Chainkit we want to leverage absolute integrity to deliver the power of Provable Computing to the IT/OT industries. All layers of the computing stack (from transistors in processors to OSI L1-L7) only execute mathematically provable code, processing only authenticated data. All tampered code or data is immediately detected and isolated. This is the ultimate extension of the zero trust concept – beyond identity, endpoint and custom network segment.

Q: What is the problem you want to solve with your product or solution? Tell us more about your solution.

39% of cyber attacks are reported undetected by broad customer surveys – only during post-mortems by forensic investigators. Chainkit for Splunk and Elastic reduces undetected attacks by adding early visibility to deep tampering via military-grade detection of anti-forensic techniques. Before the attacks, Chainkit detects more insider threats, reduces dwell times, improves attribution and maximizes integrity monitoring for compliance.

Q: Who might find use for your solution?

Chainkit is a horizontal solution with a USD $1 billion addressable market today. We prioritize our sales on the most attacked industry verticals (government, financial services and healthcare). We offer specific value propositions for security analysts, threat hunters, compliance officers or auditors, and digital forensics investigators.

Q: What have you enjoyed the most being a part of the ICE71 Accelerate programme?

Learn more about Chainkit at chainkit.com

 

We caught up with Sudesh Kumar of Kapalya, a member of ICE71 Accelerate’s fourth cohort.

Q: Tell us more about yourself.

I’m Sudesh Kumar, founder and CEO of Kapalya. We started Kapalya in Honolulu, Hawaii, but since 2018, we have moved to Berkeley, California which is in the San Francisco Bay Area in the US.

Q: What inspired you to start your startup? What is your goal or dream for your startup?

It all started when I was tasked by the Hawaii State CIO to protect the 2016 presidential elections data from getting hacked. During that process, I discovered that no vendor had a comprehensive encryption management solution, so we decided to build such a solution and that was the inception point of Kapalya.

Q: What is the problem you want to solve with your product or solution? Tell us more about your solution.

The main problem we are solving is encryption key management across any organization, regardless of where that organization’s data resides – be it on laptops, desktops, smartphones, tablets, public clouds, virtual desktop environments and enterprise file-servers. We call it the Encryption Management Platform (EMP).

Q: Who might find use for your solution?

Since our inception was from the government, they are first target customers. However, our solution is good to be used by any industry and vertical, as all of them are susceptible to ransomware attacks – these include healthcare, legal firms, software development companies, accounting firms, financial services, oil and gas, manufacturing, logistics, insurance companies, to name a few.

Q: What have you enjoyed the most being a part of the ICE71 Accelerate programme?

Our biggest value derived from the ICE71 program is the level of connections made so quickly within SingTel, NUS, Trustwave, CSA and NCL. All of these are extremely valuable partnerships for us, which would have been very difficult to obtain on our own.

Watch Kapalya pitch at ICE71 Accelerate 4 Virtual Demo Day on 25th June!

Learn more about Kapalya at kapalya.com

 

We caught up with Avi Bartov of GamaSec, a member of ICE71 Accelerate’s fourth cohort.

Q: Tell us more about yourself.

I’m Avi Bartov, CEO and co-founder of GamaSec, a company based in Tel Aviv, Israel.

Q: What inspired you to start your startup? What is your goal or dream for your startup?

GamaSec was founded in 2006 with a mission to lower risk for small businesses. Back then, we were a security solutions advisor.

In 2017, we made a strategic decision to create alliances and partnerships with insurance companies. We realised that cyber insurance is going to see more focus with insurers worldwide, but most insurers do not have the background or the expertise in order to provide this kind of service. The missing piece of the puzzle was the growing need for a partnership between a cybersecurity company and an insurance company. Here’s where and how we come in — our technology, when bundled with cyber insurance policies provided by our insurance partners, reduce their exposure and increase their brand awareness.

Q: What is the problem you want to solve with your product/ solution? Tell us more about your solution.

GamaSec provides a pre-breach virtual hacker technology designed to prevent cyber attacks, minimizing the exposures that cyber insurance policyholders face, instead of just risk mitigation.

Right now, we are working towards the next generation pre-breach cybersecurity for insurance carriers – with GamaEye. GamaEye is a powered GamaSec Patent technology that enables businesses of all sizes to detect combat and recover from web cyber-attacks in real time significantly reducing the risk of data breach.

It is a web attack detection technology that uses changeable deception elements to identify and reveal malicious activity targeted at business websites.

Q: Who might find use for your solution?

Insurance providers and brokers that are providing cyber insurance policies to small to medium-sized business owners. These parties would be our potential channel partners.

By blending in this next-level detection and prevention technology with their cyber insurance policies, our insurance partners would be able to reduce exposure and increase brand awareness.

Q: What have you enjoyed the most being a part of the ICE71 Accelerate programme?

Meeting people from different backgrounds and learning from their experiences, which helped the cohort members get feedback in improving our respective companies.

Watch GamaSec pitch at ICE71 Accelerate 4 Virtual Demo Day on 25th June!

Learn more about GamaSec at gamasec.com

 

Here’s the latest news roundup on our ICE71 startups:

• Cyble, an ICE71 Scale startup, is listed in Forbes’ 20 best cybersecurity startups to watch in 2020, based on a methodology that equally weighs a startup’s ability to attract new customers, current and projected revenue growth, ability to adapt their solutions to growing industries and position in their chosen markets.
• In a separate news on Silicon.co.uk regarding a potential data compromise affecting popular maths site Mathway, Cyble was quoted saying that hacking group called Shiny Hunters began selling the database of more than 25 million Mathway user credentials on illicit websites in early May, offering it for $4,000 (£3,285) in cryptocurrency.
• ICE71 Scale startup Cyfirma is quoted in this Straits Times article about the recent cyber attack on ST Engineering’s US subsidiary. According to the cybersecurity firm, a group of hackers known as the Maze group had attacked VT San Antonio Aerospace and put about 50 megabytes of leaked data on the Dark Web and public forums.

More news on ICE71 and our startups here.

 

We caught up with Rohan Sood of Scantist, a member of ICE71 Accelerate’s fourth cohort.

Q: Tell us more about yourself.
I’m Rohan Sood, Head of Operations at Scantist. We’re an NTU spin-off based in Singapore.

Q: What inspired you to start your startup? What is your goal or dream for your startup?

The cyber-security lab (CSL) at NTU found multiple vulnerabilities in popular commercial software from Adobe, Apple and the likes as a part of it’s binary-level security analysis. These vulnerabilities were recognized by the vendor companies – leading to significant bug-bounty awards to the research team.

The ability to find commercially relevant vulnerabilities in some of the most sophisticated software platforms and products led us to believe that we had a unique value proposition to share with the world. We started Scantist with an objective to translate our research activities into a viable product that could be used to identify such vulnerabilities before the software is released.

Our vision is a world where applications function flawlessly – the way they were intended, without concerns for security. We aspire to be the one-stop shop for application security.

Q: What is the problem you want to solve with your product/ solution? Tell us more about your solution and who might find use for it.

While cybersecurity has traditionally focussed on network and infrastructure layers, the application layer is emerging to be the preferred battleground for hackers and adversaries worldwide. Breaches like Equifax, Panama Papers and a host of Heartbleed-related attacks were all made possible owing to vulnerabilities in business-critical applications.

Scantist Software Composition Analysis (SCA) provides a developer-centric solution that integrates with existing workflows to proactively manage known vulnerabilities in software applications. Scantist SCA is the only tool that effortlessly scans all binary and open source code in a single integrated platform to provide targeted remediation advice with an extremely high-degree of accuracy.

Any organization – small or large – which develops or maintains software applications as a part of its core business operations is a potential customer for Scantist.

We are currently focussed on markets in Singapore, ASEAN and China.

Q: What have you enjoyed the most being a part of the ICE71 Accelerate programme?

With cohort members as well as mentors from across the globe, we have really enjoyed looking at cybersecurity from a much-broader perspective than we previously had owing to our existing engagements being limited to the Singapore/ASEAN region. It has allowed Scantist to evolve and broaden its horizons by working towards being a global brand.

Watch Scantist pitch at ICE71 Accelerate 4 Virtual Demo Day on 25th June! 

Learn more about Scantist at scantist.com

 

Here’s the latest news roundup on our ICE71 startups:

• Insurtech Israel featured GamaSec’s founder who explained how cyber insurers can reduce exposure and increase brand awareness among SME clients, by adding into their insurance offering a pre-breach technology. GamaSec is an ICE71 Accelerate startup.
• Attivo Networks’ ADSecure™ solution has been named the Best Active Directory (AD) Security Solution in the 2020 Cyber Security Awards by Acquisition International. Attivo Networks is an ICE71 Scale company.
• Meanwhile, the Bank of India will be using Uniken’s REL-ID technology to secure all its internet and mobile banking channels globally.  Uniken is an ICE71 Scale company.
• The contact tracing system from ICE71 Accelerate start-up Mimirum led to its inclusion as a finalist in the recent #innovacionfrentealvirus global solidarity initiative.
• ICE71 Accelerate start-up Secucial has been acquired by ICE71 Scale start-up Responsible Cyber!  The deal values Responsible Cyber at US $7M, with the company acquiring NUS Enterprise and Singtel Innov8 among its shareholders.
• ICE71 Scale company Votiro is among the interviewees in this article on why digital distancing is as important as social distancing.

 

Our ICE71 team had a blast during the recent SFFxSWITCH 2019 exhibition and Innovation Lab Crawl! SFFxSWITCH was a first-time collaboration between Singapore Fintech Festival (SFF) and Singapore Week of Innovation and Technology (SWITCH). The Innovation Lab Crawl featured participating innovation labs across Singapore, which opened for visits from the public. ICE71 had an Open House and Social as part of this lab crawl.

SFFxSWITCH 2019

Being at SFFxSWITCH 2019 was a memorable experience in itself. The exhibition stretched across 5 Singapore Expo Halls, it was a HUGE affair and no doubt one of the events to be remembered for 2019.

We were at the NUS Enterprise booth on Day 1 (11 Nov) of the event. Together with our NUS colleagues, we had the opportunity to network with and reach out to event attendees, particularly those who were interested in getting to know the incubator and accelerator programs under NUS Enterprise. It was a good avenue to share more about our ICE71 Accelerate and ICE71 Inspire programmes.

We also managed to catch up with our ICE71 Scale startups that were at SWITCH – neoEYED, Build38 and Apvera!

There were live startup pitching sessions, including one where neoEYED was a part of! neoEYED is a top 20 finalist out of 600 global participants for the Global Fintech Hackcelerator. Watch Tamaghna Basu, CTO of neoEYED, as he pitches on stage:

Innovation Lab Crawl

Our Open House and Social on 15 Nov was well received — we had many people streaming in during the lab crawl. It was a great way to introduce ICE71 and our programmes. People got to network and form new connections too!

For more updates like this, follow ICE71 on our web and social channels.

On 1st October, we had the honour of having Cheri McGuire, Group CISO of Standard Chartered, as an ICE71 guest speaker at Cloudflare’s shiny new Asia HQ. Cheri shared insights across topics like how she got into cybersecurity and what traits a CISO should have.

The Accidental CISO

“It’s a very long story, but you could call me an accidental CISO,” Cheri said. Coming from a political science background, she worked for the US Congress for over 6 years before she went back to school for an MBA, and then worked for a telecommunications infrastructure company. “I had to learn about that business in a short period of time,” she said.

Her mix of telco and government experience turned out to be a draw for Booz Allen, which got her into consulting. About a year after she started, 911 occured. She then got into US Homeland Security’s national cybersecurity division in its nascent days, where “You couldn’t even get a chair if you weren’t early,” she said. Stints at big names like Microsoft and Symantec followed later. Today, she is CISO of Standard Chartered.

3 most important traits of a CISO

“CISOs need to communicate and translate. They need to have courage. And they also need to have a good blend of technical and business skills.”

– Cheri McGuire

Terms like ‘256-bit encryption’ and ‘TCP/IP protocols’ may seem basic for cybersecurity professionals, but not for finance professionals or non-tech people. Cheri said, “I had to put myself in the shoes of my audience and be able to speak their language, in real business terms, when it comes to describing the impact of security.”

CISOs need to have courage to call out on challenges and issues to an audience. For this reason, CISOs are often not the most popular—some people who are listening would rather not know about or have such challenges. When bringing up an issue, CISOs need to understand the motivations of the audience and speak to them in simpler terms, making it real and relatable. For example, a CISO can say, “Look, if we don’t patch that system, these are the things that could happen to the business.”

Cheri also believes CISOs should have a good blend of both technical and business skills. “You don’t have to be the smartest,” she said, but having a good understanding of business risks, coupled with a solid foundation of technical knowledge, will help CISOs get ahead of their game.

Commoditisation of the threat landscape

It has become cheap and easy for anyone to launch cybersecurity attacks. For the “bad guys”, they only need to “get it right” once, and yet the victim organisation has to protect against everything that follows. This is one of the biggest threats that banks and financial firms face today.

“A small breach can have a significant impact.”

– Cheri Mcguire

Cheri cited an example of the Tesco Bank cyber attack in 2016, where in actuality the breach cost over $2 million, small by financial institution standards—but the reputational repercussion huge, and the regulatory fine was about 10 times the actual cost of the breach.

Managing risks in the cyber world

Cheri believes it takes a multi-layered approach to cybersecurity risk management—people, process and technology.

90% of attacks usually happen through phishing. “Employees are the first-line of defence,” Cheri said. This is why it is important that banks train their employees to be consistently cyber risk-aware.

Despite cyber awareness training for employees, there remains a possibility for human errors, and people might still click on a phishing link. So, processes and technical controls, like those put in place to prevent phishing attacks, are still necessary.

There’s room for startups, but it’s challenging

Regulatory requirements are preventing the quick adoption of technology from startups, as much as CISOs want to work with them.

The complexity and size of an organisation like Standard Chartered also pose a challenge to onboard new vendors. “With footprints in 60 countries, close to 100,000 employees and complex environments, it’s challenging for us to onboard new vendors,” Cheri said.

There are other considerations before onboarding can happen, too. Like whether a startup product is well-thought out, whether the startup has enough backing, what scale the startup is at, and whether it’s been around for awhile— factors linked to its longevity.

Early this year, SC Ventures, the innovation, ventures and fintech investments unit of Standard Chartered Bank, has created SC Ventures Fintech Bridge, a platform that connects and matches partners (startups, investors and accelerators) from the fintech ecosystem to the Bank. Through this platform, ecosystem partners can propose solutions to challenges posted by the Bank’s business units or request for investments.

Silent Eight is one of the startups in the SC Ventures Fintech Bridge. Its AI technology simplifies anti-money laundering checks and processes done in banks, such as name screening, payment screening and transaction monitoring.

Built-in security is a business proposition

As banks continue moving towards digitalisation of services, trust and security become important.

She urged companies to put security in mind when building their products. “Please build security into your products, so you’re ready when you come knocking at our door,” Cheri said, and adds, “if your products are not secure in the front end, it’s hard for us to adopt it.”

For more articles and updates like this, follow us on our ICE71 social media pages!

From viruses and Trojan horses to ransomware – cybersecurity threats are increasing in numbers, sophistication and variety. A report by the Center for Strategic and International Studies in partnership with McAfee estimated the cost of cybercrime to businesses at about US$600 billion each year.

And it’s not just the financial cost. Businesses are also at risk of reputation loss, should news spread about any hacking attempts or loss of customers’ private information.

To counter this threat, organizations are deploying more cybersecurity tools and solutions. This means that an organisation’s cybersecurity team could be bombarded by thousands of alerts from a myriad sources every day. With insufficient time to handle every alert, cybersecurity team could miss a critical alert.

SocView Solutions Pvt Ltd is an emerging cyber security start-up that aims to address this problem through “SocView” its integrated security operations platform. This centralises all alerts from different functions of security operations onto one platform, ensuring security analysts will never miss a single alert. Not only does SocView’s solution increase the efficiency of security analysts, by rationalizing diverse security operations onto one platform, SocView enhances intelligence sharing amongst the IT team.

SocView is built for cybersecurity analysts, by cybersecurity analysts. “With my experience in cyber security domain over 18 years, I am aware of the pain of managing security alerts on a day-to-day basis. It propelled me to develop a revolutionary and disruptive solution to address the complex problems present in the scope of day-to-day cyber security operations”, said Jayanth Varma, CEO and Founder, SocView.

“Our product is already in market. We released it in 2017 and onboarded our first enterprise customer in the United States. Currently, we are carrying out proof-of-value implementations with three other service providers in the region. From the implementations already done, SocView’s product has resulted in a minimum 30% increase in efficiency of the cybersecurity operations team,” Jayanth added.

SocView is amongst the growing number of cybersecurity start-up companies in Singapore. The company is also one of the pioneering start-ups in ICE71 Accelerate, a 3-month accelerator programme for early stage cybersecurity start-ups to sharpen their value proposition, business strategies and commercial models. 

“Singapore has a good start-up ecosystem. If you look at cybersecurity today from Singapore’s point of view, the commitment and vision being provided to help cybersecurity companies is mind-boggling”, said Jayanth.

“The resources here at ICE71 are fantastic, providing us with knowledge, support and networks to other start-ups,” said COO and Co-founder, Prasanna Kumar. Prior to starting SocView, they both worked together in large multinational companies.

The local cybersecurity sector is still at a nascent stage.