Cybereason has coined the terms Malops, to describe what happens between first breach and end damage
Following the recent hackings of retailers like Target and Neiman Marcus, not the mention all of the NA revelations, cyber hacking, and how secure our data is on the Internet, has become a hot topic for conversation.
So what better time for a company like Cybereason, which a platform that proactively detects, and stops, security threats to emerge from stealth mode? In fact, the timing is almost fortuitous
The company specifically deals with it calls Malops, or malicious operations, which are perpetrated by sophisticated hackers carrying out cybercrimes within enterprises. Its platform delivers protection from Malops by automatically detecting the hacker’s actions and intentions through continuous monitoring of systems across the enterprise.
This empowers CISOs and security analysts to identify, and then eradicate, Malops in real time.
I recently sat down with Lior Div, the company's co-founder and CEO, as well as Mark Taber, VP of sales and marketing at Cybereason, to discuss the company, what it does and how the space is evolving.
Rather than putting their emphasis on the two points of operations that most security companies currently target, Cybereason is, instead, carving out a new space between the breach and the damage, which it is calling Malops.
The company sells software that runs in the background of a system, looking for anything that indicates abnormal or suspicious behavior,
Div explained it to me like this: let's say that someone is trying to break into the Coca-Cola building in order to steal the company's formula. What is happening today is that security software can identify people who are trying to get in. But hackers know how to get beyond that single security guard, and then the next thing you see is guy running out of building.
The first step of preventing bad guys from getting in has seen a lot of innovation and technology, such as firewalls and anti-virus programs, he said. There's a lot of equipment, but which can be bypassed and the next time you meet them is when damage is done.
"What we need to do as a company is enable the market to find out what's going on inside the building," said Div.
"What we are assuming as a company is that the bad guy will get in. And now we need to enable the organization to reveal that, first, they are in and, second, what they are doing, and, third, to help them stop it."
That means detecting the hacking operation, visualizing it to the IT department, and then making it accessible enough to them so that they can easily stop it.
The visualization part of it is very important, said Taber.
"Because this isn't something you can just touch, with actions and intentions and all these things, we need to make made it really easy for companies to figure out what's going on, so they can see what's happening and then do something about it," he said.
When suspicious behavior is detected, the company will be get an alert, which they can they click on and get the timeline of steps that caused the file to start to infiltrate the system. The software will then tell them what they need to do to stop it.
"The fundamental thinking in our product is that we're not assuming that you know what to ask," said Div. "Meaning, we that we will do the asking, we will do the investigation, and we will deliver it to you if you find the Malop."
This is almost a brand new space, they told me, and until a few years ago, companies were not really worried about potential hackings and breaches.
Div, who won a Medal of Honor from the Israeli army for his work in cyber security, started another company that offered such protections, but when he tried to approach CEOs and banks about these kinds of threats, he was shut down.
"Nobody back then called it cyber security. It was a very, very technical, geeky stuff," he said.
This all changed in 2010, with the Flame operation, in which the United States and Israel sent malware to the Iranian nuclear facilities, doing damage to their centrifuges. After that, the market shop up because people finally understood what could potentially happen.
"Suddenly people realized that there is a huge potential to create damage without missiles, without nothing, just with software, basically," said Div.
"If someone wants to get your information or to gain access to your environment, he will able to do it. And that created a huge shift in the market, and suddenly people started to talk about it. Three years after that, cyber security is all over the news."
The company has spent the last six months testing out the software with around 20 early adopter companies, which has allowed Cybereason to fine tune the results to make them easier to understand. One thing that the company did not have to do, though, is sell the idea.
"I can tell you that we talk to companies, we don't have to convince anybody of anything. They already are well aware and they already knows there's a breach," said Taber.
That is also partially because of the companies that have been in the news lately, namely Target and Neiman Marcus, both of which were recently hit by hackers who were able to walk away with information on millions of customers.
Target is a great example of what Cybereason is trying to prevent, said Div.
"I can assure they bought everything that's out there. They've done great work to protect themselves. They weren't slacking, you know? They had a great team, they put a lot of money, and they tried to protect themselves," he said. "The CEO there, I tell you that I don't want to be in his position, because he has done everything right and still got hit."
If the company has been using Cybereason's software, it could have most likely prevented the ultimate damage that was done, because it would have detected the issue as soon as the hackers began snooping around the system.
"I'm assuming it took them a while and that they were inside the organization for at least a few months in order to understand what was going on," said Div. "Our system would detect the first phases of attack, just as they started to collect information and learn the environment. It is a lengthy process between breach and damage."
The company also announced on Tuesday that it has raised a $4.6 million Series A round of funding from Charles River Ventures. The total also includes some seed money the company previously raised.
The company will be using the money to build out its sales and marketing teams; it currently has 18 employees, and will be "doubling quickly."
It will also go toward market expansion. The company will initially focus on the U.S. market, but Taber says that it has been finding, with its early adopters, that the potential market for the product is “incredibly broad based."
"We will be working with channel partners throughout North America first, then Europe, then Asia," he said.
When I asked how big the market for this space potentially is, they pointed out that there are currently billions being spent now, but mostly in the wrong places. And the software can be used in any vertical, and any system, that requires a lot of endpoints.
That means retail, banks, manufacturing, and even universities.
"This is broad area where nothing is being spent, so clearly this is a big hole to be filled," said Taber.
"We were trying to determine a vertical, but we cant find a vertical. Everybody who we talk to has the same problem and is interested in being an early adopter."
Related Companies, Investors, and Entrepreneurs
Joined Vator on
Cybereason delivers a proprietary technology platform that automatically uncovers malicious operations (Malops™) and reconstructs them as a clear image of a cyberattack in context. This enables enterprises to discover sophisticated targeted threats at a very early stage, disrupt them at the stem and significantly reduce the costs and damages caused by such attacks. Cybereason is headquartered in Cambridge, MA with offices in Tel Aviv, Israel. For more information, please visit www.cybereason.com, www.twitter.com/Cybereason, www.facebook.com/Cybereason, and www.linkedin.com/company/Cybereason.