Unicorns – that is, unicorns – are actually rare mythical creatures, but in the current venture capital landscape, they abound in the form of unique startups. That’s because, with each new generation of ransomware and each new Internet meltdown, investors seem to be reaching deeper and deeper into their own vaults to sponsor burgeoning cybersecurity innovations.
The most successful IT security startups
A few weeks ago, on July 22, 2021, a temporary outage of Akamai’s Edge DNS service brought large parts of the Internet to its knees again. This time, for once, the culprit was not a cyberattack, but a “software bug.” The irony of life: With cybersecurity solutions such as the Intelligent Edge Platform and Prolexic Routed to protect against DDoS attacks, Akamai wants to help its customers prevent a costly outage of web services. Such an outage has now apparently arrived due to a software bug. DevOps failed.
With a DevOps protection solution like the one from California-based startup ArmorCode, it might not have happened. Granted, ArmorCode just emerged from stealth mode into the public eye this year and is still far from being a unicorn, but still: the Internet meltdown due to a bug really didn’t have to happen.
One internet outage after another
“A software configuration update” of Akamai’s Edge DNS service (which is supposed to protect websites and apps from DDoS, among other things) “triggered an error in the DNS system,” according to the provider. This had led to an interruption that affected the availability of “some customer websites.”
“Some customer websites”? Leading e-commerce portals such as Amazon and Airbnb, as well as providers such as FedEx and Delta Air Lines, went completely offline. Many others, including AT&T, British Airways, Costco, Fidelity, GoDaddy, HBO Max, Oracle, and UPS, were only able to fly their flags online with a vengeance. According to Pingdom, about 34,000 sites were affected by the disruptions. Some web applications went offline completely, others wanted to take forever, still, others merely came up with error messages like 404 errors.
Akamai was able to restore Edge DNS availability by rolling back an update within about an hour, but the domino effect was already underway. Akamai’s software bug morphed into a classic supply chain attack for the other affected parties (A supply chain attack is when cyber attackers target a supplier of the targeted victim to initiate an attack from within the supply chain and bypass existing cybersecurity safeguards). Network monitoring specialist ThousandEyes reported a “remarkable” increase in network outages over the course of more than four hours, as service providers peering with Akamai Prolexic lost their connections to the service. This had resulted in a complete loss of connectivity.
The Washington Post headlined, “Major Internet outage along East Coast causes large parts of the Web to crash – again.” The Canadian CBC reported: “Massive outage disrupts internet services in Canada and around the world”. Reuters wanted to distribute the bear’s skin even before it had been killed, and was already celebrating the “quick” restoration of services after a “short” global outage, while large parts of the Internet were still hopelessly lost in the dark. Reuter thus demonstrated “short-term memory,” as vulnerabilities to the Akamai platform have been simmering for some time. The results include repeated outages. It is now clear to all but perhaps Reuters that traditional approaches to cybersecurity have had their day. Cloud-native applications need cloud-native cyber security.
The thinkers and leaders at Aqua Security don’t need to be told. The Israeli-American unicorn has embraced “Fluid Security at the Speed of DevOps” and has become the largest provider of its kind. Aqua specializes in container isolation, that is, “sealing” containerized microservices.
Aqua said its users included some of the world’s largest companies in financial services, media, software, manufacturing and retail. The company said it has been able to add five of the world’s 10 largest banks as customers and doubled the number of paying customers in the 2020 pandemic year.
Lacework takes a holistic(re)approach to “data-driven” cybersecurity. In addition to containers, the company wants to protect Kubernetes as well as individual workloads and their users in multi-cloud environments. To do so, the vendor wants to make its cybersecurity defenses observable to extract granular data. (In technical jargon, this is known as observability). Lacework’s platform masters behavioral anomaly detection, file integrity monitoring, and host-level intrusion detection and vulnerability monitoring, among other things. London-based Unicorn has seen its customer base increase fivefold over the past year. Its next stated goal is expansion into continental Europe.
Taking its holistic view a step further, Orca focused its attention on the cybersecurity of multi-cloud environments.
Israeli unicorn Wiz also knows no boundaries in its approach. Wiz aims to pinpoint the “most critical risks and infiltration vectors with complete coverage across the entire stack of multi-cloud environments.”
The transition between software bugs and cyber vulnerabilities is fluid. Fortunately, many investors have already woken up to the outbreak of “pandemic hacking” and showered cybersecurity startups with money.
In just the first half of 2021, more than 200 companies achieved unicorn status, according to Crunchbase. (A “unicorn” is a private company with a “magic” $1 billion market valuation). In all of 2020, just 163 companies celebrated this milestone.
This year’s record beats not only the 2020 pandemic year result but every single result in the last nine years. Cybersecurity is booming.
Many investors and VC funds just saw cybersecurity startups bring in the most money to the bottom line, believes Will Lin, partner at ForgePoint Capital, and has finally gained confidence in this market vertical.
It’s no wonder, given that cyber perpetrators are continually boosting the business of cybersecurity solutions. Fifty-eight percent of “cyber loss” victims – due in part to ransomware attacks – are estimated to be SMBs. A startup called Coalition Inc. wants to not only proactively prevent and defend against cyber risks but also take financial responsibility for the results. The cyber insurer wants to help its customers financially with regard to the economic consequences of a cyberattack.
In the case of ransomware attacks, for example, Coalition carries out an analysis of the incident, intervenes in negotiations with the perpetrators if necessary, and transmits the demanded ransom at its own expense, provided the customer has a corresponding policy. Attacks against cyber-physical systems, including industrial control systems, can also be insured.
It’s not a bug, it’s a feature
Cyber vulnerabilities are becoming increasingly threatening, not only to their immediate victims but also to third parties. That’s because cyber attacks have recently begun to spread across entire supply chains (see the report “Cyber Polygon” and “Supply Chain Attacks”). For those affected, hacker attacks are indistinguishable from software bugs; the damage can be severe in both cases. The bottom line is that end users are asked to pay for it.
But the vulnerable nature of the cyber society is nothing new in itself. What is new is the high emergence of innovative solutions from the current cyber unicorns.
- Feedzai aims to put a stop to fraudulent activities in finance with machine learning. Among other things, Feedzai is watching over the security of Asia’s first “numberless” hybrid debit-and-credit card, a MasterCard from Mox Bank Limited. A similar approach has already proven successful with Estonia’s Wise.
- Socure offers financial sector companies an API that they can use in their own applications to identify and nurture promising customer relationships. A system of real-time digital identities underlies this solution. Forter (forter.com) is launching a similar solution for the e-commerce sector: a “network of trust.”
- Venafi develops solutions for orchestrating digital certificates and crypto keys for SSL/TLS, code signing, SSH, IoT and mobile systems. Venafi’s trump card is an M2M identity system with capabilities for accurate risk assessment. The Unicorn says it has already won one in two Fortune 50 companies as a customer with this solution.
The research institute Gartner already classified the burgeoning market for machine identity management solutions as “indispensable” last year with regard to ensuring cybersecurity in the corporate environment.
- Axonius has developed a system for inventorying cybersecurity-related assets. This is designed to enable companies to more strategically plan security audits, updates and other events, and better identify vulnerabilities. The AppsFlyer company was able to use Axonius’ solutions to track down any devices that violated corporate security policies and remediate any anomalies in a timely manner. “There has never been a tool that does what Axonius does,” confirms Jeffrey Gardner, senior director of information security at Landmark Health.
- BigID develops solutions around “transformative data discovery for improved data protection.” Supported data sources range from SAP to Salesforce to any Rest APIs. In the age of the GDPR, the approach is timely.
This year’s Cyber Polygon had warned how vulnerable digitized supply chains are on July 9, 2021. (Cyber Polygon is a cybersecurity industry initiative supported by the World Economic Forum Centre for Cybersecurity and INTERPOL, among others.) Less than two weeks later, on July 22, 2021, the temporary outage of Akamais DNS servers demonstrated just how fragile the digital fabric of cyber society can really be at times. Whether a single miracle cure can provide a remedy is rather doubtful. Fortunately, there is no shortage of entrepreneurial “Daniel Düsentriebs.” The increased emergence of cyber-unicorns does offer a glimmer of hope.