Thursday, December 9, 2010

380,000 Chinese Hackers Creating Havoc in US Commercial Cyberspace.

This week I attended the Angel Capital Summit in Denver. In these days of economic doldrums the enthusiasm of the 39 entrepreneurial companies was refreshing and uplifting. The organizers of this event spent a lot of time vetting the presenters and weeding out those that were premature in their quest for funding so each of the presentations were well thought out and legitimate investment opportunities.

There were two presentations that particularly resonated with me Relevant Security and CiberLok, both in the data encryption and authentication space. Thanks to CiberLok for statistics I have used particularly the mind-bending thought of 380,000 Chinese hacker working 24/7 to mischievously trespass into US commercial cyberspace.

Few more statistics offered by CiberLok:

1. In 2009 the credit card industry experienced a 53% increase in network breaches with companies recording a 29% increase and the government experienced an increase of 74%. (Wikileaks?)

2. In 2009 security breaches cost the credit card industry $8B and Banking, $1B.

3. 100% of utilities suffered from worms and viruses.

4. Security market WW (encryption/authentication/etc) is in the order of $17B.

Ok, there are many established players in this space with EMC, RSA, HP, IBM and Symantec being but a few of the players, so what made these guy’s interesting? Will they be able to compete?

Ciberloks focuses on encryption and as they claim they bring unbreakable code to the encryption marketplace. Not by new code development but by a unique methodology that calls multiple, existing encryption codes in a serial fashion to render, in their opinion, encrypted data that is “unbreakable”. I would point out that I could not find their web site, not good when you are a nascent enterprise tryong to raise money.
Relevant Security has taken a different approach. Their strength is not in encryption codes; in fact their solution is agnostic to whatever code is being used. Their cleverness is in the RPM technology, a secret-key-based security method. Although using standard encryption codes such as AES, RPM supplies a unique key for each transaction generating a rapidly moving target for the bad guys. So rather than a session based methodology they authenticate and deliver a unique key for use at the transaction level, somewhat game changing, particularly if the performance claims are as advertized. (100 to 300 times faster than traditional approaches).

So do these nascent enterprises have a solution that will resonate in the marketplace? Following the Relevant Security presentation I spoke with the CEO of a Cloud Software company whose reaction was that if they (Relevant) can live up to their claims then they have a winner. I also noticed the same CEO requesting more information from Ciberlok after their presentation, so apparently there is a consumer pain point. A sample of one, but at least an encouraging data point.

No comments: