Cybersecurity can seem like a game of whack-a-mole. You get rid of one problem, and up pops another.
McAfee and CSIS estimate global losses from cybercrime now total over $1 trillion, a more than 50% increase from 2018. In 2019, two-thirds of surveyed companies reported some cyber incident.
Even scarier, 56% of surveyed organizations say they don’t have a plan to both prevent and respond to a cyber incident.
“Both the virus and the hacker need to find just one weak spot while we need to protect ourselves against all possible adverse risk factors and threat vectors,” wrote Vipin Samar, Senior Vice President of Database Security, in a blog on 2021 cybersecurity predictions. “We saw the pandemic slow down the world in 2020, but there was no corresponding slowdown in breaches. In fact, we saw attacks continue relentlessly on corporations and governments as the adversaries took advantage of increasingly distracted employees and contractors.”
Oracle has a long tradition of engineering for risk with security-first design principles, and that is one of many reasons cybersecurity startups choose to scale up with the Oracle startup program.
With the bad publicity and lost revenue that can come with a network hack, IT staff are forever plugging potential security holes, doublechecking entry points, and – in many cases – manually documenting their work on spreadsheets.
That was Michael Bohnel’s life when he was the network security officer for a major European bank. He figured there had to be a better way.
So, he cofounded Caveris, which offers a SaaS solution for automated, auditable governance, risk, and compliance tracking. Caveris’ technology makes it easier to understand which controls effectively mitigate threats such as ransomware or phishing, and which controls are failing. It even calculates an information security “posture score” to help IT staff understand where they need to concentrate cybersecurity efforts.
“75% of security incidents and data breaches are from avoidable causes, things like not removing users when they offboard, not patching servers, not ensuring AV malware signatures are up-to-date, basic security hygiene factors,’’ Bohnel says. “We can show enterprises where those weak points are.’’
This orchestration level is cloud-based, and Caveris team chose Oracle Cloud partly because of the support they received from the Oracle for Startups program. As is true for so many startups, the biggest challenge for Caveris was getting their solution in front of a prospect. When they do pitch a prosepct, Bohnel says, they have great success. But landing that first meeting isn’t easy.
That’s where joining the Oracle startup program made a difference. Startups like Caveris that join the program and run production workloads on Oracle Cloud tap into a network of benefits including opportunities for introductions to key account managers and, potentially, Oracle customers.
Bohnel is in the early stages of those meetings. He notes that he has not experienced the same opportunities from other cloud vendors. While Caveris is leveraging a multicloud approach to service large customers, not all cloud providers offer the same intangible benefits. “Any startup program that gives you potential exposure to Oracle customers – what’s not to like? It’s a no-brainer,’’ he says.
While working as a technology consultant, Hoon-Ywen Li discovered what a hassle it was for companies to secure data. With a small group, he set out to solve the problem, patented the technology, and promptly put it aside.
Flash forward five years. With the patent now granted, he leaped to form a company – Anzen - that uses cloud to compute, anonymize, and fragment data into multiple data shards before they are sent through the cloud network to be individually stored in different cloud regions. These shards can eventually be reassembled in a hacker-proof fashion. “If one data shard falls into a hacker’s hands, the piece is unreadable and useless. All shards need to be together to restore the original information,’’ Li explains.
And while Li describes Anzen’s technology as cloud-agnostic, he says he likes working with Oracle because of cost-effective compute prices, Oracle’s Database Cloud Service, and rapid cloud data center expansion.
“Oracle doesn’t just have the infrastructure, but also offers database as a service which is really important to real-time database transaction projects,’’ Li explains. The Database Cloud Service Enterprise Edition High Performance offers a metered option that helps him manage his budget effectively.
Anzen has a contract with the UK Ministry of Defense’s Defense Science and Technology Laboratory, and is running trials with multiple companies. Li credits support he received in addition to the technology. “Having that collaboration and that partnership, that’s helping us accelerate our development and our go-to-market strategy,’’ he says.
Internet browsing is such a high risk to corporate enterprises that many must resort to blocking access to whole swathes of the web to protect their users from attacks such as ransomware and phishing. But blocking access to the internet can also block productivity. For knowledge workers in high-end verticals such as finance, accessing the internet is critical to their jobs, allowing them to check up on vendors, vet clients, and gather information.
UK-based Garrison offers a web isolation solution that uses hardsec technology to isolate enterprise endpoints from risky websites, remotely transforming all web content to a verifiably safe format. Garrison’s technology allows users to click links and browse the web in complete confidence.
Garrison was introduced to Oracle for Startups by one of its investors and now uses Oracle Cloud for elements of its computing needs. Unlike other cloud providers, Oracle offers Garrison introductions to key account managers and enterprise clients.
“It’s such a delight to work with a highly established company like Oracle that has an effective and agile scheme designed to help startups. We’ve had fantastic support,’’ says David Garfield, Garrison’s cofounder. “It is also great that Oracle has made some very strong statements around cybersecurity and recognizes that this is a key element of its future.’’
Garrison’s customers include both government organizations and commercial enterprises. A typical example includes a federal agency that didn’t want to rely solely on threat detection software solutions or suffer the awkwardness and expense of separate devices for internet browsing. Garrison’s solution allowed them to safely offer internet access to employees, even on their trusted and sensitive devices.
“Protecting IT by layering security software on top of a hugely complex and vulnerable software stack is like building a castle on sand,’’ Garfield says. “We believe hardware approaches offer a true revolution in the way we think about security.’’
These startups support their customers as they enhance productivity and security in an increasingly risky digital world. Demand for niche cybersecurity solutions is on the rise among enterprises, including Oracle’s customers. That’s why we are finding transformative security-focused startup technologies and offering opportunities for them to connect directly with customers.
It’s a virtuous cycle that offers a win/win for customers and startups alike.