T he Cybersecurity Startup Report

Aside from the task of securing your own company, it is important to know that those you do business with are equally secure. Security Scorecard provides a way for security signals to be automatically captured and used to rate companies on how well they are handling security, and what their specific strengths and weaknesses are.

According to company co-founder and CEO Aleksandr Yampolskiy, the company stemmed from a simple idea: “Companies were doing business with third-party partners. If one of those companies gets hacked, you lose. How do you vet the security of companies you do business with?”

Using publicly available information, Security Scorecard grades companies from A-F, provides a detailed breakdown of areas of strength and weakness, and allows users to compare the company of interest to others in their peer groups. With the option to track performance over time, it also allows for users to judge both their own improvement and that of the vendors they use.

securityscorecard.com

When approaching cybersecurity, it can sometimes be difficult to parse the underlying connections between events, especially as analysts may be approaching the problem with a varying skill set. Uplevel looks to address this difficulty by providing a graphical view of security data, giving all analysts involved a better view of a problem, and helping to build, by correlating machine and human learning, a better understanding of how future events might rely on similar connections.

Uplevel’s system works by learning from the analysts involved: if an analyst agrees or disagrees with the graph, that information is fed back to it and the system can, in the future, present a view that is more relevant to the organisation’s security concerns and the likely interplay of events within the given organisation.

“What is exciting about [our approach] is you get a new alert and build a mini graph, then merge that into the historical data, and based on the network topology, you can start to decide if it’s malicious or not,” founder Liz Maida said.

www.uplevelsecurity.com

As data privacy issues continue to run out headlines as fast as they can be written, companies are having to quickly reckon with becoming compliant with regulation such as the EU’s GDPR. New York-based BigID is attempting to assist with this issue by enabling users to identify the most sensitive data that may be contained within their large data stores.

Named Most Innovative Startup at April’s RSAC Sandbox competition, BigID is providing a modern architecture for companies to quickly identify data requiring attention and avoid the fines for failing to comply with regulations.

“When we first started talking about this [in 2016] people didn’t grok it. They didn’t understand why you would need a privacy-centric approach. Even after 2016 when GDPR passed, most people didn’t see this. [Today] we are seeing a secular change. The assets they collect are valuable, but also incredibly toxic,” company CEO and co-founder Dimitri Sirota told TechCrunch.

bigid.com