the cybersecurity report: emerging global threats from cyber attacks

Angel Kings LLC

*The Cybersecurity Report: Emerging Global Threats from Cyber Attacks

*Top cybersecurity companies: public & private startups*Cybersecurity report answering: the Who, What, Where, How and Why of Cyber Attacks

*The information contained herein is for informational purposes only and is not a solicitation, only an example of fundraising and what to expect when researching companies. Logos and trademarks herein are properties of their respective owners.

By Ross BlankenshipExpert on venture capital and cybersecurityAuthor of best-selling book, Cyber Nation

http://www.angelkings.com/angel-investor-team/

http://goo.gl/H1Bftm

http://angelkings.com/

The Worldwide Threat of Cyber Attacks

Source: Forrester Research, MarketsandMarkets

The cybersecurity marketplace will continue to grow aggressively.

Over the past two years, security spending as a percentage of the total IT budget rose across most industries. This number is only expected to increase in light of recent security breaches.

Worldwide spending on information was $95.6 billion in 2014. Total information security spending is projected to grow at 10.3% CAGR in the following 5 years.

Who do cyber attacks threaten the most?

B2BB2B B2CB2C GovernmentsGovernments Security FirmsSecurity Firms

Pain PointsPain

Points

Preventing data breaches and stolen information

Security architecture and process design

Preventing account abuse or fraud from customers

Integrating IT security into core business functions and creating ownership

ExamplesExamples

Preventing personal, professional, and financial accounts from being hacked

“Peace of mind” and alleviating fears of cyber crime, whether real or perceived, due to media coverage of recent hacks

National security Agency sharing and

collaboration (FBI, CIA, etc.)

Geopolitical stance and perceived ability to defend itself and allies from cybercrime

Staying one step ahead of the cyber criminals

Fierce competition from other firms; finding one’s niche

Understanding the pain points of all potential customer groups

Cyber attacks have forced CIO’s to reconsider their cybersecurity capabilities.

Source: Gartner Research, Industry Blogs

Business disruption attacks require new priority from corporate leadership

Business impact analyses must consider aggressive business disruption attacks leading to loss of continuity of operations. Response and recovery plans that cover both business processes and IT services should be developed to address these exploits

CIO’s must pivot from blocking and detecting attacks, to detecting and responding attacks to breaches

Preventive controls such as firewalls, antivirus and vulnerability management, should not be the only focus of a mature security program. Organizations should focus on rapid breach detection using endpoint threat detection and remediation tools and network traffic analysis tools, and invest in forensic teams and software to analyze the resulting alerts and memory samples.

Non-IT processes must also be assessed

Full-spectrum penetration testing that evaluates IT and non-IT business process environments is crucial. An incident response manager may be required to oversee and manage attack events. The incident response leader will need skills to work across IT and non-IT departments and external groups — including legal, law enforcement, HR, forensics, corporate communications, public relations, insurance providers and network service providers

The average total cost of a data breach to major US companies is $12.7 million.

A robust underground market for data economy fuels and incentivizes cyber criminals.

Source: Forrester Research

Common cybercrime “business models”

Email addresses and passwords, credit card numbers, Social Security numbers, account log-in credentials, and other personal information are all data that cybercriminals can use to commit a wide range of crimes, from identity theft to fraud to reselling in the underground market economy.

• Buy and sell stolen information in online marketplaces-Stealing credit card data and personal information is lucrative for cybercriminals because it provides direct andeasy gains in the underground marketplace. Prices for a customer’s personal information can range from $8 to $45,underscoring the low-risk high-reward nature of cybercrime.

• Crime-as-a-service- In the underground markets, organizations and individuals can buy or sell exploit kits,botnets, denial of service attacks, or just their skills. Services can run from $1 for 1,000 CAPTCHA-breakingsto $350 to $450 for consulting services such as botnetsetup

• Attracting capital “investors”- Skilled individuals will always be in demand in the eyes of organizations —namely, organized crime syndicates — that seek to make a profit. In some cases, individuals are coerced or recruited by these organizations for the purposeof leveraging their talents

• Market their supplies and services like a business-"Suppliers" of data in this underground market economytoday operate "businesses" that may involve everything from marketing themselves online via Twitter to providingbulk discounts, free trials, and customer support forcustomers (criminals who purchase this stolen data).

Where are the criminals coming from?

Source: Bloomberg

China, Russia, and Turkey are the countrieswith the most foreign cybercriminals. The USAhowever, remains the home of where over 33%of cyber attacks originate

Governments and customers react and raise the cost of being breached


Data and privacy breaches provide lucrative payouts for cybercriminals, but the businesses targeted incur tangible and intangible costs as a result. Today, the costs incurred having being breached comes not only from customer but from legislating bodies as well.

Zappo’s

Almost 24 hours after Zappos revealed that it was a victim of a cyber attack in January 2012 that exposed more than 24 million customers' account information, a customer filed a suit alleging Zappos did not have the data properly safeguarded and was in violation of the Fair Credit Reporting Act

Triple-S SaludPuerto Rican insurer Triple-S Salud faced a $6.8 million fine from the Puerto Rican government for exposure of protected health information (PHI), in violation of HIPAA. In addition to the fines, administrative sanctions will be placed on Triple-S Salud, which include the suspension of new enrollments into one of its plans and the requirement to notify affected individuals of their right to opt out of their program.

1. Customer Litigation: Once the breach notification goes public, companies can expect to face legal action from customers.Common reasons cited for damages include actual loss fromidentity theft, emotional distress, cost of preventing future losses, and the increased risk of future harm. Shoppers trust that their personal and financial information to be secure and not shared with anyone when they shop; a loss of this trust incurs both financial and reputational losses to the breached company.

2. Government Fines and Sanctions: Organizations that have experienced a breach must face the scrutiny and regulations of the government. While data protection laws vary country by country, or even state by state in the case of the US, government bodies can issue fines for violations of data protection. In the US, the Federal Trade Commission's win against Wyndham Hotels and Resorts solidified the FTC's role and authority as a data security regulator in the US, allowing it to continue pursuit of action against the company

Case Study: Target

Source: Gartner Research, Forrester Research, Industry Blogs

Target Corporation is an American retailing company, and the second-largest discount retailer in the United States. In 2014, it had over $72 billion in revenue and 1934 stores in North America.

Victim

The Target data breach was a result of hackers gaining undetected access to the network with credentials stolen from a refrigeration and HVAC company that does work for a number of Target locations.

Hackers gained access to as many as 110 million customer names, card numbers, expiration dates, and CVV security codes of the cards issued by financial institutions.

Attack

Target's computer security team was notified of the breach via the FireEye security service they employed, had ample time to disrupt the theft of credit cards and other customer data, but did not act to prevent theft from being carried out.

Cybersecurity

At least 90 lawsuits were brought against Target in the aftermath of the breach. All told, Target could face a $90 fine for each cardholder’s data compromised, which translates to the $3.6 billion liability.

Profits fell nearly 50% in that fiscal quarter. Target’s share price fell 11% during the same time.

Impact

Target reports costs associated with breach to exceed $148 million, and EPS to drop 22%.

Case Study: Sony

Source: Macquarie Research, Gartner Research, Industry Blogs

Sony Pictures Entertainment Inc. is the American entertainment subsidiary of Japanese multinational technology and media conglomerate Sony. It has been responsible for producing/distributing films such as Spider-Man, Men in Black, Resident Evil, and more recently, The Interview. In 2014, it had revenues exceeding $8 billion.

Victim

In December 2014 the Sony Pictures computer network was compromised, disabling many computers. Later the same week, five of Sony Pictures' movies were leaked, as well as confidential data about 47,000 current and former Sony employees

On December 16, the hackers issued a warning to moviegoers, threatening to attack anyone who sees The Interview during the holidays and urging people to "remember the 11th of September 2001“.

Attack

Sony has since hired FireEye to plug its breach.

Cybersecurity

Macquarie Research analysts projected Sony would likely take an impairment charge of 10 billion yen ($83 million) related to the incident

Furthermore, hackers have released a trove of documents that include contracts and marketing plans that could influence competitors' strategies and lead to a loss of trade secrets and IP for Sony

Impact

The current quarter has cost $15 million in investigation in remedial costs. Total costs are expected to exceed $100 million in financial damage, not including loss of IP

Case Study: Anthem


Anthem Inc. is the largest for-profit managed health care company in the Blue Cross and Blue Shield. In 2014, it had revenues of $61.7 billion, and over 37,000 employees.

Victim

On February 4, 2015, Anthem, Inc. disclosed that criminal hackers had broken into its servers and potentially stolen over 37.5 million records that contain personally identifiable information from its servers. The compromised information contained names, birthdays, medical IDs, social security numbers, street addresses, e-mail addresses and employment information, including income data.

Attack

Anthem is currently working with AllClear ID to offer 24 months of identity theft repair and credit monitoring services to current or former members of an affected Anthem plan dating back to 2004..

The company has said to be conducting an extensive internal IT forensic investigation to determine what members are impacted.

Cybersecurity

Over 80 million people (members, past members, employees) are expected to be affected by the Anthem security breach. Class-action lawsuits have been mounted since Anthem’s announcement in February.

Anthem said it doesn’t expect the incident to affect its 2015 financial outlook, “primarily as a result of normal contingency planning and preparation.”

Impact

Anthem should expect to pay between $100 to $200 per breached record. With as many as 80 million people affected, that comes out to $8 billion to $16 billion

Source: PwC Global State of Information Security, Forrester Research

Companies and legislative bodies actively investing and and prioritizing in cyber security.

In the annual PwC, CIO, and CSO survey of more than 9,600 global executives, 41 percent of US respondents had experienced one or more security incidents during the past year, a number that continues to rise. This situation is compounded by the fact that given recent economic uncertainty, security has not been a priority in the recent past.

Lobbying firms are anticipating increased policy-making in data security and privacy to keep pace with, or catch up to, the evolving threat landscape and technology environment. According to lobbying analytics firm Capitol Metrics, the number of lobby firms that advocated on behalf of clients on data and security issues skyrocketed from 74 to 220 between 2008 and 2012.

Capitol Hill

Over the years, global efforts have culminated in the closing of various online market forums for exchange of stolen data. In April 2012, a global two-year operation involving officers from Australia, the US, Britain, Germany, the Netherlands, Ukraine, Romania, and Macedonia shut down dozens of websites that offered credit card data and related details.

Global

Many organizations struggle to adequately enforce the rules and standards of their security policy due to corporate culture and a hesitance to enforce the consequences of noncompliance. CISOs need to reevaluate their current policies to make sure that its culture reinforces the "human firewall."

Policy/Process

Zero Trust is emerging as a new model for information security that is better-suited for the new threat landscape. In addition, the concept of "killing data" — encrypting data to devalue if it falls into the hands of cybercriminals — is gaining mindshare as a new default defensive measure for the enterprise.

Architecture

Cybersecurity Trends

Current State of Cybersecurity

Source: Forrester Research

Cybersecurity effectiveness and its metrics are being challenged on all fronts

Information security metrics have historically focused on security policy compliance and operational issues. Metrics like these demonstrate that security teams are working very hard, but they don't really demonstrate effectiveness. Cybersecurity is an uncertain business, and this requires that CISOs move from compliance-based reporting to risk-based reporting.

Readiness, Response, and Recovery

• Security readiness measures your company's security posture. Readiness metrics could include the percentage of systems with current patches as compared to a standard baseline, how many staff successfully completed awareness training, or firewall rule status. Readiness reports should show trends for this information on a quarterly or monthly basis.

• Benchmarks against previous dates should drive future decisions. Metrics could include the number of network exploit attempts this month as compared with last month or the number of vulnerabilities closed this month as compared with last month. Like the readiness reports, these metrics should show key trends, monthly and quarterly, and they should show event trends and attack patterns.

• Speed in which an organization returns to normal operation is a critical measurement of success. Metrics in this category could include disciplinary personnel actions taken, changes made to security readiness processes, forensic actions, legal response, and data and system restoration time. Event patterns are the most important information to report, showing what worked and what didn't.

Source: Gartner Research, Forrester Research

Companies are responding aggressively to data and cybersecurity threats.

Recent high profile cybersecurity breaches of Target, Sony, and other high profile targets have companies playing catch-up to cybercriminals. Here are some of the main weapons companies have at their disposal.

• Enhanced use of encryption, and more careful attention to the maintenance and proper configuration of existing encryption systems, is one of the first lines of defense used to thwart would-be attackers.

• Increased scrutiny of internal data use is another common response to Target’s woes. Behavioral analytic technologies allow firms to monitor users within the company as well as end users, remaining alert for suspicious behavior that accompanies theft or attack with malware.

• Risk assessment and software analysis to screen for vulnerabilities is gaining a front seat at many organizations. Keeping software up-to-date to avoid known weaknesses and testing proprietary software for unnoticed vulnerabilities are both front-line defensive maneuvers that are receiving more attention in 2014.

• Active defense is a relatively new concept in computer security that is garnering extra attention these days. The idea is to convince hackers that they are into their target area, when they’ve actually been diverted and trapped in a shell where they can be easily identified and in some cases, retaliated against.

• Following up on network threats is a necessity that requires manpower organizations don’t always have available. Active monitoring and maintenance by managed service providers and hiring forensics experts to respond to threats are two popular solutions.

Fortune 500 Cybersecurity Providers

IBM (IBM)

Company Description

IBM® Security solutions help detect, address, and prevent security breaches through integrated hardware and software solutions. Powered by deep analytics and trusted IBM Security expertise, our robust portfolio of comprehensive, scalable industry-leading tools delivers unparalleled security intelligence with reduced complexity and lower maintenance costs.

Marquee ClientsProducts/Services Offered

2014 Revenue $92.8 B

CEO Ginni Rometty

Headquarters Armonk, NY

M&A Considerations

• Trusteer Pinpoint Criminal Detection helps protect websites against account takeover and fraudulent transactions by combining traditional device IDs, geolocation and transactional modeling, and critical fraud indicators. This information is correlated using big-data technologies to link events across time, users and activities.

• Security Key Lifecycle Manager centralizes, simplifies and automates the encryption and key management process to help minimize risk and reduce operational costs

• InfoSphere Guardium Data Activity Monitor prevents unauthorized data access, alerts on changes or leaks to help ensure data integrity, automates compliance controls and protects against internal and external threats

• Firewall management is designed to reduce the complexity and burden of managing and monitoring firewalls manually. Offers near-continuous monitoring, management and analysis of firewall logs

• Security Architecture and Program Design helps you evaluate the effectiveness of your security architecture to better manage evolving cyber threats. We also work with you to design a program to align security practices with business requirements and help reduce risk

• IBM acquires Trusteer, a specialist in cybersecurity primarily for financial services for $1B in August 2013

• IBM acquires Crossideas, an identity and access management vendor for an undisclosed amount in July 2014

• IBM acquires Lighthouse Security Group, an identity and access management company for an undisclosed amount in August 2014

• AT&T and IBM announced in February 2014 a strategic alliance to provide a set of comprehensive security services that, if successful, would define the next generation of managed security services providers

Cisco (CSCO)

Company Description

Cisco® Cybersecurity solutions make sure that security is a fundamental component of the intelligent network fabric by using a multilevel approach, building security controls within and around the core network. In-depth security requires an adaptive, responsive, and always-on approach that is also architectural.


2014 Revenue $47.1 B

CEO John Chambers

Headquarters San Jose, CA

M&A Considerations

• Cisco Advanced Malware Protection provides an efficient process for solving threats by going beyond detection. Offers Point in Time Protection and Retrospective Security together.

• Cisco Identity Solutions provide visibility into who and what is connected to your network, automation for simplifying operations and adapting to changing needs, and controls for limiting access to information and resources.

• Cisco Wireless Security Solutions provides a comprehensive approach to wireless security, offering enterprises the ability to address the threats of access and eves dropping. This at‐a‐glance focuses on the externalthreats that a WLAN will encounter and the mechanisms to detect and mitigate these threats.

• Cisco Secure Mobility Solutions provide virtual office solutions with full IP phone, wireless, data, and video services to staff wherever they may be located. Security capabilities include spam protection, data loss prevention, virus defense, and email encryption tracking.

• Cisco acquires Cognitive Security, a company focused on applying artificial intelligence techniques to detect cyber threats for an undisclosed amount in January 2013

• Cisco acquires SourceFire, a network security and anti-malware appliance developer for $2.7 B in July 2013

• Cisco acquires ThreatGrid, a malware analysis and threat intelligence company an undisclosed amount in June 2014

Hewlett-Packard (HP)

Company Description

HP's enterprise security software and solutions provide a proactive approach to security that integrates information correlation, application analysis and network-level defense.


2014 Revenue $111.5 B

CEO Meg Whitman

Headquarters Palo Alto, CA

M&A Considerations

• HP Fortify Static Code Analyzer helps verify that your software is trustworthy, reduce costs, increase productivity and implement secure coding best practices. Static Code Analyzer scans source code, identifies root causes of software security vulnerabilities and correlates and prioritizes results—giving you line–of–code guidance for closing gaps in your security.

• ARCSIGHT ESM is enterprise security management software that combines event correlation and security analytics to identify and prioritize threats in real time and remediate incidents early. Correlates data from any source in real time to quickly detect threats before they do damage. Collects and categorizes up to 100,000 events per second for instant detection of activities affecting anything on your network, including insider or zero-day attacks.

• HP Atalla Information Protection and Control solves the complex challenge of providing data classification and data security by providing organizations the means to bring protection to the data itself. HP Atalla IPC applies protection at a point where information is created, and makes that protection persistent, so it follows the information wherever it goes. This secures sensitive data no matter where it actually resides.

• HP acquires ArcSight, a company that provides data security analytics for security information and event management for $1.5 B in October 2010

Publicly Listed Cybersecurity Providers


2014 Revenue $425.7 M

CEO Dave DeWalt

Headquarters Milpitas, CA

M&A Considerations

• FireEye Adaptive Defense is a new approach to cyber security that delivers technology, expertise, and intelligence in a unified, nimble framework. Our state-of-the-art technology protects you with our patented virtual-machine detection (MVX™) engine. Find cyber attacks that bypass signature-based tools and common sandboxes.

• Malware Analysis (AX series) products provide a secure environment to test, replay, characterize, and document advanced malicious activities. Malware Analysis shows the cyber attack lifecycle, from the initial exploit and malware execution path to callback destinations and follow-on binary download attempts..

• FireEye Threat Intelligence provides intel and analysis to help you understand cyber threats, identify and stop cyber attacks, and reduce the impact of compromise. Automates the detection and prevention of zero day and other advanced cyber attacks with our global threat intelligence ecosystem. Accelerates incident response and reduce the time to investigate and resolve security incidents.

• In September 2013, FireEye became a public company, trading on the NYSE under the ticker FEYE, raising $304 M in their IPO at a market capitalization of $4.2 B (~26x revenue)

• In December 2013, FireEye bought Mandiant, a computer forensics specialist company for $1.05 B

Company Description

FireEye Inc. is a publically listed US network security company that aims to provide automated threat forensics and dynamic malware protection against advanced cyber threats, such as advanced persistent threats and spear phishing.

FireEye (FEYE)

Source: Hoovers

Palo Alto Networks (PANW)

Company Description

Palo Alto Networks provides a wide suite of enterprise-level next generation firewalls, with a diverse range of security features for your network.


2014 Revenue $598.2 M

CEO Mark McLaughlin

Headquarters Santa Clara, CA

M&A Considerations

• The PA-7050 protects datacenters and high-speed networks with firewall throughput of up to 120 Gbps and, full threat prevention at speeds of up to 100 Gbps. To address the computationally intensive nature of full-stack classification and analysis at speeds of 120 Gbps, more than 400 processors are distributed across networking, security, switch management and logging functions. The result is that the PA-7050 allows you to deploy next-generation security in your datacenters without compromising performance.

• Panorama provides you with the ability to manage your distributed network of our firewalls from a centralized location. View of all your firewall traffic; manage all aspects of device configuration; push global policies; and generate reports on traffic patterns or security incidents - all from one central location..

• Palo Alto Networks Threat Prevention security service protects against malware delivery through custom-built signatures that are based on content — not hash — to protect against known malware, including variants that haven’t been seen in the wild yet. Offers intrusion prevention, SSL decryption, and file blocking to ensure security needs

• In July 2012, Palo Alto Networks became a public company, trading on the NYSE under the ticker PANW, raising $260.4 M in their IPO at a market capitalization of $2.8 B (~13x revenue)

• Morta Security was acquired for an undisclosed sum in January 2014

• Cyvera was acquired for approximately $200 million in April 2014

Source: Hoovers

CyberArk (CYBR) – Israeli-based company

Company Description

CyberArk specializes in providing IT security from internal threats—that is, cyberattacks launched from within an organization, rather than from outside its perimeter


2014 Revenue $103.0 M

CEO Udi Mokady

Headquarters Newton, MA

M&A Considerations

• Privileged Threat Analytics is an expert system for privileged account security intelligence, providing targeted, immediately actionable threat alerts by identifying previously undetectable malicious privileged user and account activity. The solution applies patent pending analytic technology to a rich set of privileged user and account behavior collected from multiple sources across the network. CyberArk Privileged Threat Analytics then produces highly accurate and immediately actionable intelligence, allowing incident response teams to respond directly to the attack.

• CyberArk SSH Key Manager is designed to securely store, rotate and control access to SSH keys to prevent unauthorized access to privileged accounts. SSH Key Manager leverages the Digital Vault infrastructure to ensure that SSH keys are protected with the highest levels of security, including the encryption of keys at rest and in transit, granular access controls and integrations with strong authentication solutions

• CyberArk Enterprise Password Vault enables organizations to secure, manage and track the use of privileged credentials whether on premise or in the cloud, across operating systems, databases, applications, hypervisors, network devices and more

• In September 2014, CyberArk became a public company, trading on the NASDAQ under the ticker CYBR, raising $85.8 M in their IPO at a market capitalization of $414 M. (~11x revenue)

Source: Hoovers

Top Cybersecurity Startups

Source: CBInsights, Gartner Research

The cybersecurity market is poised for disruption from start-up companies.

Cybersecurity is more than the latest investment fad for today’s savvy investor. Recent events have led to significant growth in the number of startups focused on cybersecurity, and to the number and diversity of investment opportunities for early stage investors. In 2013 alone, venture capital firms invested nearly $1.4 billion in 239 cybersecurity companies

Among top-tier VC investing firms, Intel Capital is the most active investor in cybersecurity startups having invested in more than 20 companies since 2010. Accel Partners and KPCB took second and third place respectively, investing in more than 15 unique companies each.

Authy*

Company Description

Secure Yet Easy-to-Use Two-Factor Authentication for Websites and Mobile Apps. Protect your daily apps like Facebook, Dropbox, Evernote, AWS, Outlook and many others. Use Authy to thwart phishing and man-in-the-middle attacks, quickly and easily.


2014 Revenue ---

CEO Daniel Palacio

Headquarters San Francisco, CA

M&A Considerations

• Authy designed and built a powerful dashboard with all the basic and advanced features like create infinite applications, add collaborators, setting your SMS, calls and many other options created to help you manage your applications.

• Enable, set and decide what do you want to have in your application to create the best experience for your users and keep them happy.

• Our payments system lets you know exactly what you are using and what you are paying. So you can always know what is your account status up to date.

• Whether you require PCI, HIPPA, FIPS or any other compliance requirements, Authy helps you easily achieve and stay compliant.

• Security policies are an essential part of an scalable and secure Two-Factor Authentication deployment. Authy has a powerful policy engine that allows you to automatically control how your Authentication behaves at it's deepest level.

• Authy uses 256 bit's private keys, which can be rotated instantly on demand. All keys are also fully manageable. You can remotely disable and reset keys all with a push of a button. We also provide remote health checking capabilities that help you keep your organization running 24/7 and your users happy.

• Authy was acquired for an undisclosed sum by Twilio in February 2015.

*An Angel King Portfolio Company

Source: Crunchbase

https://angel.co/ross-blankenship

https://angel.co/ross-blankenship

Lookout

Company Description

Protecting individuals and enterprises, Lookout predicts and stops mobile attacks before they do harm.


2014 Revenue ---

CEO Jim Dolce


M&A Considerations

• Predictive Security - Lookout’s advanced security connects the dots between code, app behavior, and known attackers to stop threats – all in the cloud without impacting your device.

• Missing Device - Forget that panicked feeling when you can't find your smartphone. Lookout gives you the control you need to get your lost or stolen device back.

• Theft Alerts - Lookout turns your device's features – from the front-facing camera to the lock screen – into defensive countermeasures that make thieves think.

• Data Backups - Losing or damaging your device doesn't have to mean losing what's on it. Automatic backups of your contacts, photos, and call history make sure they’re always

• Secure App Stores - Automatically vet applications to ensure policy compliance before making them available to your organization, as well as mobile apps to keep user safe

• Raised $282 over 8 rounds from investors including Morgan Stanley, Andreessen Horowitz, Accel Partners, and Greylock Partners

Source: Crunchbase

BlockScore

Company Description

BlockScore is an identity verification and anti-fraud solution for online transactions.


2014 Revenue ---

CEO John Backus

Headquarters Palo Alto, CA

M&A Considerations

• Customer Identity Verification - We use many data sources to verify the information your customers provide. We correlate data across credit bureaus, motor vehicle records, address histories, watchlists, and other records in order to provide a superior solution to single-source verification services.

• Knowledge Based Authentication - We provide a series of questions to which only your customer knows the answer using information separate from someone’s identity. This provides a better, practical solution to photo ID verification because it is difficult to know correct answers to these questions unless you are actually the person.

•

• Compliance - As part of every verification, we instantly scan dozens of government watchlists and red flag lists to protect your business from wanted individuals. We can optionally proactively scan your entire user base every time the list changes and inform you if anything changes.

• Fraud Alert - We detect mass fraud and use of false identities across our network. When lists of stolen identities hit the black market, we quickly learn of problematic identities and proactively notify you, limiting your exposure to fraudulent activity.

• Raised $2M over 2 rounds from YC, Khosla Ventures, and Battery Ventures, among others

Source: Crunchbase

Sift Science

Company Description

Sift Science fights fraud with machine learning. Machine learning teaches a computer to mine data for statistical patterns, and continuously learn and adapt as new data streams in.


2014 Revenue ---

CEO Jason Tan


M&A Considerations

• Reduce Chargebacks - Zero in on investigating orders that matter and make quick, accurate decisions. Using the Sift Science Console, see all of your data in one place, including: Signals identifying suspicious behavior, the ability to filter users by IP address, device fingerprint and more network visualizations so you can see relationships between users and accounts

•

• Fraud Detection - With every new piece of your data, Sift more precisely adapts to your business and helps you stay ahead of ever-changing fraud tactics. Prevent fraud with automated learning on our award-winning platform using advanced data science techniques. Harness the same powerful technologies used by Amazon and Google.

• Distill Patterns from Data - We sift through your data for subtle fraudulent behaviors that a rules-based system would miss. Behind the scenes, we automatically build a statistical model with your unique data and patterns found on our network. Harness the power of data-driven decision-making in a single platform.

• Raised $23.6M over 3 rounds from First Round, Union Square Ventures, and YC

Source: Crunchbase

BugCrowd

Company Description

Crowdsourced cybersecurity. Bugcrowd is the premier marketplace for security testing on web, mobile, source code and client-side applications.Bugcrowd solves the undersupply of cybersecurity professionals by giving businesses the ability to engage with their curated, reputation-driven community of over 13,000 security professionals.


2014 Revenue ---

CEO Casey Ellis


M&A Considerations

• Testing: Researchers test your site and report vulns to Bugcrowd. During this time, Bugcrowd is validating submissions.

• Final validations and report: Bugcrowd finishes validations, and finalizes your assessment report.

•

• Finish: A streamlined report of the valid findings our researchers discovered.

• Raised $7.7M over 3 rounds from Paladin Capital Group, Rally Ventures, and Square Peg Capital, among others

Source: Crunchbase

Summary

Source: Gartner Research, DigitalChalk

Four categories frame the future battleground for cyber warfare.

Four key trends are poised to disrupt the IT Strategy consulting marketEmployee Training

• 77% of American Corporations use some form of online learning

• The US and Europe account for over 70% of the global eLearning industry

• By 2019 half of all college courses will be taught online

• Access to mass populations and their parent organizations are at an all time high

Hardware (Drones)

Connected Devices

• 89% of mobile media time is spent on mobile apps

• 80% of internet users now own a smartphone

• Internet of Things is creating an explosion of connected devices worldwide

• Mobile security options and computing power remains nascent relative to traditional security functions of desktops and laptops

Active Defense

• Practically all drones have computers and onboard logic, and for the most part are communicating with a control system through a communications channel making them susceptible to a cyber-attack.

• There has been a thriving community of drone hackers already and several open source projects available such as Skyjack which uses your drone to take over the drones around it

• A honeypot is defined as “a computer system on the Internet that is expressly set up to attract and ‘trap’ people who attempt to penetrate other people’s computer systems

• Sinkholing is the impersonation of a botnet command-and-control server in order to intercept and receive malicious traffic from its clients

• Threat intelligence is “consuming information about adversaries, tools or techniques and applying this to incoming data to identify malicious activity

Which industries in America face the biggest threats from cyber attacks?

Healthcare & Insurance

Defense

Internet of Things

• Hardware and robotics account for a significant increase in hospital care/surgical devices

• Doctors and nurses are sharing important patient data via mobile and cloud. HIPAA at risk.

• Research labs for pharmaceutical companies are also increasingly cloud-based.

• Patient information being falsely used for procuring health insurance.

Biggest threats: patient privacy, patient safety with drug development, hardware malfunctioning with medical devices, and insurance industry theft.

• American defense (large cap) spending is increasingly spent on hardware such as drones and space-based defense/offense measures.

• Major energy, financial grids and networks are subject to attacks by foreign entities.

• Police and law enforcement is now cloud-based with new sharing that could be hacked.

Biggest threats: operational protection of markets, hardware/drone operations, police/safety.

• Millions of homes projected to be connected to Internet of Things (“IoT”) by 2020.

• Major corporations like Google, General Electric, Cisco, and Honeywell will need to ensure all Wi-fi devices and internet based software/hardware hybrid protects are protected.

• Access to consumer homes bring inherent and growing risks for safety and privacy.

• Biggest threats: Wi-fi devices, hardware such as thermostats and smoke detectors, routers and internet-connected devices

#1

#2

#3

The cybersecurity industry will increase by an additional $250 billion by 2020.

Source: Crunchbase

Investor returns in cybersecurity start-ups are at an all-time high

Investor Company Exit Price Capital Round

ROI*

Sequoia Capital

FireEye $1.5 B $6.5 M (A) 46x

Juniper Networks

FireEye $1.5 B $14.5 M (B) 34x

Greylock Partners

Palo Alto Networks

$2.8 B $10 M (A) 280x

Sequoia Capital

Palo Alto Networks

$2.8 B $18 M (B) 51x

Goldman Sachs

CyberArk $414 M $40 M (B) 3.45x

*Estimated

Recent Cyber Attacks:

To give examples of how cyber attacks can be so diversified and impact every industry.

Disclosure: investing in startups carries a high degree of risk. Financial and operating risks confronting both early and developmental-stage companies, as well as more mature expansion-stage companies are significant. Many emerging growth companies go out of businesses every year. It is difficult to know how companies will grow, if at all, or what changes may occur in the market. A loss of an investor's entire investment is possible and no profit may be realized as nothing is guaranteed, ever. Investors are responsible for conducting their own due diligence.

UCLA Health System Attacked.


According to Business Insider, “A months-long cyber attack on the University of California, Los Angeles hospital system put at risk the personal information for up to 4.5 million people, officials said Friday.

UCLA Health said in a statement that while there's no evidence hackers acquired personal or medical data, it can't be ruled out yet.

Officials said they were working with the FBI to track the source of the attacks.

The FBI said in a statement that the agency was looking into the nature and scope of the cyberattack, as well as the person or group responsible.”

Estimated Cost: $100 Million Dollars across 4 hospitals on two campuses

The Federal Government – Office of Personnel Management (“OPM”) Attacked.


According to the OPM:

Personnel data of nearly 5 million former Federal government employees was stolen in April of 2015. This includes full names, birth dates, Social Security numbers, and home addresses.

An additional 20+ million persons’ private data were stolen from previously conducted background checks. These background checks were supposed to be “Top Secret.”

The suspect culprit: the Chinese government.https://www.opm.gov/cybersecurity/

Estimated Cost: $20 Billion Dollars over next 5 years

Ashley Madison (Website) Attacked. Online cheating site.


According to the Krebs on Security:

Large caches of data were stolen from site AshleyMadison.com – to the tune of nearly 37 million users.

Additional user databases, financial records and other proprietary data were stolen.

The owner, “Avid Life Media (ALM) confirmed the hack… and said the company is working diligently and feverishly” to respond.

Estimated Cost: A lost IPO opportunity + $2 Billion Dollars in Revenue

Information herein provided by:

The Angel Kings Funds

#1 Way to Invest in Cybersecurity Startups

Learn more at AngelKings.com


http://angelkings.com/invest-in-startups

http://angelkings.com/startups

The author of this cybersecurity report is Ross Blankenship.http://rossblankenship.com

-Ross Blankenship is a leading expert on cybersecurity & startups.-Author of best-selling book on cybersecurity, Cyber Nation.

Disclosure: investing in startups carries a high degree of risk. Financial and operating risks confronting both early and developmental-stage companies, as well as more mature expansion-stage companies are significant. Many emerging growth companies go out of businesses every year. It is difficult to know how companies will grow, if at all, or what changes may occur in the market. A loss of an investor's entire investment is possible and no profit may be realized as nothing is guaranteed, ever. Investors are responsible for conducting their own due diligence. Learn how to invest in startups, now.

http://rossblankenship.com/


http://angelkings.com/


http://rossblankenship.com/

the cybersecurity report: emerging global threats from cyber attacks

Economy & Finance

cyber nation

cybersecurity report

business processes

cybersecurity companies

cybersecurity marketplace

cybersecurity capabilities

mature security program

business process environments