It's a public secret that the majority of innovative ideas come from either the academic enviroment, or plain simple entrepreneurial spirits. I find such annual competitions as a valuable incentive for both sides to unleash the full power of their ideas, or commercialize them - consciously or subconciously. SpaceShipOne is a case study on how elephants can't dance, or at least how they dance on high profit margins only.
Recently announced, The Global Security Challenge seeks "..to help young startups succeed in the security field. Take advantage of this unique opportunity to get your ideas in front of investors, media, and government and industry leaders." And most importantly :
"We seek to uncover the creative capabilities of innovators in universities and infant companies that apply to public security needs. This includes software, hardware or other industrial solutions that help (a) protect people, critical infrastructure, facilities and data/electronic systems against terrorist or other criminal attacks and natural disasters or (b) help governments, businesses and communities defend against, cope with or recover from such incidents. Examples of Technologies We Seek:
- Mesh Networks
- Data Storage and Recovery
- Detection/ Sensors
- Biometrics
- Search Software
- Cyber/Network Security
- Communications Interoperability & Reconstruction
- Biological/Chemical/Radiological Remediation
- Protective Equipment
- RFID, Asset Tracking & Container Security
- Biotechnology
I bet Europe's Top Private Security Companies revenues' exceed the limit of having less than £ 10 million in annual revenues, it's worth speculating on their participation. Do your homework, know your competitors better than they do themselves,work out your elevator pitch, and disrupt.
As far as acquisitions are concerned, SiteAdvisor is the fist recently acquired startup that comes to my mind with its $70M acquisition deal valuation. As it obviously goes beyond VC type of mentorship, to many this seemed as an overhyped deal. There's no price for being a pioneer, but a price on acquiring the position -- a stairway to heaven. Right now, a vertical security market segment is slowly developing, and it is my humble opinion that the company's pioneering position is poised for success. Another alternative to SiteAdvisor's safe search function is the recently launched Scandoo.com which actually integrates the results from Google and Yahoo -- I doubt users would that easily change their search preferences though.
Who's next to get acquired, or hopefully funded?
Tuesday, May 30, 2006
The Global Security Challenge - Bring Your Know-How
Independent Security Consultancy, Threat Intelligence Analysis (OSINT/Cyber Counter Intelligence) and Competitive Intelligence research on demand. Insightful, unbiased, and client-tailored assessments, neatly communicated in the form of interactive reports - because anticipating the emerging threatscape is what shapes the big picture at the end of the day. Approach me at dancho.danchev@hush.com
Covert Competitive Intelligence
Yet another agreement on alleged covert competitive intelligence, this time, "WestJet Airlines says it’s sorry that members of its management team covertly accessed a confidential Air Canada website, and has agreed pay $15.5 million. In a joint news release from the two carriers, WestJet said that in 2003-2004, members of their management team "engaged in an extensive practice of covertly accessing a password protected proprietary employee website maintained by Air Canada to download detailed and commercially sensitive information without authorization or consent from Air Canada."
It's worth noting that Air Canada was actually aware of the security event, knew when it happened, and managed to trace it back to their competitors. Today's competitive intelligence does include unethical information gathering whether in-house, or "outsourced" practices, as DDoS for hire still make the headlines, compared to the many other still undetected insider leakages years ago. It's also impressive how Dumpster diving still remains a serious threat -- so make sure you shred your secrets!
It's worth noting that Air Canada was actually aware of the security event, knew when it happened, and managed to trace it back to their competitors. Today's competitive intelligence does include unethical information gathering whether in-house, or "outsourced" practices, as DDoS for hire still make the headlines, compared to the many other still undetected insider leakages years ago. It's also impressive how Dumpster diving still remains a serious threat -- so make sure you shred your secrets!
Independent Security Consultancy, Threat Intelligence Analysis (OSINT/Cyber Counter Intelligence) and Competitive Intelligence research on demand. Insightful, unbiased, and client-tailored assessments, neatly communicated in the form of interactive reports - because anticipating the emerging threatscape is what shapes the big picture at the end of the day. Approach me at dancho.danchev@hush.com
Microsoft in the Information Security Market
Microsoft is emptying its pockets with tiny acquisitions of security solution providers with the idea to target the masses in its all-in-one security service OneCare. There's nothing wrong with offering up to three licenses for $49.95 per year, at least not from a marketing point of view. Microsoft's Security Ambitions are getting huge "as it continues to reveal its security ambitions in very obvious ways. Its $75 million acquisition of SSL VPN vendor Whale Communications last week shows just how deep it wants to go against the established leaders of various security technologies. Already in Microsoft’s security sights are the antivirus and antispyware vendors. Since buying European antispyware vendor Giant Company Software and antivirus vendor Sybari, it was pretty clear that Microsoft intended to get into the malware protection market. Symantec, McAfee and Trend Micro seemed to be the clearest targets, but so are Sophos, CA, F-Secure and scores more smaller vendors."
Competition is always good for all parties involved. In another article on the topic, WebRoot's founder, a leading anti-spyware solutions provider, gave great comments about Microsoft's take over of the infosec market : "The taking of a second-best product in this space is akin to locking half the doors in your house," he said. "Vista will not solve the spyware problem. It may change the vector of attack, but it will not solve this problem. And I'll bet the company on it."
Microsoft really surprised me with their release of the Strider Honey Monkeys Crawler, as precisely the type of in-house research that would act as a main differention point of its solutions. The problem has never been the technology, they still have some of the brightest minds in the world working for them, but providing value and communicating the idea to the final customer. Security as a second priority isn't tolerated by customers, and Microsoft is last company that the end user associates with security. Obsessed with perfection, and still living in the product marketing concept world, is outdated thinking, the way pushing features based on "what the sample says" is not going to hold the front any longer. Customers beg to participate!
While for the time being Microsoft is rediscovering the Web, and working on Vista, money doesn't necessarily buy innovation, prone to make impact individuals do --ones heading to Mountain View, California where the real action is.
Competition is always good for all parties involved. In another article on the topic, WebRoot's founder, a leading anti-spyware solutions provider, gave great comments about Microsoft's take over of the infosec market : "The taking of a second-best product in this space is akin to locking half the doors in your house," he said. "Vista will not solve the spyware problem. It may change the vector of attack, but it will not solve this problem. And I'll bet the company on it."
Microsoft really surprised me with their release of the Strider Honey Monkeys Crawler, as precisely the type of in-house research that would act as a main differention point of its solutions. The problem has never been the technology, they still have some of the brightest minds in the world working for them, but providing value and communicating the idea to the final customer. Security as a second priority isn't tolerated by customers, and Microsoft is last company that the end user associates with security. Obsessed with perfection, and still living in the product marketing concept world, is outdated thinking, the way pushing features based on "what the sample says" is not going to hold the front any longer. Customers beg to participate!
While for the time being Microsoft is rediscovering the Web, and working on Vista, money doesn't necessarily buy innovation, prone to make impact individuals do --ones heading to Mountain View, California where the real action is.
Independent Security Consultancy, Threat Intelligence Analysis (OSINT/Cyber Counter Intelligence) and Competitive Intelligence research on demand. Insightful, unbiased, and client-tailored assessments, neatly communicated in the form of interactive reports - because anticipating the emerging threatscape is what shapes the big picture at the end of the day. Approach me at dancho.danchev@hush.com
No Anti Virus Software, No E-banking For You
Malware and Phishing are the true enemies of E-commerce, its future penetration, and E-banking altogether. Still, there are often banks envisioning the very basic risks, and hedging them one way or another, as "Barclays gives anti-virus software to customers"
"Barclays Bank is issuing UK internet banking customers with anti-virus software, as part of attempts to reduce online identity theft. The bank has signed a deal with Finnish anti-virus firm F-Secure, which will provide software to the bank’s 1.6m UK internet banking customers. While other banks offer discounted anti-virus software deals to customers, Barclays is the first in the UK to give it away for free. ’Nearly two-thirds of home PCs don’t have active virus protection, and one in five is actually infected by a virus, placing people at risk from data theft, as well as damage to their computers,’ said Barnaby Davis, director of electronic banking at Barclays."
I find the idea a very good mostly because compared to other banks that try to reestablish the email communication with their customers, but starting from the basics, you can't do E-banking without generally acceptable security measure in place. And while an AV solution doesn't necessarily mean the customer wouldn't get attacked by other means, or that it would be actually active in the moment of the attack, this is a very smart to do. To take advantage of even more benefits, Barclays must actively communicate their contribution and unique differentiating point to their customers, in comparison with the other banks -- it's getting harder for companies to retain customers due to improved access to information, thus more informed decisions.
You can't just deal with the technological part of the problem, but avoid the human side in it, as education and awareness will result in less gullible, but more satisfied and longer retained customers. Phishing is today's efficient social engineering, and a bank's site shouldn't be assumed "secure" as on many occasions site-specific vulnerabilities improve the truthfulness of the scam itself. Forwarding the responsibility for secured access to the E-banking feature to final customers should be simultaneous with the bank auditing its web services. In the upcoming years, with the rise of mobile banking, I think we will inevitably start seeing more mobile phishing attempts.
Ebay's PayPal is still a major player in online payments, on its way to dominate mobile payments too. The trend and potential of cross-platform malware is what both AV vendors and payment providers should keep in mind.
"Barclays Bank is issuing UK internet banking customers with anti-virus software, as part of attempts to reduce online identity theft. The bank has signed a deal with Finnish anti-virus firm F-Secure, which will provide software to the bank’s 1.6m UK internet banking customers. While other banks offer discounted anti-virus software deals to customers, Barclays is the first in the UK to give it away for free. ’Nearly two-thirds of home PCs don’t have active virus protection, and one in five is actually infected by a virus, placing people at risk from data theft, as well as damage to their computers,’ said Barnaby Davis, director of electronic banking at Barclays."
I find the idea a very good mostly because compared to other banks that try to reestablish the email communication with their customers, but starting from the basics, you can't do E-banking without generally acceptable security measure in place. And while an AV solution doesn't necessarily mean the customer wouldn't get attacked by other means, or that it would be actually active in the moment of the attack, this is a very smart to do. To take advantage of even more benefits, Barclays must actively communicate their contribution and unique differentiating point to their customers, in comparison with the other banks -- it's getting harder for companies to retain customers due to improved access to information, thus more informed decisions.
You can't just deal with the technological part of the problem, but avoid the human side in it, as education and awareness will result in less gullible, but more satisfied and longer retained customers. Phishing is today's efficient social engineering, and a bank's site shouldn't be assumed "secure" as on many occasions site-specific vulnerabilities improve the truthfulness of the scam itself. Forwarding the responsibility for secured access to the E-banking feature to final customers should be simultaneous with the bank auditing its web services. In the upcoming years, with the rise of mobile banking, I think we will inevitably start seeing more mobile phishing attempts.
Ebay's PayPal is still a major player in online payments, on its way to dominate mobile payments too. The trend and potential of cross-platform malware is what both AV vendors and payment providers should keep in mind.
Independent Security Consultancy, Threat Intelligence Analysis (OSINT/Cyber Counter Intelligence) and Competitive Intelligence research on demand. Insightful, unbiased, and client-tailored assessments, neatly communicated in the form of interactive reports - because anticipating the emerging threatscape is what shapes the big picture at the end of the day. Approach me at dancho.danchev@hush.com
Subscribe to:
Posts (Atom)