The cybersecurity industry has experienced a rare silver lining of the COVID-19 economic collapse, recent studies show. Remote workers need new kinds of protection; healthcare organizations need defenses in a desperate time, and high-profile ransomware cases drive demand for new solutions.
“Cybersecurity is perhaps more relevant than ever given the new scale of remote work,” analysts from startup incubator DataTribe recently wrote. “This is a great time to invest in quality ventures.”
The global cybersecurity market is expected to grow from $183.2 billion in 2019 to $230 billion by 2021, led by remote worker security and healthcare security, according to April research on COVID-19’s impact from the firm Markets and Markets. Meanwhile, customers are willing to pay up for innovative products: The number of companies spending more than 20% of their cybersecurity budgets on advanced technologies has doubled in the last three years, according to recent research from Accenture.
With these market forces in mind, we rounded up 8 cybersecurity startups that are making news and impressing investors. All are plunging into developing areas, whether that means exploring new approaches to authentication to avoid passwords, harnessing the power of automation, or using machine learning to teach algorithms to protect us.
While it’s far from a complete list, here’s a look at some of the cybersecurity startups bringing innovation and investment opportunity to a down economy:
Darktrace – Using machine learning to identify and stop threats
What it does: Darktrace creates profiles for networks, devices, and users in an organization and then deploys machine learning (a kind of artificial intelligence that uses vast amounts of data to train algorithms to make predictions) to identify anything that doesn’t look like “normal” behavior and thus alert security teams to possible threats before they harm the company.
Why it’s noteworthy: Darktrace has made a name for itself by spotting strange hacks and scams, such as bad actors trying to break into a US casino using the internet-connected thermometer in a fish tank. Gustafsson was named an Officer of the British Empire in June for her contributions to cybersecurity.
Elevate Security – Making cybersecurity training interesting
What it does: Elevate Security trains employees to have better cybersecurity habits by evaluating their behavior and notifying them of ways to improve. The cofounders – both former Salesforce executives – stress a positive and upbeat approach to cybersecurity, which is unusual in a field that often focuses on threats and risk.
Why it’s noteworthy: A Forrester report in March gave Elevate Security the highest score possible among cybersecurity training companies, saying the firm offers customers “a departure from ancient cybersecurity employee training rhetoric.”
Armis – Automatically tracking IoT devices
What it does: Armis provides cybersecurity for an enterprise’s Internet of Things devices by automatically tracking their behavior, detecting threats, and taking action where necessary to protect threatened devices, the company says.
Why it’s noteworthy: Armis’ team of researchers have drawn attention to the insecurity of IoT through several recent vulnerability reports, which highlighted issues with millions of devices used in healthcare, aviation, manufacturing and more.
Tessian – Protecting people from email threats
What it does: Tessian focuses on email security. It uses machine learning to automatically identify and block incoming emails containing malicious links, ultimately preventing data loss – such as what happens in ransomware attacks.
Why it’s noteworthy: Tessian’s three co-founders were investment bankers in their early 20s with no security expertise when they discovered that most email security was focused on protecting computer systems – and not taking into account employees’ user experience. Tessian learns a user’s network of contacts and email habits, and tailors an automated security profile that blocks threats and urges cautions for that specific user.
Beyond Identity – Killing the password they helped to create
What it does: Beyond Identity, which just launched in April, uses an old solution in a new way to provide passwordless security. The firm uses the “certificates” system that verifies trusted websites (generating the little lock icon next to a web address in your browser) to also verify users. So, users sign in on their laptop or phone and then don’t need to use passwords on any websites.
As veterans of the pioneering web browser Netscape, the founders are essentially addressing a problem – passwords – which they helped create 25 years ago.
Druva – Centralizing and protecting enterprises’ data
What it does: Druva’s cloud platform breaks down data silos and centralizes businesses’ critical data in a single location in the cloud. That allows it to protect data spread across company laptops, applications, and servers. It can also help customers identify data loss and recover that data, and says that it has more than 4,000 enterprises using its products, including Marriott, Live Nation and NASA.
CyberMDX – Protecting medical IoT devices
What it does: CyberMDX protects internet-connected medical devices and the networks that host them from cybersecurity attacks by alerting hospital security teams to vulnerabilities they didn’t know existed. It essentially tries to avoid worst-case scenarios where ransomware attacks lock down entire networks, making potentially life-saving medical devices inaccessible.
As health systems grow to include more locations on scattered campuses, the ability to identify and locate faulty pieces of equipment can save time, money, and lives.
Cybereason – Securing endpoints like laptops and smartphones with a billion-dollar valuation
What it does: Cybereason specifically focuses on risks to “endpoints” (like laptops, iPads, servers, and mobile devices) to help security analysts respond faster to threats. The firm also provides forensics services, advanced analysis services, and breach response services.
The company reached unicorn status – becoming a billion-dollar company – in 2019.