Mach37 Spring Class 2016 Interview: Hilltop Security

 

2016-06-14 - M37 Demo Day - 08 - HTSI - DSC_3364

Tom Gilmore, Hill Top Security CEO

 

What opportunity did you recognize that led to the founding of Hill Top Security?


HTSITom Gilmore:
 We saw that most organizations were faced with a shortage of skilled security personnel and that any strategy built around creating more security analysts was not going to be effective. In addition, security personnel are overwhelmed with security alerts and spend too much time processing false-positive alerts. We also believed that the time to detect a breach which is on average 206 days is a direct result of these problems and that time could be dramatically decreased with automation and better tools.

What specific value does addressing that problem provide for your customers?

Gilmore: We provide customers with a security incident response platform that ingests data and performs complex event processing to save analysts time allowing them to move to detection and response activities faster.

Why aren’t current solutions addressing this problem effectively?

Gilmore: Most solutions on the market today are focused on prevention, or detection, or response. Our product is designed to do all three and also provides analysts with the ability to work in a single environment instead of having to login and operate every security tool independently.

What makes your approach different and better from existing approaches?

Gilmore: Solutions on the market now are very narrowly focused and fragmented creating more work and reducing efficiency. Our product is designed to enhance and improve the utility of our customer’s current resources. By interconnecting all the devices and systems that make up the security architecture, we are able to increase the value of the data being generated by enriching the data with such things as business impact analysis, business rules, and risk assessments.

What about your team’s background puts you in a unique position to succeed?

Gilmore: We have a team that has experience in national and military intelligence, cyber security, and industrial engineering. I personally have one start-up under my belt that made the Inc. 500 and exited. Neil Wright spent 7 years designing UPS’s global package handling system and Steve Baker has over 30 years of national security and intelligence experience working in such places as the White House National Security Council.

What one aspect of the Mach37 programs did you personally find most beneficial?

Gilmore: Learning the intricacies of being a successful product company. Having come from a government services background, making that transition can be very difficult and Mach37 helps you define what that will look like and develop a plan to get there.

Learn more about Hill Top Security here.

Mach37 Spring Class 2016 Interview: NormShield

 

2016-06-14 - M37 Demo Day - 05 - Norm Shield - DSC_3389

Mohamoud Jibrell, NormShield CEO

 

What opportunity did you recognize that led to the founding of NormShield?

ns-logo-transMohamoud Jibrell: Through our many years of experience in the cyber security industry we recognized that organizations rely on mostly manual methods to validate their security posture and they do not have visibility to existing vulnerabilities that hackers can exploit. We also recognized that most security tools are not designed for the mid-market. They assumed a greater sophistication of user and more manpower than is typically available to mid-market CIOs. So, we founded NormShield to fill those gaps: automate cyber security processes, provide visibility and services that are currently not available and align the solution with the needs of the mid-market.

What specific value does addressing that problem provide for your customers?

Jibrell: Visibility. That, in one word, is the specific value that we provide more of than any our competitors. NormShield provides better visibility to existing vulnerabilities and significantly reduces the risk of hacker exploitation. We do this by continuously gathering cyber threat data from multiple sources and by monitoring our customers’ assets. We then analyze and present the data and actionable information to our customers using our cloud platform. That visibility helps companies take action to reduce risk.

Why aren’t current solutions addressing this problem effectively?

Jibrell: Current products are designed for large enterprises and are narrowly focused. Mid-market businesses don’t have the financial or human resources to run dozens or even a handful of information security products to protect their assets. Current solutions assume large enterprise users with large staffs that can specialize in specific infosec tools. NormShield’s single, integrated solution provides the necessary security coverage while minimizing the human labor and skill requirements. I was a mid-market CIO and I understand the security needs, but also recognize the constraints. We built a tool to fit that user profile.

What makes your approach different and better from existing approaches?

Jibrell: We provide a unified single solution that addresses multiple needs. Competitors offer multiple products to address the same set of problems. But using multiple products is a lot more difficult to administer and it also brings a lot of management overhead. We commonly see security teams, IT teams and risk teams work independently with different agendas and metrics. Acquisition of multiple products is also more expensive and it is not something that most mid-market companies can afford. All of these factors combined lead to inefficient and ineffective processes that slow down the threat response and vulnerability management and expose companies to preventable cyber attacks.

What about your team’s background puts you in a unique position to succeed?

Jibrell: We have a diverse team with deep expertise in ethical hacking, enterprise software development and IT management. I myself have 16 years of CIO experience under my belt. Our combined experience in the industry gives us the network and knowledge we need to succeed.

What one aspect of the Mach37 programs did you personally find most beneficial?

Jibrell: The support we got with sales, marketing and product strategy was extremely beneficial. We were also introduced to many different potential customers through Mach37, which allowed us to expand our network and get a jumpstart on reaching our goals.

Learn more about Normshield here.

Mach37 Spring Class 2016 Interview: Unblinkr

 

Demo

Mancy Sanghavi, Unblinkr Founder

 

UnblinkrLogoTransparent

 

What opportunity did you recognize that led to the founding of Unblinkr?

Mancy Sanghavi: 250 million cars will join the Internet of Things by 2020. Cars are running millions of lines of code and are just as susceptible to hacking as any computer network. Advanced driver assistance and connectivity features increase threat vectors on the connected vehicle. We identified an opportunity to make cars secure.

What specific value does addressing that opportunity/problem provide for your customers?

Sanghavi: Automotive Industry insiders acknowledge connected cars need to be secure from outside hackers. Through the publicity car hacking has received recently, consumers want to know their vehicles are safe. There are plenty of discussions on how to secure the connected car. Our product provides an answer to that question. By using our solution, car manufacturers can stay competitive and offer more advanced connectivity features for consumers.

Why aren’t current solutions addressing this opportunity/problem effectively?

Sanghavi: Cars today are infinitely more complex than the Model T designed by Henry Ford in 1908. Automotive companies have never had to think like technology companies in the past, and they are having to play catch up. Their design times have to be more responsive. We don’t have to play catch up because our team has been dedicated to this problem for over 5 years.

What makes your approach different and better from existing approaches?

Sanghavi: The connected vehicle space is new and there is no clear leader in aftermarket automotive cybersecurity. Cybersecurity is crucial in order for the market to adopt driverless cars. There are a few startups offering point solutions whereas we are taking a holistic approach. We believe in intelligent data by bringing context to increase awareness of the situation, thereby enabling us to make better decisions.

What about your (team’s) background puts you in a unique position to succeed?

Sanghavi: Our team has done research on the security and privacy concerns of these types of advanced technologies. We have bid on and received research grants to examine connectivity and have spent time in labs researching internal car networks. We conduct black box testing and pen testing on cars.

What one aspect of the Mach37 programs did you personally find most beneficial?

Sanghavi: The Mach37 program is incredibly beneficial and I highly recommend it. The 14-week program gives startups a unique chance to interact with experts and learn how to run a business from start to exit. Startups hone their message and learn the building blocks to take a litmus test of whether their idea can succeed in the marketplace. Mach37 helps you build your boat before they launch you into the waters.

Are there any adjacent industries transformed by your solution?

Sanghavi: Imagine summoning a driverless car via smartphone, revolutionizing taxi and parking industries. Targeted in-car advertising creates revenue opportunities for telecom and marketing industries. Insurance is getting ready for the day of driverless cars and when people aren’t paying car insurance anymore. Our solution helps track history and prove whether a car has been hacked. This is valuable information for insurers.  However, these disruptions come with challenges. The FBI is concerned that driverless cars are a terrorist target. Centralization means more vulnerability and creates user privacy concerns.

What are the key market/economic forces in your industry?

Sanghavi: Over 35,000 people in the US die in road crashes each year. Driverless technology is the hope that the number will become zero. But we are replacing human error with a machine. If that machine becomes hacked, that is dangerous for the families riding in the car. One day anti-hacking software installed on a car will be mandatory, the way seatbelts and airbags are mandatory safety elements today.

An industry driver is that revenues from connectivity are expected to increase sixfold from approximately $30 billion in 2014 to approximately $170 billion in 2020. Possible legislative mandates like SPY Car Act may fuel demand for Unblinkr product. An Executive Order mandates all government vehicles to address threat vectors by 2017. The EU eCall law will drive demand for the product overseas.

Learn more about Unblinkr here.