We detail how cybersecurity startups are using AI to take a new approach to counter some of the most significant cyber threats.
Cybersecurity companies saw a record number of funding deals last year and on a quarterly basis Q1’17 was the most active quarter for deals to private cybersecurity companies over the last five years. Alongside overall rising investment activity, a number of cybersecurity companies are emerging to offer up novel solutions to age-old cyber threats by leveraging artificial intelligence (AI). According to CB Insights’ AI Deals Tracker, cybersecurity is the fourth most active industry for deals to companies applying AI.
But how exactly does AI put these cybersecurity companies in a unique position within this rapidly evolving industry?
In the table below we detail four salient cyber threats facing our digital world today, and detail the shift in old-school approaches vs. new-school approaches that leverage AI. We also include notable cybersecurity startups using AI to address each threat.
Two unicorn companies valued at over $1B are included in the table below: the automated endpoint protection company Tanium, which utilizes AI-based Natural Language Processing (NLP), and the predictive intelligence company Cylance, which leverages machine learning algorithms.
AI in cybersecurity can be used to monitor activity on systems and networks in real-time, identify patterns and anomalies from internal and external data streams, speed up detection, free-up resources, enable faster remediation, and generally help improve continuous cyber resilience.
However, it is important to note that AI in cybersecurity is not necessarily a silver bullet solution. For example, non-malware attacks that require no software downloads, and disguise malicious activity within legitimate cloud services are on the rise, and AI is not yet capable of thwarting those types of network breaches.
Scroll down to read an in-depth description of each of the cybersecurity threats in the table and the startups leveraging AI to combat these threats.
Old-School Vs. New-School Cybersecurity
Track all the cybersecurity startups in this brief and many more on our platform.
Startups working on cybersecurity are gaining much more visibility as cyber threats increase. Sign up for a free trial and look for Cybersecurity in the Collections tab.Track cybersecurity startups
Cybersecurity Threats Table Breakdown
Malware: This is an umbrella term that includes forms of malicious software such as: viruses, spyware, adware, and ransomware, among others. The old-school approach to detecting malware relies on storing threat-signatures of known malware types to flag when those signatures are detected on a network or system. However, today’s advanced forms of malware can dynamically change their signature in different contexts, which makes them nearly impossible to identify using traditional threat-signature approaches. Startups leveraging AI aim to automatically detect, investigate, classify, and help mitigate advanced types of malware preemptively, or at least in real-time. Startups leveraging AI to counter malware include: Cylance, PatternEx, and SentinelOne.
DDoS: Distributed Denial of Service attacks rely on hackers overloading a network with illegitimate traffic to make the host-network inaccessible to legitimate users. Old-school methods to stop DDoS attacks necessitate that security analysts monitor network traffic in real-time to catch areas where the network’s resources are abnormally overloaded. This approach is tedious, and analysts are often incapable of sifting through the vast amount of data that passes through expansive networks. AI approaches to mitigating DDoS attacks involve utilizing algorithms in tandem with analysts to automatically detect abnormal network-resource allocation. Startups leveraging AI tools to fight DDoS attacks include: Vectra Networks, Zenedge, and ShapeSecurity.
IoT & Endpoints: IoT devices and other endpoints, including smartphones, tablets, and laptops within enterprise networks, pose a specific threat to individuals and organizations. Today’s connected devices lack supporting infrastructure for robust security protocols. Old-school approaches to defending these devices include pushing security updates from the cloud to the device, but with the dynamic nature of malware today, connected devices do not have enough memory or computing power to effectively store protocols to deal with the multitude of threats that come their way. Instead, the new-school approach involves utilizing machine learning algorithms that can monitor network device traffic to model a baseline of “normal” device behavior, and subsequently flag when the normal behavior of an IoT ecosystem is compromised. Startups addressing the threats facing IoT and endpoints include: Fortscale Security, Tanium, and CUJO.
Social Engineering: Cyber attacks that originate from social engineering tactics involve exploiting the human element of cybersecurity. In these incidents, hackers will obtain knowledge about a target user’s habits, context, etc. and use that information to prompt the target to reveal compromising information such as personal details, login credentials, etc. One common example of social engineering is known as spear-phishing whereby an attacker identifies a specific target such as an IT support employee, and then exploits the employee’s role within the organization to acquire login credentials in order to perform data theft, etc. AI approaches to social engineering involve forming a unique behavioral-fingerprint for each user and flagging anomalies in behavioral patterns to identify when users have been compromised. Startups countering social engineering tactics include: BehavioSec, RUBICA, and Sqrrl Data.
Want more data on cybersecurity startups? Log in to CB Insights or sign up for free below.