📡 Cybersecurity Innovation Pulse #20: U.S. Guidance on Post-Quantum Cryptography; Cyversity's New Advisory Board; AI Security Companies to Watch; Prelude's Probes; and More!
Covering Aug. 17th - 24th of 2023
Welcome to Issue 20 of the Cybersecurity Innovation Pulse! I'm Darwin Salazar, your guide to the dynamic world of cybersecurity innovation. Each week, I deliver the latest on product launches, groundbreaking innovations, strategic collaborations, and other developments at the intersection of innovation and cybersecurity. If you find value in these updates, consider becoming a subscriber to ensure you receive these insights directly to your inbox, saving time and keeping you ahead of the curve.
Introduction
Howdy! Not much happened this past week in the world of cybersecurity innovation and security products. It seems most companies are still recovering from the massive Black Hat push. However, there is some notable news to cover including some AI and Quantum-related jazz so without further ado, let’s get to it!
Top Stories
New Guidance on Post-Quantum Cryptography
While there's a lot of talk about the security challenges of Generative AI, there's another issue on the horizon: the need to change our long-standing encryption methods due to quantum technology. While it may seem far out, the U.S. National Security Agency (NSA), the Cybersecurity and Infrastructure Security Agency (CISA), and the National Institute of Standards and Technology (NIST) have recently shared guidance on the risks quantum technology poses to current encryption methods and advised businesses to start preparing for a shift to post-quantum cryptography. This means many current security methods based on public key algorithms will need to be updated or replaced to fend off quantum threats. The document is worth a read as it provides practical steps organizations can take today such as creating an inventory of current cryptographic algorithms and services to see what's being used organization-wide.
Another major highlight from this release is that NIST plans to introduce new post-quantum encryption standards in 2024. Source
AI Security Companies to Watch
DarkReading has curated a list of 8 AI risk and resilience firms that every CISO should keep an eye on. The list of companies includes HiddenLayer, DeepKeep, and Protect AI. While it’s still early and there’s a lot of smoke in the AI security space, these 8 companies are clear leaders of the pack. Source
Cyversity Shapes the Future of Cybersecurity with New Advisory Board
Cyversity, a non-profit dedicated to promoting the success of women, underrepresented minorities, and veterans in cybersecurity, has announced the formation of its new Advisory Board. This board comprises industry experts, cybersecurity veterans, and thought leaders who are committed to advancing diversity and inclusion within the cybersecurity workforce.
The board's members include Clar Rosso, CEO @ ISC2; Marene Allison, Fmr. Global CISO @ Johnson & Johnson; Phil Venables, CISO @ Google Cloud; Corey Thomas, CEO @ Rapid7, and Bertina Ceccarelli, CEO @ NPower. Their collective expertise and commitment to advancing diversity and inclusion will be pivotal in building on top of Cyversity’s track record of driving positive change in the cybersecurity industry.
To me, innovation and diversity go hand in hand so if you’d like to stay ahead of the curve, you should follow what Cyversity is doing and consider getting involved.Source
Shameless plug, I’ll be moderating a deep dive session on Cyversity’s mentorship program tomorrow, Aug. 26th, you can register for the session here.
Security Product Innovation
Prelude Security Enhances Continuous Security Testing in Containers
Prelude Security has introduced advanced capabilities to its Probes technology which enables continuous security testing specifically designed for endpoints including containers. Probes are processes that only take up 1kb-2kb to run and do not require root permissions to test and uncover known vulnerabilities inside endpoints. Probes are free on up to 25 endpoints and then on a price-per-host basis. This innovative solution ensures that endpoints are continuously tested, even in dynamic containerized environments.
To me, Prelude is certainly a startup to watch in the space. After spending some time researching their product, its founders, and its backers, it’ll be obvious why. They also have a pretty cool product-led growth motion that allows you to poke around their product with demo data and without setting up an account. Source
Rubrik's Generative AI Assistant Aids in Cyberattack Recovery
Rubrik has launched a generative AI assistant to enhance post-cyberattack recovery. It seems that it can be a great value-add in recovering from ransomware attacks specifically. The tool offers a three-pronged approach:
It devises a recovery plan using the cleanest, latest data, guiding the restoration of unaffected files from the most recent snapshot and rolling back compromised files to the pre-attack state.
It ensures a safer VM recovery process, pinpointing the vSphere templates essential for creating a secure VM without latent vulnerabilities.
The assistant reduces application downtime using AI-driven task lists, offering precise snapshot or file recommendations for a clean recovery, thereby swiftly restoring operations and reducing potential revenue losses. Source
Google Workspace Boosted with New AI-Powered Security Controls
Google has introduced new AI-driven features to Workspace to help with zero-trust security, data loss prevention (DLP), and data privacy controls. You can read their full release post here for all the details.
Proton Introduces VPN for Business
Proton has launched an enterprise-tailored VPN solution designed to cater to the needs of businesses. The most notable additions are the private gateway capabilities that make it easier to limit and segment access to resources. Source
Grip Security Secures $41M in Series B Funding Round
Grip Security, a leader in the SaaS Identity space, has raised $41 million in a Series B funding round led by Third Point Ventures and joined by YL Ventures, Intel Capital, and The Syndicate Group. The funds will be utilized to further product development and fuel the company’s go-to-market (GTM) strategy. Source
Conclusion
Aaaand that's a wrap for this week, folks! Your feedback is the fuel that keeps this newsletter going, so don't hesitate to let me know what you loved, hated, or would like to see improved. If you found value in this issue, why not share it with a friend or consider becoming a paid subscriber? Each week, I sift through over a thousand headlines to bring you the most impactful stories that are driving innovation in cybersecurity. Your support lets me know that this work is making a difference.