Cybersecurity st Startup observatory f o r 1 Financial Services S O
Israel Edition Meet the participating companies:
Gold
Silver Meet the participating companies:
Bronze In collaboration with:: Smartrev Cybersec Cybersecurity Innovation Partners
www.smartrev-cybersec.com
SC www.cyberstartupobservatory.com Cyber Startup Observatory Israel 4 The purpose of the Cybersecurity Startup Observatory is to collaborate to build a safer financial industry and to help solve important problems leveraging innovation. Find out more and tell us what matters to you by visiting us at:
www.cyberstartupobservatory.com
This publication has been prepared for general guidance on matters of interest only and does not constitute professional advice. You should not act upon the information contained in this publication without obtaining specific professional advice. No representation or warranty is given as to the accuracy or completeness of the information contained in this publication, and, to the extent permitted by law, Smartrev Analytics Consultants SLU, its members and employees do not accept or assume any liability, responsibility or duty of care for any consequences of you or anyone else acting, or refraining to act, in reliance on the information contained in this publication or for any decision based on it.
© 2018 Smartrev Analytics Consultants SLU. All rights reserved. In this document, “Cyber Startup Observatory”, “Startup Observatory” and “Smartrev Cybersec” refer to trademarks belonging to Smartrev Analytics Consultants SLU.
The information provided by the participating startups and companies belongs to them. They remain the sole and exclusive owner of any information provided to Smartev including without limitation, with respect to any intellectual property rights, copyrights and trademarks. Smartrev Analytics Consultants SLU have received explicit written permission to publish all the information included in this report.
www.cyberstartupobservatory.com Cyber Startup Observatory Israel 5 Contents
Preface...... 7 Introduction...... 10 The Israeli cybersecurity landscape in financial services...... 14 Behavioral biometrics, the state of the art...... 19 Innovation: Startups...... 23 Cyber risk management strategies...... 31 Innovation: Startups...... 34 BGP hijacking...... 42 Startups...... 46 AI and ML in cybersecurity...... 57 Innovation: Startups...... 62 Developing cyber crisis response capabilities...... 84 Innovation: Startups...... 90 IoT, an explosion of connected possibilities...... 99 Innovation: Startups...... 103
www.cyberstartupobservatory.com Cyber Startup Observatory Israel 6 Preface
During recent years the financial services industry has been the target of different types of attacks coming from hackers, organized crime groups and sometimes even nation states. The sophistication, severity and effectiveness of such events have substantially increased during the last year with record data breaches, massive personal information ending up on the dark web and widespread ransomware, phishing and DDoS attacks.
Our goal with this publication is on the one hand to bring awareness to the financial community of the severity of these new threats, the quickly evolving strategies, tactics and tools used by hackers and criminal organizations and on the other hand to highlight the available tools and solutions to address those challenges and the incredible innovation that is coming from some markets all around the world.
Firstly, we would like to express our sincere gratitude to all the participating startups and their teams for their fantastic solutions and their contribution not only to this observatory, but also to the industry and the society as a whole. All of them contribute to keeping our companies and lives cyber-safe.
www.cyberstartupobservatory.com Cyber Startup Observatory Israel 7 This publication has been reviewed by a group of senior cybersecurity executives coming from different corners of the world with a wealth of experience on the topics covered. We would like to thank all of them for their valuable feedback which has been absolutely instrumental in elevating the tone of this observatory in terms of quality, technical depth and global scope. In particular, we would like to thank:
• Michaël Frippiat, CISO, Axa Luxembourg • Amir Schwartz • Stéphane Nappo, Global Chief Information Security Officer & Board Advisor at Société Générale IBFS • Emmanuel Benzaquen, CEO of Checkmarx • Shahar Alon, BD and Partnerships Director at Checkmarx
The improvement from the first version of the Observatory has been substantial and this is only due to your suggestions and ideas.
www.cyberstartupobservatory.com Cyber Startup Observatory Israel 8 Finally, it would be unfair not to thank my co-editor Maite Ortega, our colleagues Alicia Peña and Carlos Rivas for their infinite patience and support to the preparation of this publication, the startup observatory web and many other key “bits and pieces”, David Bailey for his valuable advise and top-notch proofreading services and of course to the fantastic Unsplast photo repository (https://unsplast.com) for their fantastic pictures which have been used in this publication. Our gratitude goes to all the photographers for their invaluable material.
Jose Monteagudo Maite Ortega Chief Editor Co-Editor [email protected] [email protected]
www.cyberstartupobservatory.com Cyber Startup Observatory Israel 9 Introduction
This is the first edition of the Cyber Startup Observatory and is dedicated to the Israeli cybersecurity ecosystem. The process of coming up with this observatory has been quite interesting and exciting. We have conducted comprehensive research and invited several Israeli startups which we consider have amazing solutions to help banks, insurers and other financial institutions to win the battle against the bad guys.
This research started with visits from our chief editor to Tel Aviv and Be’er Sheva, the largest city in the Negev desert of southern Israel and probably one of the top innovation centers in cybersecurity in the world. During that visit, we had the opportunity to witness first-hand how seriously the Startup Nation takes cybersecurity, in particular in financial services, the CERT-IL being a fantastic example. We were impressed by the dynamic collaboration between the private sector, the universities, the government and the entrepreneurs to come up with unique ideas, solutions and thriving companies.
www.cyberstartupobservatory.com Cyber Startup Observatory Israel 10 We have included some of those innovative startups in this observatory and will continue to do so in future editions covering not only Israel but all the hubs of cybersecurity innovation in the world including the UK, France, Germany, US, Singapore, Brazil, Japan, China, Australia to name just a few.
We have also covered hot topics in the industry such as artificial intelligence and machine learning, and its role in cybersecurity, cyber risk management, behavioral biometrics, crisis management, IoT or more specific and less well known issues like IP hijacking.
Our goal with these articles is to bring awareness to the community of the complexity and seriousness of the challenge we are facing in a way that is simple, easy to understand and digest. It is not the purpose of this publication to dig deeper into the technologies, to describe machine learning algorithms or to enumerate and cover advanced persistent threats (APT) in detail. We believe there are sufficient technical publications pursuing that goal.
www.cyberstartupobservatory.com Cyber Startup Observatory Israel 11 Just a final note to highlight how this document is organized. This methodology is also applied to our web (www.cyberstartupobservatory.com) and will be consistent in future editions of the observatory.
All the sections are clasified under the following categories and signposted using the following tabs:
• Innovation: is going to cover information from startups with state-of-the-art solutions that are in some way unique.
• Resources: in the startup observatory and our web we are going to share tools that will be relevant and valuable for industry executives, cybersecurity practicioners, regulators, purchase departments, students and universities. This is our first observatory which has involved months of reseach. We are committed to improving the quality of the materials shared and to update them regularly. Also, all the logos, information from startups, categorization of solutions have been previously discussed with them and the information has been included with their approval.
• Training & Education: the cyber startup observatory team is currently working on creating cybersecurity materials, training courses and infographics that will be shared in future editions or, if required due to specific constraints of the document, will be placed in our web.
• Insight: articles covering hot topics relevant for the industry. In forthcoming editions we will be accepting participation from industry leaders. Their contribu- tion is more than welcome. If you would like to particate in this process, do not hesitate to contact us on:
www.cyberstartupobservatory.com Cyber Startup Observatory Israel 12 • Trends: a section focused on the evolution the cybersecurity industry is experiencing, new directions, including innovative technologies or approaches that might take cybersecurity to the next level like AI, Blockchain, sandboxing of cybersecurity at regulator or government level, cybersecurity as a service by authorities or many others.
The first page of the different sections referred is going to include the following icons on the left hand-side. Following this nomemclature is going to make the life easier of the
readers allowing them to short-cut to the most interesting parts of the observatory. Resources Insight Innovation
Training & Education Training Trends
www.cyberstartupobservatory.com Cyber Startup Observatory Israel 13 The Israeli cybersecurity landscape in financial services
One of the goals of the cybersecurity startup observatory is to share insight among the key stakeholders in securing the financial industry, mainly cybersecurity executives from financial institutions, entrepreneurs, practicioners, universities, regulators and law enforcement. During the research period to prepare this observatory we contacted over 250 Israeli startups to understand their commitment to financial services and the maturity of their offer. All those that responded positively have been included in the following slides.
In terms of segmentation, we have classified the startups under seventeen
different categories. Those categories are: Resources
• Mobile Security • Application Security
• Cloud Security • Detection & Prevention
• Endpoint Security • Incident Response & Forensics
• Network Security • Deception
• Web Security • SOC
• Cyber Posture • Training & Education
• Compliance & Data Leakage Prevention • Identity & Fraud
• Cyber Intelligence • BMS/ BAS
• IoT
www.cyberstartupobservatory.com Cyber Startup Observatory Israel 14 In order to allow easy and clear access to the information we have split the landscape slide into three parts. The consolidated slide is available on our web:
www.cyberstartupobservatory.com
If you would like your startup to be considered for inclusion, please contact us at the following email address and we will be happy to assist:
All the information provided from startups or gathered by our research team will be updated in the next observatory that is due for early April 2018.
www.cyberstartupobservatory.com Cyber Startup Observatory Israel 15 I raeli or IL S cyber ecurity companie with olution for FS art January