Cyber security is a top issue for the public and private sectors alike–and with holiday shopping online sales already underway, it’s also top of mind for consumers who are trusting their favorite merchants to protect their data. Yet it’s decidedly difficult to remain proactive in the face of cyber criminals and the evolving risk they pose. The industry has become increasingly specialized as a result, with more and more companies and cyber security experts setting their sights on particular threats as they search for new ways to protect proprietary data. Here are three examples of this new kind of cyber security specificity.
ObserveIT and the “Malicious Insider”
In 2014, when we spoke with Tim Ryan, a managing director at risk consultancy Kroll Advisory Services, we learned about the malicious insider, which Ryan described as “somebody whom the company gave credentials to, and who then decides to use those credentials to steal intellectual property or to destroy data.”
Addressing the risk posed by malicious insiders is surprisingly difficult, especially for larger organizations that have tens of thousands of credentialed people with access to sensitive data and other information. That’s where ObserveIT comes in.
The startup relies on data and behavior monitoring to help prevent threats from privileged users and third-party contractors, with solutions ranging from insider threat detection to third-party monitoring.
EyeVerify and Its Eye Scanning Password Technology
iPhone-owners are now familiar with the fingerprint scan that’s embedded in their smartphones. But Kansas-based EyeVerify ups the ante on that kind of technology: It has a product that uses a smartphone’s camera to take a detailed image of a person’s eye into a key.
That key holds the unique pattern that blood vessels take in each person’s eye, EyeVerify founder Toby Rush told Free Enterprise earlier this year. “When you take a selfie, we’re able to use those images, extract these very unique biometric features, do pattern-matching, and then generate a key that’s the equivalent of a 50-character complex password,” he explained.
EyeVerify’s technology is simple to activate—it only takes about 20 to 30 seconds initially, and then a few seconds thereafter—and the company is actively partnering with businesses and other organizations, many of which are deploying it as a step-up authentication.
To learn more about EyeVerify, check out our full piece on the company here: “The Password of the Future? Your Eye Holds the Key”
Argus and Automobile Cyber Security
Automobiles have become increasingly connected to the internet over the past few years, as carmakers have sought to cash in on the increased consumer demand for services that allow them to be tied in at all times—even when they’re behind the wheel.
While these kinds of upgrades have largely benefited drivers, they’ve also at times put them at risk, creating technological vulnerabilities that cyber criminals have tried to exploit. Startup Argus has dedicated its mission to thwarting these kinds of attacks. As we reported earlier this year, it does this through a number of means, including an algorithm it has developed that constantly looks for holes in a vehicle’s cyber armor.
“By continually updating the vulnerability-identifying algorithm it developed in-house, Argus and its partner organizations are continually working to stay ahead of their cyber counterparts. But they face an uphill battle, as hackers become increasingly sophisticated and more difficult to thwart.”
To learn more about Argus and the emergent automobile cyber security sub-industry, check out our full piece from earlier this year: “Race to Protect Cars From Cyber Attacks Is On, But Who Will Win?”