As business attitudes towards cyber security mature, the software itself is getting smarter.
Which-50 spoke to Itay Glick, the CEO of cyber security company Votiro and a former member of Israel Cyber Intelligence Unit, about the increasing importance of cybersecurity, why Australian organisations “need to do better” and how they can tackle the problem.
- WHICH-50 Reader Survey: Help us improve Which-50 by taking our annual reader survey. You can also win prizes including Google Home, Google Home Mini, Kindle Paperwhite, Beats by Dre Headphones, or Philips Hue Smart Lights.
The easiest way to gauge cybersecurity’s importance is to evaluate the job market, according to Glick. The growing demand for CISOs in North America and Europe suggests the issue is firmly on boards’ agendas there. And while demand in Australia is not yet at those levels, Glick says it soon will be.
The reason? New legislation, increasingly sophisticated attacks and slowly but surely changing attitudes toward cyber security. While Glick agrees Australia’s new laws have their faults, they are an important step and companies will no longer be able to “sweep” away breaches. Ultimately there will be more breaches disclosed and organisations will be forced to improve their systems.
“Things are changing now. There is a very strong urge to increase the cybersecurity. I think the new regulations are important,” Glick said.
“But there is still a clear need to shift the cultural mindset of businesses to take a proactive approach to cybersecurity rather than simply reacting to a data breach when it happens in real-time.”
The Votiro CEO is well versed on the issue. He is a former member of the Israeli Defence Force and spent seven years in the famous 8200 cyberwarfare division – Israel’s legendary high tech spy unit often equated to the NSA. While Glick couldn’t go into detail – 8200 veterans are forbidden from discussing their service, he did say it was an “extremely exciting” period that provided him a “wide perspective” on cyber security.
Following his service Glick initially worked with companies to asses their existing cybersecurity measures and found most of them inadequate. “What we figured out is by using zero day exploits and undisclosed exploits it would be extremely easy to get into anywhere in the word,” Glick explained.
Glick and current CTO, Aviv Graf, founded Votiro in 2010 to address the problem and provide solutions to safeguard against these zero day and undisclosed exploits. The company has raised $11.2 million ahead of an IPO later this year and is currently deciding between Melbourne and Sydney for its Australian headquarters.
Zero day exploits are methods used by hackers that are unknown and therefore undetectable to antivirus programs. “They can not protect you from something they do not know,” Glick said. Essentially it means hackers remain one step ahead of cybersecurity software and leaves companies vulnerable.
Hackers are able to disguise malware within seemingly innocuous email attachments, like a pdf or excel sheet. But one double click on the attachment can compromise the receiver’s computer and potentially the entire network according to Glick.
The tactic is so effective because of “social engineering” – exploiting humans natural behaviours and inclinations to do certain things, Glick said. “You just need to find something that would trigger something in the [person] receiving the message.”
And no amount of training or antivirus software can ever fully overcome it, according to Glick.
“Imagine a guy from HR getting a resume. What would he do with it? Open it. You can not train him to not do his job. Hackers know that and they will just send CVs. That’s the easiest way in. There are other [ways in] but this is the easiest one.”
It means any email attachment is a potential threat, Glick said. But some organisations are slow to catch on, particularly small and medium organisations who fail to recognise themselves as a potential target.
“People think that, ok, I have Office 365, I am good. They are not… Don’t rely on antivirus to save you. Hackers know you have antivirus,” Glick warned.
This exploitation of false confidence and social engineering to gain access is “the easy part” for hackers, according to Glick. Gaining control of the computer is much tougher and is the hacker’s weakest point. It’s also where Votiro focuses its defence.
Glick claims Votiro has solved the social engineering problem and can fill the substantial gaps left by traditional cyber defences like antivirus and sandbox. The company’s patented Content Disarm and Reconstruction (CDR) technology “sanitises” email attachments before they are ever seen by a human and malware never has a chance to gain control of computers.
The solution, requires no employee use and therefore eliminates one of cyber defence’s glaring weaknesses — humans.
Rather than scanning attachments for known viruses or malware after they’ve been received, CDR breaks down content files to their known components, removes any unknown components and reconstructs a new file with validated content only.
“This could be characters, formatting, pixels if you’re working with images. We know how to manipulate them to get you a new safe version of the file… You get the same file. The same email,” Click explains.
Gartner recognised the company last year and named Votiro a 2017 ‘Cool Vendor’ in content services for their innovative offerings. “This technology can prevent a ransomware attack, rather than trying to fix the content once the damage is done,” analysts wrote.
The technology can also be implemented at other points of entry like sharing platforms and web portals – a problem many other cybersecurity vendors are yet to solve. CDR is cloud-based but Votiro offers on frame solutions for the more security concerned organisations like governments.
The company’s sanitisation technology led to Votiro being certified and endorsed by the Department of Defence’s Australian Signals Directorate, Glick said.