•   
  •   

Tech & Science New data security startup Open Raven just launched out of stealth to tackle the next big security challenge: helping companies find where their data actually is and preventing the next big data breach

21:52  11 february  2020
21:52  11 february  2020 Source:   businessinsider.com.au

You Can Now Build Your Own Login Security Key With Google's Free Software

  You Can Now Build Your Own Login Security Key With Google's Free Software If you genuinely take your online security seriously you should be using two-factor authentication paired with a security key every time you log in. There are lots of options out there, including Google’s own $US50 ($74) Titan security key set, but the company has also recently released software you can use to build your own using a $US10 ($15) dongle. It seems counterintuitive for a company to release something for free that undercuts sales of another product it charges $US50 ($74) for, but given the millions and millions of people who’ve come to rely on other free services from Google—like Gmail, Google Photos, and even the Android operating system—increasi

a man wearing glasses posing for the camera: Open Raven co-founder and chief product officer Mark Curphey Open Raven co-founder and chief product officer Mark Curphey
  • On Tuesday, the data security startup Open Raven launched out of stealth with $US4.1 million in seed funding.
  • Open Raven builds software that helps companies find where data is stored, protects it, and alerts security teams about exposure.
  • Several startups have changed how their software can be used because of competition from cloud providers like Amazon Web Services, but Open Raven decided to make its software open source because it believes it will benefit from developers' code contributions.
  • Visit Business Insider's homepage for more stories.

Open Raven co-founder and chief product officer Mark Curphey says it has become all too common to read about a data breach in the news.

Around the world in 50 photos: Incredible pictures take you on a grand tour of the most beautiful places on Earth

  Around the world in 50 photos: Incredible pictures take you on a grand tour of the most beautiful places on Earth From hot air balloons at sunrise to a backflip on a mountain top, these breathtaking images from around the globe will take you on a grand tour of some of the most beautiful places on Earth.

He says there's a root cause to this: organisations don't even know where their own data is.

"There's often little control," Curphey told Business Insider. "Companies don't know what they have or where it is."

Huawei promises 'Made in Europe' 5G

  Huawei promises 'Made in Europe' 5G Chinese telecom giant Huawei said on Tuesday it would set up manufacturing hubs in Europe, as it tries to fight off US pressure on EU nations to stop it from operating. "That's why we have decided we want to set up manufacturing bases in Europe -- so that we can truly have 5G for Europe made in Europe.""Huawei is more committed to Europe than ever before," said the company's top executive for Europe Abraham Liu during a Chinese New Year reception in Brussels.

That's why he and co-founder Dave Cole launched the Open Raven, which finds where data is stored and protects it. On Tuesday, the 12-person data security startup launched out of stealth with $US4.1 million in seed funding from investors like Upfront Ventures, Goldman Sachs board member Phil Venables, and Dragos.

It also released a preview of the community edition of its product, which will find and query data. It's open source, which means that anyone can use, download, or contribute code to it. And this summer, Open Raven plans to release the full version of its open source product, as well as added commercial features for classifying data, finding data breaches and alerting security teams about any exposure.

This could help customers prevent massive breaches before they happen, Curphey says. Some of its early customers and design partners include Toyota and PayPal.

"We're the only company that's figuring out where the actual data stores are," Curphey said. "Most of the people tackling data security, you have to know where your data is. If you look at all the breaches that are happening, breaches are happening because people don't know where the data stores are in the first place."

'Uncanny Valley' writer Anna Weiner explains why women are souring on Silicon Valley

  'Uncanny Valley' writer Anna Weiner explains why women are souring on Silicon Valley "I think you see a culture that rewards dedication to a company or a start-up and rewards the merging of one's identity with the company," says the writer.Anna Wiener wrote "Uncanny Valley" as a memoir that recounts her personal experiences of ambivalence and disillusionment working in San Francisco start-ups in her early twenties during the last decade.

'The challenge is they still can't figure out where the data is'

Curphey and Cole met at Internet Security Systems 20 years ago. Cole would go on to work at Symantec, CrowdStrike, and most recently Tenable, which he helped bring to IPO in 2018. As for Curphey, he worked at Charles Schwab and Microsoft, and then founded SourceClear, which was acquired by CA Veracode in 2018.

"We're startup guys," Curphey said. "We both learned lots of lessons on what to do and how to do it correctly. This is the next big problem we wanted to solve."

Besides that, Curphey is known as the creator of the Open Web Application Security Project (OWASP), an online community that shares articles, documentation, and tools on application security.

After leaving their most recent roles, Curphey and Cole both got together to figure out what's next. Cole had always wanted to be a CEO, while Curphey had already done that at SourceClear and wanted to focus on the product, so he says it was a "perfect fit."

Together, they surveyed chief information security officers to ask what keeps them up at night, and he says almost all of them said they're worried that they don't know where their data is, and data breaches are happening constantly.

Facebook's Twitter account was hijacked by the same group that hacked a bunch of NFL accounts

  Facebook's Twitter account was hijacked by the same group that hacked a bunch of NFL accounts Facebook's Twitter account was briefly hijacked by the hacking collective OurMine on Friday afternoon. A back-and-forth tussle for control between the hacking collective and Facebook resulted in a series of rapidly posted-then-deleted tweets. OurMine has a history of hacking the social media accounts of high-profile individuals, teams and companies: it hacked the Twitter accounts of 15 NFL teams at the end of January. Twitter confirmed the hack to Business Insider, and said the accounts were hacked through a third-party platform. Visit Business Insider's homepage for more stories.

"When you talk to CISO's and you talk to those customers, the challenge is they still can't figure out where the data is," Curphey said.

What's more, with the passage of the General Data Protection Regulation and the California Consumer Privacy Act, there can be massive fines if companies don't adhere to these rules.

"As Dave and I sat down and thought about the tenants of the company, we said, we've got to solve a meaningful problem, it's got to be a fun place to work, we've got to figure out how to make money, and it's gotta be open source," Curphey said.

'The customers are able to see how things work'

Open Raven plans to make the underlying technology available as open source and build commercial features on top of it. Curphey says this will help Open Raven hold itself accountable as a secure project and allow users to add features to the code if they wish.

"Not only is it great for the company to recruit the best talent, from a security perspective, the customers are able to see how things work, particularly when you're dealing with data and privacy," Curphey said. "That's extremely important for them."

Still, because of concerns about competition with cloud providers like Amazon Web Services, Open Raven worked with open source licensing lawyer Heather Meeker on what's the best way to licence its software. Other companies, like Redis Labs and Confluent, have changed how their software is licensed after AWS started selling their software on its cloud.

Facebook employees reportedly feel guilty that the company didn't fix a known security risk fast enough to prevent its biggest data breach ever

  Facebook employees reportedly feel guilty that the company didn't fix a known security risk fast enough to prevent its biggest data breach ever Facebook knew about a security risk for nine months before the issue contributed to the biggest hack in the company's history, according to a report by the Telegraph. Citing legal documents from a class-action lawsuit against the social network, the Telegraph reported that Facebook was warned about the flaw by outsiders and its own employees, who privately lamented the issue wasn't remedied sooner. The data breach in 2018 led to the hacking of 50 million accounts. Visit Business Insider's homepage for more stories.

Open Raven considered the Business Source Licence. This licence has more restrictions on how software is used, and Sentry and Cockroach Labs decided to use it to protect its technology from being sold by large cloud providers like AWS.

However, Open Raven decided that it was still better to use the open source licence Apache 2.0 because its software will benefit from developers' code contributions.

"We all came to the same conclusion that using a standard open source licence, Apache 2.0 is the correct one for both us and our customers because it gives everyone all the benefits of open source," Curphey said.

Besides building out its open source project, Open Raven plans to use its funding to build out its engineering team and product. Open Raven is tackling a difficult technical problem, Curphey says, but VC's are actively trying to invest in this field.

"The toughest for us is the technical challenges," Curphey said. "We're incredibly lucky we have an amazing talented engineering team. That's the biggest challenge."

Cynch Security clinches government funding to tackle small business cyber challenges .
Cynch Security has secured just over $200,000 in government and matched funding, for a project mapping cyber challenges for small business.The funding is made up of $109,969 from the AustCyber Projects Fund for backing industry-led projects, matched with $100,000 from industry.

—   Share news in the SOC. Networks

Topical videos:

usr: 0
This is interesting!