Security startups need to look at ‘hard problems’
By Benjamin Cher July 22, 2015
- Overlooking opportunities in IoT, mobility, big data and embedded security
- Singapore mobile communications encryption startup Soda wins Sandbox pitch
WITH new trends like the Internet of Things, big data and mobility, today’s security startups have it tougher than they did a few years ago, and may require the guiding hand of industry veterans, ventured a Singapore Government executive.
“There is a lot of buzz going around but I suspect that the nature of the problem has changed – several years ago it was easier to do a security startup,” said Yu Chien Siang, a computer security consultant to the Ministry of Home Affairs.
“The easy wins are over, what’s now remaining ... [are] the hard problems. Some of the issues such as cloud and big data – these are hard problems to solve and you probably need older people to solve them,” he said in a July 21 fireside chat about innovation in Asia Pacific, part of the build-up to the RSA Conference Asia Pacific & Japan (RSAC APJ) 2015 that kicks off today (July 22) in Singapore.
Yu was commenting on the differences he saw in the startups competing this year at the Innovation Sandbox, a pitch competition also being held before the RSA conference. He was a judge for the second year running.
“I expected to see more contestants in this space … but smart nations and smart cities are still nascent and perhaps next year you can see more excitement,” Yu said.
“I also thought there would be more contestants resulting from the many hackathons that the IDA (the Infocomm Development Authority of Singapore) and the private sector have organised,” he added.
Also judging the Innovation Sandbox was Dr Hugh Thompson, chief technology officer at security company Blue Coat Systems Inc, who at the start of the Innovation Sandbox event, said that this was now a time of breakthroughs and transformations that were “upending our usual methods.”
“Technology is transforming the way we deal with other institutions, the way we are interacting, changing our very foundation,” he said.
He also pointed out that technology has accelerated the process of innovation, citing examples such as Foldit, which utilised crowdsourcing. The team was able to roll out its protein-folding simulation app to the general public in a matter of weeks.
“While it is a great time of innovation, we also live in an incredible threat environment, one that none of us have ever seen in our lifetimes,” Thompson said.
These threats range from criminal syndicates to hacktivists and state-sponsored attacks, at a level previously unseen, he argued.
Missing pieces, startup gaps
Yu argued that security companies from Asia Pacific were not working on areas like the driverless car, the IoT, embedded security, and others.
One opportunity that was being overlooked was big data security, which he described as being in a ‘non-mature’ stage.
“Only about six months ago did they have a bit of encryption and access control – it’s at a very baby stage,” Yu said.
It was the same for cloud security about five years ago, but the pace there picked up. “You find this fast acceleration [in cloud security], which was actually breath-taking and surprised me,” he added.
But big data is missing that, and other elements, Yu argued.
“What I don’t quite see is the additional fuel that comes from academics and the R&D (research and development) community – new computing models like distributed security, or self-defending, self-healing, and adaptive security abilities,” he said.
When asked about the openness of Asian businesses to startups providing security solutions, Yu pointed out that it varied according to the industry.
Heavily regulated industries like banking and medical services probably would not have the appetite to risk going with a startup, he acknowledged.
However, with the need to be cost-effective, some Asian businesses might consider getting security solutions from a startup.
Still, the challenge for such startups is communicating their products or services across to the business, and the lack of references they can provide.
He cited the IDA’s [email protected] initiative – which accredits startups to allow them to participate in government tenders – as a good way for startups to validate themselves to businesses.
Meanwhile, Singapore-based startup Soda was crowned the most innovative startup at the Innovation Sandbox.
Soda provides security infrastructure for mobile communications, offering encryption either via a software layer or physical tokens. It has an app to encrypt message, calls or email communications; a cloud-based file repository that encrypts files while in storage; and a chat app that encrypts messages between parties and even in group chats.
Soda beat out the other three finalists: Singapore-based secure unified communications startup SafeChats, as well as IT management startup Lepide and automated governance, risk and compliance startup Fixnix, both from India.
Each start-up had three minutes to present and three minutes to answer any questions from the judges and audience, and then did a demo after the presentation.
“Very excited [about the] huge opportunities out there, and there is no better place than RSA to present this solution and get such great feedback,” Soda head of worldwide business development Dr Raphael Yahalom told Digital News Asia (DNA).
“We have a few large scale projects going on, mostly in Asia but also around the world. We are in the process of taking the company to the next level in terms of very significant rounds of investment,” he added.
Adaptive identities coming to forefront of security: RSA
Big data approach can help shore up cyber-defence: RSA
RSA Silver Tail enlists big data analytics for cyber-defence
For more technology news and the latest updates, follow us on Twitter, LinkedIn or Like us on Facebook.