IoT & Embedded Technology Blog

Cybersecurity Shines at RSA2017 Innovation Sandbox

by Steve Hoffenberg | 02/14/2017

At the RSA Conference, one of the annual kickoff events is the Innovation Sandbox “Most Innovative Startup” competition, in which 10 cybersecurity startups vie for the title. Each competing company has three minutes to present their case before a panel of expert judges and a room packed with thousands of attendees. (When we say three minutes, we mean exactly three minutes. A countdown clock is visible to everyone, and when it reaches zero, a loud buzzer sounds, cutting off any presenter that is still speaking.)

Hugh Thompson, RSA Conference Chairperson, introduces the Innovation Sandbox

The 10 entrants in this year’s event were all worthy competitors, but we’re going to highlight just two of them here. The first is Claroty, an Israeli company that provides “clarity for OT networks.” Its software-as-a-service provides real time monitoring of commands exchanged between assets in industry control systems. Claroty starts by Claroty characterizing normal communications of the industrial network, including which devices communicate with which via which protocols and typical commands. When running, among other things it detects unusual commands, assesses their risk, alerts system management personnel, and can export data into security information and event management systems, such HP Arcsight, IBM QRadar, and Splunk. As with most security for industrial control systems, Claroty does not automatically initiate any direct preventative or corrective actions in system components, as operators are rightfully concerned about expensive system shutdowns that turn out to be due to false positives.

Claroty’s partners include Accenture, Cisco, and Rockwell Automation.

The second company is EnVeil. For years, cryptographers have sought a type of “Holy Grail”: the ability to process encrypted data without decrypting it. Keeping data encrypted throughout processing would render moot any attempts to exfiltrate data while it is being operated upon as clear text in system RAM. Most such techniques are labelled homomorphic encryption. Although a number of researchers have been able to perform partially or fully homomorphic encryption, the process has not been commercially viable due to long processing times. (See, for example, a prior VDC blog post on a project called Enigma.) At the RSA Innovation Sandbox, EnVeil presented a new security solution based on homomorphic algorithms, that it says can work on virtually any type of data (text, numerical, images, audio, etc.) encoded using any conventional encryption algorithm. For most data, EnVeil requires no preprocessing in advance of operating on the still-encrypted data. (The exception is image data, for which EnVeil extracts vectors representing the image, then encrypts the vectors for protected processing.) And, EnVeil performs operations on encrypted data in only milliseconds on conventional server hardware, i.e. it doesn’t require a supercomputer.

Although we haven’t witnessed EnVeil in use, if it can do everything the company claims, it represents a major breakthrough in homomorphic encryption and data security. (Another of the 10 presenters at the Innovation Sandbox, a company called Baffle, also offered a type of homomorphic encryption, but it was limited to use on Sequel databases.)

In the “Most Innovative Startup” competition, EnVeil came in second. First place went to UnityID, which authenticates users without passwords and with “zero conscious user action,” based on more than 100 factors, such as gait analysis from smartphone gyroscopic sensors.

All in all, the startups represented at the Innovation Sandbox were an impressive indication that cybersecurity is attracting some of the best and brightest talent in computing.

To learn more about VDC’s coverage of cybersecurity for IoT, see our new VDC View, "Combating Botnets in IoT Devices".