Cyber startup uses intelligence know-how to fight hackers, internet fraud

2018 was arguably the greatest year to date for thieves on the web, with Marriott Hotels, Cambridge Analytica and Google+ among many major brands falling victim to massive data breaches.

By EYTAN HALON
Updated: JANUARY 11, 2019 03:25
Female IDF soldier in the J6/C4I Cyber Defense Directorate. (photo credit: IDF SPOKESPERSON'S UNIT)
Female IDF soldier in the J6/C4I Cyber Defense Directorate.
(photo credit: IDF SPOKESPERSON'S UNIT)
We have all heard the phrase, “It takes a thief to catch a thief.” In order to catch a thief, even a cyber thief, we must first learn how their mind works.
Last year was arguably the greatest year to date for thieves on the web, with Marriott Hotels, Cambridge Analytica and Google+ among many major brands falling victim to massive data breaches.
Petah Tikva start-up CyberInt – co-founded in 2010 by three veterans of the Israeli intelligence community – aims to develop a criminal detective mindset in the field of cyber and the Darknet to address cyber, fraud and brand threats with a novel outside-in approach. In doing so, it can eliminate threats before they become potentially devastating crises.
The majority of the company’s cyber experts and analysts are alumnae of the IDF’s elite Intelligence Corps Unit 8200, trained to understand the psyche of a potential cyber attacker.
“We aimed to change the paradigm where everybody was focused on building greater, thicker and higher walls to protect their organizations, with firewalls and anti-virus systems to identify when something is trying to breach their ‘walled garden,’” CyberInt’s vice president of marketing Daniela Perlmutter told The Jerusalem Post.
“Our idea was to detect threats, monitor them and address them before they actually breach the organization. That’s why the platform we built was a threat-intelligence platform, and we later expanded it way beyond. We’re unique in bringing the outside and inside environments together in a unified platform.”
CyberInt’s Argos Threat Intelligence platform scours the open web, deep web and Darknet to collect intelligence and indicators relevant to the company’s customers – primarily digital businesses in retail, e-commerce, gaming and financial industries.
In addition to accessing hundreds of sources to collect targeted data, the company is able to identify threat actors targeting an organization in real time and provide contextual data about them, enabling customers to prioritize their responses to potential threats.
CyberInt also offers customers a range of services, including managed security operation centers and managed endpoint detection and response technologies.
“One of the big challenges facing chief information security officers (CISOs) is that they have so many alerts, so much noise and they don’t necessarily know what to address first,” said Perlmutter.
“We provide more context, informing customers which threats are imminent, which breaches already exist in internal systems and which have a higher priority in terms of severity that CISOs must address first.”
A key element underlying CyberInt’s protection of digital businesses is their proximity to their customers, with an understanding that they can only accurately prioritize threats if they truly know their clients. Today, the company has offices in Israel, New York, London, Singapore and Manila.
“To really understand what is most important to our customers, we have to be close to them,” said Perlmutter. “By understanding the language, culture and business, we can specifically address their needs. We have some analysts who actually sit on-site in our customers’ security centers.”
Perlmutter attributes much of both her company and the country’s cyber security success to a combination of resourcefulness and “Israeli chutzpa.”
“We have this resourcefulness of trying to always pinpoint the different angle, not necessarily the mainstream one, which is also what hackers do,” she said.
“This is what I think enables Israeli cyber experts to poke and really find out what the threat is and where the breach is truly originating from. It’s not enough to find where the threat is dwelling, but where it is actually originating from in order to protect the organization the next time the hacker attempts to come in.”