Need Acceleration? Hit the Gas, Aussie Style

For the past 30+ years, it has been a pleasure to contribute to the wireless ecosystem through the ongoing evolution in this space. From AMPs, to CDMA, to GSM, to 3G/4G and now 5G it has been a period of exponential change, though none of it included discussions about security.  You would have thought that I had seen it all…until now. Recently I had the privilege to be a part of the Australian Trade Mission’s Landing Pad program in San Francisco. I can honestly say that I, my company, and my world view have been positively transformed as a result of the 90-day residency.

The transformation began when AustCyber suggested we apply for the San Francisco Landing Pad project through Austrade. We were one of five Australian cybersecurity companies that were selected to participate. These five companies now became, affectionately known as the AustCyber Cohort.

What is it like to participate in one of Australia’s Landing Pads? The best way to describe it is intense, demanding and surprisingly collaborative. I was locked in a room everyday with other Australians whose sole focus aligned with that of our company, Cog. With feet on the street in Silicon Valley (the global hub of innovation), we got down to business (and a bit of fun, as well). Yes, it was difficult at times, but the work environment led to less day-to-day distractions, kept me highly focused and ultimately led to significant results for Cog.

Our company went into the Landing Pad project with three goals:

  • Raise the company profile among influencers and decision makers in Silicon Valley
  • Obtain new customers
  • Expand relationships in the VC community

My days were filled with prospecting and meetings across the Bay area with potential customers and VC’s. The goal was five meetings each week, which allowed us to compress outreach into three months versus what would have normally taken a year as you fly back and forth to try and accommodate schedules.

Talking to so many folks helped me validate and hone the message for Cog with both our customers and potential investors. While I took the opportunity to experiment with unique angles at times, I quickly figured out what message hit the right notes for the right audience. Soon, the message (Monolithic to Modular) became the offer (We Secure IoT) and the offer became the solution (D4 Secure). It was messy at times and I floundered a bit, but I could always count on my fellow cohort members to lift me up to keep at it. Ultimately the process was illuminating and gratifying as we expanded our relationships in Silicon Valley and began to build awareness around our solution.

Comradery among my fellow mates was also a big part of the experience. Austrade loaded up the landing pad with other cybersecurity companies from Australia, plus six other non cyber-security companies.  The AustCyber Cohort was a great group, which was nice as we all spoke the same language. As the cohort had so much time together, we began to form a sense of community more out of necessity than choice. Though to do it again – I would tell you it was a choice all day long. Nothing was sacred among the cohort and no one was better than the other. These factors created a think tank-like atmosphere where we could share ideas, collaborate, learn, relate, all while stitching in comic relief.

Our partnership with SIEMonster was born as a result of this work environment. Together, we launched the Redback appliance utilizing Cog’s D4 Secure platform. This partnership provided the perfect foundation to set up both companies for success at RSA 2018 in April where we were named one of the “hottest cybersecurity products” by Peter Sayer, IDG News Service.

There were several key takeaways after this experience:

  1. We held 100+ meetings in 90 days as a result of being immersed in Silicon Valley.
  2. As an Australian company, we benefited from walking/living in someone else’s shoes. We now have a better understanding and can more effectively extend our company into this new market.
  3. The VC’s in Silicon Valley are very much focused on a ‘pay it forward’ approach. Even if they can’t help, they will ask how they can help. Call it karma – or as I like to say – it is just how they do business in the Valley.

As you know, Cog is an Australian company.  Everyone in the cohort was from an Australian company, as well.  Uniquely, I was the only Yank among all my Aussie mates in the cohort. This did require a pretty thick skin as one is not always sure when your mates are actually picking at all things American.  And, the U.S. and San Francisco bring plenty of fodder for commentary. However, I think it is important that we all note that only Australia has fought side by side with the Americans in every conflict going back 100 years.  We are true partner, allies, and friends. If there was nothing else to take from this experience, I will be forever grateful to be offered the chance to be an honorary Aussie for those 90 days.

Thank you to Austrade and AustCyber.

 

Insights from ET Exchange

To say ET Exchange was informative, highly educational and galvanizing would be an understatement. Several of us from the Cog team attended the event a couple weeks ago and were impressed with the caliber of networking, presenters and content.

Since Cog Systems specializes in cybersecurity, we found it inspiring that security was consistently part of the conversation and referred to as a foundational element of digital transformation throughout the show.

Key take aways include:

  • We had the pleasure of speaking with Jack Madden, executive editor of BrianMadden.com, about new security threats and defenses currently available to enterprise and government. “The S in IoT stands for security,” he joked. But as the world is finding, it is virtually an afterthought, which Jack covers in his thorough round up of the event in a recent blog post.
  • Christine Ferrusi Ross, an expert at understanding and solving customer problems, delivered an educational session on the controversial yet revolutionary Blockchain technology. Christine talked about how decentralization and self-sovereign identity control are some of the key outcomes of Blockchain technology. It puts individuals at the center of their data ownership with full control over our identity and share as we desire, while providing the necessary layers of security via the decentralization of all the data.
  • Maribel Lopez, founder of Lopez Research, delivered a thoughtful discussion on the approach to enterprise digital transformation today and what it takes for IT leaders to stay ahead of the curve.
  • Joe Weinman, founder of XFORMA shared four stages or “Digital Disciplines” to create customer value and enable competitive advantage. These include: information excellence to complement operational excellence, solution leadership, collective intimacy and accelerated innovation. We definitely plan on learning more about these insights from the book he wrote on the topic.
  • Our very own Dr. Daniel Potts participated in Bob Egan’s panel that focused on digital transformation and what it will look like in 2020.
    In addition to these valuable learnings, nGage customer attendees named Cog Systems’ D4 Secure as Best Overall Digital Transformation Solution and also nominated Cog as a Vendor to Watch.

There’s no doubt that society as we know it is experiencing the next pivot in technology equivalent to the industrial revolution. While the future remains unknown, we appreciate the opportunity to be part of the conversation.
Thanks nGage for a great event!

October is National Cyber Security Month – Let’s Celebrate with a Modular Approach

By Dr. Daniel Potts

 

The U.S. Department of Homeland Security has declared October “National Cyber Security Month, and it couldn’t come at a better time.

 

According to Steve Morgan, CyberSecurity Ventures, cyber crime damage costs will hit $6 trillion annually by 2021. With the growth of IoT devices on the rise, Gartner predicts that by 2020, IoT security will make up 20 percent of annual security budgets.

 

The challenge is that the current connected device software architectures are built like a Great Room. Anyone who enters the room can pretty much hear, see or do anything, and it will impact the entire room. For example, if someone in the room has the flu, everyone is at risk of getting it too. We all know what happens next. They bring that flu home, and spread it further. This type of architecture puts government and enterprise at great risk.

 

Just like the great room approach in your home, the software architecture of today’s mobile and IoT devices is basically monolithic in nature, in particular the Operating System (OS) and kernel. It is basically one big software stack and it is huge, consisting of 10’s of millions of lines of code – that’s a massive attack surface to be managed and exploited.

 

The problem is once malware gets on the system and then into the OS kernel, it has access to whatever it needs. It can disable any protection and bypass whatever it wants. Now with access to credentials such as keys, a malicious device can gain access to your network. This is very similar to how the newest security flaw behaves, KRACK or Key Reinstallation Attack. KRACK can attack virtually any device that is connected to Wi-Fi and uses WPA2 security to break in.

 

There are controls and obstacles that can be put in place to prevent this, but it’s inevitable that some of those controls inhibit performance of those devices.

 

So how can we improve cybersecurity? It starts by going modular. It starts by building in redundancy and defense-in-depth. Cog Systems delivers on this premise by changing the way we build these systems from ‘old school’ monolithic approach to a modular approach.

 

Modularity means we can isolate and protect critical or malicious functionality – essentially by creating separate rooms. Cog Systems is successfully applying a modular approach to cybersecurity solutions for its customers, specifically for IoT as well as smartphones. Our D4 Secure HTC One A9 smartphone, for example, uses always-on non-bypassable VPN keeping it safe from security flaws such as KRACK attacks.

 

What type of architecture do you have in place? Is it meeting all of your needs or just some? Is it proactive or reactive? Tell us what you think.

Type 1 Virtualization on ARM: Inevitable and Long Overdue

Often I am asked about what makes Cog Systems different, and how that will matter in the long term. By this point, this is an easy question for me – and the answer is as elegant as it is obvious.

So, first, I suggest we all take a quick quiz. What is the single piece of technology that underpins the cloud computing revolution?

Continue reading “Type 1 Virtualization on ARM: Inevitable and Long Overdue”