Continuing from The Past is Prologue (Part 1).
Since our founding days, our company’s purpose is to expedite the move to new technology and approaches that enables and encourages OEMs (the people who make devices) to construct more secure devices, while also enriching their functionality, and thereby enabling further innovation. This would in turn would provide integrators with richer products and tools to build an entire connected, and secure ecosystem. It would enable enterprises and users to reclaim lost productivity in scenarios where security became a burden or inhibiting (eg. Enterprise mobile users are often constrained by the applications with which they can run). The cool thing about this technology and approach is that it has very broad applicability to how we build systems (more on that another time).
The time is now.
The Internet of Things (IoT) presents a rapid rollout and uptake of connected devices into every aspect of our lives – over 20 billion devices by 2020 (Gartner). Because of the scale of such systems and association these devices have with our lives and livelihoods, they need to be built with proper engineering principles and good technology to ensure that they’re behaving correctly. And, more importantly, that we know when they are not.
Unfortunately, security is a distraction for almost all OEMs, innovators, start-ups, and consumer device companies trying to get the next cool thing to market before their competitor. If you aren’t convinced, have a quick browse of Kickstarter sometime and look at all the companies using Linux to build their next cool IoT device – any mention or evidence of security or robustness? Alternately, wait (any day now) for the next record-breaking cyberattack on those devices infrastructure you didn’t know existed, but impacts you, because companies couldn’t be bothered – such as the Mirai Dyn attack that targeted Linux-based cameras, home routers and baby monitors. It’s amusing that a bunch of innocent looking baby monitors, managed to take out services like Spotify leaving many of us without tunes for a day. Dyn, the company targeted by all the baby monitors (ok, ok, and other IoT devices :), has itself lost 8% of its subscriber base as a result. Furthermore, it impacts the businesses that made those products – massive product recalls and even fines from the FCC. They now all feel the pain.
Our Inflection Point
About 12 months ago we felt we were ready to begin a structural transition to a product company with the addition of another business unit (conceptually, start-up style) in order to scale up so that we could reach a larger number of customers. The IoT problem, and opportunity was real, and our customers were already demanding off-the-shelf capability from us.
First step was really a plan for a plan. We put in place an initial set of goals we sought to achieve. To recap on those initial goals:
- Identify and bring on a world-class management team, and technical staff with experience aligned with both facets of business (product and services).
- Maintain a strong financial discipline to ensure we continues a viable and profitable company while growing our services business to allow us to make money.
- Use that money to build and launch our first end-user product. That product would demonstrate feasibility of the underlying technology, and ideally, to seed the market for subsequent end-user Products.
- Evaluate emerging technology and core focus areas for Cog Systems for the next 3-5 years.
- Explore fund-raising to allow Cog Systems to go faster.
Net result is that we have achieved those on time and have continued to grow the company as fast as we can. Revenue had doubled. There is strong interest from the market, not just limited to our existing customers. Our pursuit of growth and further maturation of our strategy has highlighted the need to seek external investment as we simply need more bandwidth than what our own finances and business can provide. We could keep growing organically, but perhaps ironically, have had to turn down work because we can’t grow fast enough on our own steam to meet customer demand. Secondly, we had built a great end-user product that is solving real-world needs for Government, Enterprise, and the Privacy-Conscious consumer with a small subset of our capability (check it out here: HTC, Secured by D4).
Where from here?
Our strategy to scale is pretty straightforward.
In the short term, we seek to have a meaningful impact by focusing on where we believe the most impact (and also opportunity for revenue) will be – Mobile and Gateways (Home/Industrial automation, Cars, Routers, Cameras, etc). For now, we will work vertically (i.e., push product) on key focus markets.
At a technical level, we provide one or more Software Development Kits (SDKs) that contain technology needed to support and build better systems – our SDKs will continually evolve and be enhanced over time. This will leverage research and development we do in house, as well as those with partners in industry and academia. Many are already underway and will yield exciting announcements along with new product capabilities this year. Our key focus areas here are technology that provides greater confidence, richer user experience, and reduced Bill-Of-Materials (BOM): virtualization, encryption, formal methods (proving code behaves in a particular way), and architectural modularity to name a few.
Can we do it?
We are successful team of innovators and executors with a deep technical capability – creators of hypervisors and operating systems, leveraging formal methods and virtualization, with know-how for building secure systems, whose tech is in several billion devices worldwide today, who retain and develop strong relationships throughout each vertical from chipset to OEM to certifier that makes execution and delivery possible. Furthermore, we have another unique advantage – a lot of applicable, proven research and technology ready for product maturation is right on our door steps. That might not be everything we need, but it is a good start.