“Your endpoint workstation is a major door for every cyber-attack. That's the main door for any sophisticated attack.”
In the fourth episode of SALT Talks: Pandemic Venture Investment Series, presented in partnership with OurCrowd, Ron Moritz, serial cybersecurity entrepreneur and sector expert, discusses with top CEOs from start-ups Morphisec, ITsMine and ThetaRay some of the consequences of COVID in the cybersecurity world.
The pandemic has seen a rapid transition to work-from-home setups for entire companies and their employees. With it has come the transition of company data and workflows to the cloud, creating a whole new set of cybersecurity vulnerabilities. A company’s IT team could more easily monitor and protect the company’s endpoints when they’re centrally located in an office, and now each individual employee at home must assume a certain level of awareness of their own cybersecurity. “The attack vector is becoming larger… from external attackers that now can attack the employee's router at home because they haven't changed the password.”
Companies have had to suddenly set up remote work operations for their employees. We’ve seen virtual private networks (VPNs) and virtual desktop infrastructure (VDIs) increase in popularity. As a result, we are likely to see the long-term adoption of more hybrid work environments, even after the pandemic, where employees regularly work part of the week from home.
LISTEN AND SUBSCRIBE
SPEAKERS
EPISODE TRANSCRIPT
John Darsie: (00:12)
Hello everyone. And welcome back to Salt Talks. My name is John Darsie. I'm the Managing Director of Salt, which is a global thought leadership forum at the intersection of finance, technology, and public policy. Salt Talks are digital interview series with leading investors, creators, and thinkers. And what we're trying to do during the Salt Talks is replicate the experience that we provide at our global conferences, which we host twice a year in the United States and internationally, and what we do at those conferences. And what we're trying to do on these talks is provide a window into the mind of subject matter experts, as well as provide a platform for what we think are big ideas that are shaping the future. And we are thrilled today to welcome you to the fourth installment of our pandemic venture investment series, where top entrepreneurs, investors, and business leaders dive deep into the challenges and opportunities arising from the pandemic crisis and discuss breakthrough technologies to address issues from Coronavirus prevention and cure to social distancing and food supply.
John Darsie: (01:15)
This series is presented in partnership with OurCrowd, which is a leading global venture investment platform. Today's episode is titled Cybersecurity and Pandemic Accelerated Digital Transformations. It features Ronen Yehoshua, the Chief Executive Officer of Morphisec, Mark Gazit, the Chief Executive Officer of ThetaRay, and Kfir Kimhi, the Chief Executive Officer of ITsMine. Today's episode will be moderated by OurCrowd, a venture partner for cybersecurity, Ron Moritz.
John Darsie: (01:45)
Just a reminder, if you have any questions today for any of our panelists or our moderator, please enter them in the Q&A box at the bottom of your video screen on Zoom. And now I'll turn it over to Ron to conduct the interview.
Ron Moritz: (01:58)
Thank you, John, and welcome everybody to the fourth episode of the pandemic venture investment series, where we will dig into business challenges and technology solutions in the shadow of COVID-19. As John said, I'm Ron Moritz, I'm the cybersecurity venture partner with equity crowdfunding from OurCrowd, and I'm thrilled to be moderating today's panel discussion with a focus on cybersecurity. OurCrowd is a global venture investing platform that provides both institutions and individuals with an opportunity to invest in and engage in emerging technology companies. In fact, with over $1.4 billion in committed funds and 200 portfolio companies, three of which are joining us today, OurCrowd is the most active venture firm in Israel.
Ron Moritz: (02:45)
I'm joined today by the founding CEOs of three important cybersecurity companies whose solutions are being used by organizations to prevent and defend against always evolving innovative attacks that challenge our business operations and service delivery. Like nearly every company, each of our guests has been forced to adjust strategies, plans, and forecast this year. And each CEO has had to navigate through this disruptive economic cycle with little to no academic or business press compass. I've been looking forward to this opportunity to talk to my colleagues here all week and dig into their own experiences, observations with respect to the cybersecurity market, and leadership response. So let's get this panel started.
Ron Moritz: (03:29)
Kfir Kimhi is the founder and CEO of ITsMine, whose mission is enabling organizations to meet their responsibility as caretakers of sensitive information by preventing data leaks. Even before COVID-19 organizations have been pushing through yet another technology refresh cycle with cloud migration being a leading driver. And at the center of many of these digital transformation efforts is, of course, data. Data protection is a requirement for every organization and daily challenges range from ransomware where data is locked through breaches where sensitive data is released. There's been much written and said about how this year's pandemic has changed so many aspects of what was previously thought to be the normal in both our personal work lives. Kfir, what are some of the challenges you've observed the impact data protection?
Kfir Kimhi: (04:21)
Thank you very much for having me and it's great to be here. I think one of the things that we see is companies, first of all, needed to move to the cloud faster as they wanted. We see companies that their employees didn't have a computer at home or internet connection. And now because 100% of employees working from home, they first of all, needed to give them the equipment, they needed to connect them to the internet. And they also needed to move to the cloud in much fast away. So we have one of the customers, a healthcare in the U.S. that needed to move to the cloud in less than three weeks. They were expecting to have one year of movement to the cloud and just doing it in three weeks was first of all, making our employees capable to do the same works that they did at the office now to do it at home. What happened with our company data, where it is living, what people are doing with it? That's one of the major challenges that they see where data is scattered everywhere.
Ron Moritz: (05:34)
I think it's actually remarkable the changes we have seen. In some cases you mentioned acceleration beyond what was planned. And I think many of us actually do connect on a personal level to many of these changes, whether it's having children at home on Zoom or having our interaction with our colleagues over Zoom. It seems like the whole world is around Zoom these days, but what about the attacker? Are they also getting together over Zoom [crosstalk 00:06:01] these changes and adjusted their strategies and response? Have they discovered and pursued new ways to overcome the data protection defenses? What have you seen?
Kfir Kimhi: (06:12)
So first of all, of course, the attack vector is becoming larger, both from external attackers that now can attack the employee's router at home that they haven't changed the password, and even don't know how to do it, or to use other devices or even other people, the people that are not necessarily the traditional hackers that have long history in IT. It could be kids that are playing around with Darknet solutions that can provide them capabilities to encrypt data and taking ransomware for companies. And we see that in numbers of ransomware attacks that are not very sophisticated running all over the world. So, yes, the ways to attack companies are becoming, I don't know if saying it's easier, I'm not sure is it easier, but it's definitely more widespread and creating much more vectors of attack that when we sat in the office and have control on each and every device that we had, it looked completely different from the cybersecurity people.
Kfir Kimhi: (07:28)
I think that not only that is expectation from the company not to create downtime. To allow the people to work, to be careful with how much blocking the companies are doing. That balance become even more critical when we have 100% of employees working from home.
Ron Moritz: (07:53)
And I think you're right. I'm going to shift over to Ronen Yehoshua. Ronen, of course, the founder CEO of Morphisec. I've actually known Ronen for many years. And I know what gets him fired up. All you have to do is ask him who prevents the most dangerous cyberattacks, and he'll jump up and down and tell you that he does. So we'll start off a little bit more slowly with Ronen today and continue talking about this remote employee issue that Kfir actually raised. Working remotely, of course, is not new. And my own personal motto has been for many years, a good day is one where I don't see the inside of my car. Anybody who's talked to me over the last decade or so has heard me say that. Ronen with fast network connections and more workers, contractors, customers, partners, all of them leveraging personal computers to access the company's applications from anywhere from everywhere. How are organizations reacting and what are they doing? What have they done to ensure controls are in place to prevent these attacks?
Ronen Yehoshua: (08:53)
So, of course, everyone, I think what we've seen all over the place is that in the early days, everyone got actually into a big shock. Why shock? Because imagine your endpoint workstation is a major door for every cyber attack. That's the main door for any sophisticated attack. And for years, customer where used to build a certain architecture of defense over those endpoints. Actually, assuming that those endpoints are within a certain perimeter. So imagine that you are building ... you have a medical camp and you need all kinds of fences and other fence and other fence and other fence, and you're feeling safe and great. And suddenly one day everything goes out of this camp, outside of fences, everyone is out of the property [inaudible 00:09:49] for many years. How do you cope with that? It's a nightmare, just a nightmare.
Ronen Yehoshua: (09:56)
So at first, we've seen everyone trying to understand actually how to allow them to work? How do you think the PCs is the workstation out of the office into the home? And for some, how you allow them to work from their home PCs and then moving to cloud application Kfir mentioned, a huge movement there. But still, there's an endpoint, there's a station. Someone work on that, he gets emails, he browses, he is connected to the network at the end of the day of the organization, and he's totally exposed. So that was a big shock for everyone.
Ronen Yehoshua: (10:37)
So what you've seen, that some is taking immediate actions like VPN, the old known VPN which was almost neglected through the recent years has become a hero again. And everyone jumped on that. But VPN has its own issues from operation perspective and from a security perspective. It's not perfect. It's there but it's not perfect.
Ronen Yehoshua: (11:03)
We've seen customers which used to be VDI, Virtual Desktop enhance the usage of it, hoping it would give you more security we're able to manage centrally the virtual endpoint now inside the pyramid kind of. And understand whether the endpoint protection tools they had are manageable? [inaudible 00:11:33] really manage them when they're outside of the perimeter because those tools are so complex. And there are so many operational complexities that they got to use to manage them when they were in the perimeter, but now on the outside, it's a hassle, for example, updates. Every security tool needs continuous updates of knowledge about new attacks, new variation of attack. So when you are in the perimeter, it's easier to push them into endpoint. But what do you do when everyone are outside, you have less control on the endpoint. You don't know what's going on there? Maybe it's a home computer, what do you do with that?
Ronen Yehoshua: (12:12)
So a big mess. Until today only partial solutions, nothing is perfect and people are coping with that. But I think the interesting point though that everyone understand that this situation will be with us from now on post-COVID, and that's the big change. That's what's so fascinating because it's not that the situation changed for a short duration of one year, two year duration. It's probably going to be with us onwards not because of necessity, just because we all understood that a hybrid work for home office is the right way probably to do.
Ron Moritz: (12:54)
Right. I think this is a kind of a consistent feeling that I have when I'm moving around the cybersecurity industry as well. We kind of look back at the last 40 years and there's some who believe and they may be right that cybercrime and cyber terrorism, cyber warfare all originated with the technology cycle that began 40 years ago when we introduced personal computers and that the root of all evil stems from allowing people to have personalized computing experiences. So you can imagine what that means. It means that we're living in a world of stupid human errors. And I think cybersecurity recognizes that. Kfir in fact, suggested there's a relationship between the growth in such errors of working from home and creating more errors and more problems and stupid things that we do, whether it's allowing our children to use the same equipment that we use, and then introducing a certain malware or certain problems because of that.
Ron Moritz: (13:54)
There's been a lot of talk that in order to stem this growth and control such problems, organizations should embrace this idea of Virtual Desktop Infrastructure or VDI and some of the metrics actually suggest that more organizations are doing so in response to COVID-19 in fact. Do you have any insights around this VDI move as a cybersecurity strategy and maybe some of the things you've seen in the market? And what is, in fact, the security impact of VDI on a positive or negative and challenges you've seen from those who've already adopted it?
Ronen Yehoshua: (14:32)
VDI is, of course, a known infrastructure that was introduced ago with the two main targets. One is to simplify operations, manage everything centrally and all that, updates and things like that. And also from security perspective, the notion that if you have a more centralized control over your endpoints, you can secure them better. And that within the perimeter, the user can connect them from the outside and all that. So we had that in the past, and now it was to an extent a market that was slowly growing, but many used it partially. Now when Corona came and everyone went [inaudible 00:15:19], it was obvious that VDI is one of those elements that dramatically improve coping with the situation, both from operational perspective and also security perspective.
Ronen Yehoshua: (15:30)
So we've seen a customer who already used VDI expanded dramatically the usage of that. And we've seen customers who did not use VDI rushing to implement it, but it's not easy. Implementing VDI in organization it's a whole project. It can take a year to do that. But they had to do it fast. One of the elements we've seen is that recent years and the last two years, I think we've seen a new way of delivery of VDI through the cloud. We've seen VMware, we've seen Citrix, we've seen Microsoft investing a lot in delivering VDI system through the cloud for the public cloud. So if you do that, you can implement it in a quite fast way. So we've seen a lot of movement into VDI and people thought, yeah, that's going to secure us. But that is obviously not enough.
Ronen Yehoshua: (16:33)
In using VDI helps you that much and a lot of exposure for the VDI use case itself. And also for the person who is working with the VDI on the edge, on the other side. For example, if you're using your laptop to connect into a VDI system, you may think that nothing can happen on the endpoint because everything you do is done on there, the machine in the organization. But guess what? If for some reason someone was able to put a key logger on your machine, he can think everything, everything that you type that goes into the organization, including passwords. So what do you do then? You still need a protection on the edge machine. And again, the VDI itself it's a data [inaudible 00:17:30] and endpoint. It needs to be protected like any other endpoints. And not only that, it has a certain operational complexities that regular security system dramatically reduce the productivity.
Ronen Yehoshua: (17:45)
So VDI to summarize was heavily used during Corona. And I believe that it will continue to be used, but it represent new kind of needs in terms of security to make sure that it's a secure infrastructure.
Ron Moritz: (18:05)
Sounds good. I want to shift a little bit and in a way talk about some ideas that we just talk about seemingly every day, this concept of AI, and of course, Mark Gazit is the founder and CEO of ThetaRay which is a AI deep tech company that is very actively helping expose a variety of financial cyber risks that include money laundering, fraud, and bad loans. Which of course, I think we all understand what those issues are. Those are serious crimes. Everybody knows that the bad guys are attracted to money, and it's kind of like flies to manure, which means that Mark and his team are either cybercrime action junkies, or they love playing with manure. It's not unusual to find a correlation between economic down cycles and increased criminal activity.
Ron Moritz: (18:55)
And in fact, when times are tough, a criminal inner self is empowered to sprout what we might call chutzpah, which seems like inappropriate word to use given that I have three Israeli cybersecurity companies here. But even before COVID, neobanks, digital banking, all of that was attracting criminally motivated innovation and real innovation. We're not talking about lightweight attacks. We're talking about sophisticated innovative attackers that challenge our best cyber defenses, crawling through the action on the front lines between the good guys and the bad guys. Mark, can you tell us a little bit about some of the things that you've seen, the new changes, the challenges in this COVID year in this pandemic year?
Mark Gazit: (19:40)
Absolutely. And you're absolutely right. Even before COVID-19 the bad guys what attracted to money naturally. And you also mentioned the fact that the original sin was given everybody ability to have computer on the desk and then connecting those computers. So everything is connected and probably banks was the last type of organizations that try to keep their branches and try to ask people to come to branches of banks and field forms, etc. And, of course, even before COVID-19 digital banking became available, bad guys definitely wanted to use it. The sums are huge, we're talking about billions if not trillions of dollars. So it's attracted not under the most chutzpah out of the bad guys, as you said, but also, it created a hunt after the talents. So the most talented criminals today will do what they call financial cybercrime because the payoff is very high and the risk is very low.
Mark Gazit: (20:52)
The days of people trying to come to a branch of a bank and threaten the clerks or shoot them up are over, it still happens in Hollywood movies. It's okay. But in reality, it's so much easier to put a server in some remote country. And the server will save 25 cents from your bank account, but will use AI and do it hundreds of millions of times. And then they will disconnect the link, still maybe 20 or $30 million. And if you want to catch those guys, be my guest. Governments do it. We know that North Korea they stole $1 million from Bank of Bangladesh using cyberattack on Swift network. It's happening all the time. You would like to launder money. Again, it's so easy these days to open accounts. Now COVID-19 definitely accelerated this process. Because if historically bank had an opportunity to tell you maybe to come to the branch of a bank to identify yourself, today it's much more difficult if not impossible. You can be in Israel, but you have a bank account in the United States. What do you do? You cannot travel. So banks have to create some level of trust.
Mark Gazit: (22:05)
By the way, "poor bad guys", also suffer from the same phenomenon. Historically, you could put some cash in your suitcase and travel if you wanted to finance terrorist activities or human trafficking. If you're not a big fan of cash, you could put some diamonds in a suitcase, travel. Again, today it's impossible. So we have this huge problem of fantastic amounts of money moving between countries. It's a $20 trillion in 2020, it will be $35 trillion in 2022. And the ability of banks to analyze this data, to understand what's going on based on existing technologies that they used before, which were created for the traditional banking systems, whether it's rules, threshold, or signatures becomes almost impossible.
Mark Gazit: (22:58)
So the only way we see that now it's possible to deal with these type of attacks is by using artificial intelligence that mimics human intuition. And basically makes computers to think more or less like human beings, because we all know that through the real attacks comes from the places that you least expect them to come. And because everything now is connected. And as you said, everybody has access to computers. It's so easy today to conduct cybersecurity attacks and steal real money. And the last but not least on that regard, if you mentioned AI, one thing that people don't appreciate is the bad guys have access to artificial intelligence. They're amazing scientists. They don't follow any rules. "Sometimes they take professors and give them proposals they can't refuse." And so they have access to technology. And we assume we as good guys have to use the best technology possible to protect ourselves.
Ron Moritz: (23:56)
You mentioned some numbers that are simply just too big to put my head around. When you talk about market opportunities that are in the trillions, certainly that is an incentive to build a corporation. So the bad guys are certainly building some of these corporations, but you yourself are working with some of the most technologically advanced global banks, some of the biggest banks in the world, and they're counting on you to help them stay ahead of these financial losses, the embarrassment that comes from the financial and cybercrime that they experience. You must have a lot of sleepless nights, but also probably some tremendous highs from the work that you and your team have done stopping the bad guys. I'm wondering if you could actually get into a story or two and share that with us because I think that'll be fascinating.
Mark Gazit: (24:49)
Well, absolutely. These bad guys become bolder and because it's cybersecurity and because it's all remote, they also know that the price of failure is much lower. They can be physically arrested. And it's this specific work to work with those banks. Some of them went public about the work they do with us, like [Santander 00:25:09], but some of them, of course, keep it more confidential. So we're not mentioning names. But yeah, sometimes we work very hard. And then for example, we identify networks of tens of thousands of people financing ISIS. Now, when you look at those transactions that were different accounts, every transactions were very small. $10, 15 Swiss Francs, €8. And they all look different. They're all coming from different places, but when you take artificial intelligence that combines all those transactions, suddenly you see tens of millions of dollars flowing to finance terrorist organizations.
Mark Gazit: (25:49)
And obviously our system help banks to identify it and then law enforcement agencies went in and luckily for us totally stopped this type of activity. And I think each and every one of us especially Israelis, but all around the world could be influenced by this ability to finance financial organizations. And it was almost impossible to identify those transactions because they were really different.
Mark Gazit: (26:22)
Another one is a human trafficking. One of the banks that we worked, we found very, when I say we, artificial intuition system found different set of transactions again in the hundreds. And we found that actually all were about human trafficking, poor girls that were sold from one of the Eastern European countries. So yeah, it's true. We catch bad guys, by the way, in this case, Interpol went in and that took care of it. And we know for sure that we did it before the girls were transported. I know there's a better way to describe it. So definitely there's a huge excitement and the understanding that we make a world a much better place. And you're absolutely right, when there's a downtown, there are more people that join those bad guys when everything is connected, the way to transfer money is easier. And we just need to remember that behind those scientific worlds, cybersecurity, financial cybercrime, etc. sometimes there are real lives that are being affected. And it's great to make those lives better.
Ron Moritz: (27:40)
Absolutely. Sounds truly fascinating. And this talk of cybercrime makes me think about the different roles that are played by both police and military. In both organizations we find the offensive and defensive activities, and they range from protect and serve, which of course is the logo of the police and peacekeeping and active defense and proactive strikes. And these are terms that we sometimes hear in the cybersecurity industry as well. There's probably a fine line sometimes not so fine line between many of the roles played by police, a civilian service, military national security service. Different times we've talked about having offensive cybersecurity. As a pandemic has played out this year, we saw many different ways in which the political leadership, in fact, attempted to leverage these services in our international battle against Coronavirus. Some have been more successful than others.
Ron Moritz: (28:31)
I'm going to start with Kfir. I want to understand this role that police and military have, the metaphors that we've using over the many years to explain cybersecurity. Maybe you can help us understand the differences between these approaches? And looking backwards, which approach do you think was more successful in response to this year's pandemic related cybersecurity threats?
Kfir Kimhi: (28:55)
I think again, that it all depends about the attack factors. So if we are talking about the necessarily to protect our boundaries from extended attackers? Naturally, we need to wear the hat to of a military person. We need to be able to use tools that will allow us to put the attackers as far as we can. When we are looking about the insider threat, when we are talking about the attackers that is already inside the network and might harm one of our major systems or file storages where we keep all our crown jewels. Or if we are talking about one of our employees that is using the data, either in not a careful way or even about to leave the company, doesn't know what's going to happen with him because of COVID-19, maybe he's confused because about something that happened in his house and he's deciding to take massive amount of data before he leaves the company, needs a completely different approach. And military tools will not help. You cannot shoot with a tank on a school even though there might be some big exposure happening inside.
Kfir Kimhi: (30:26)
So the approach need to be different when we are talking about different attack factors. And when we are talking about insiders, we need to wear a policemen hat. We need to explain, we need to present what would be the punishment. We need to train and give also some good sign or a warning if it's needed. But it need to be with education, with bringing the people in and understand what is our expectation of them? And the capability to put the security cameras as well, to understand that if something bad is happening, that we need to be involved, we need to explain, we need to warn. And sometimes we need to take action.
Ron Moritz: (31:18)
So, Ronen and Mark, same questions. Are you aligned with Kfir, or do you see things differently?
Mark Gazit: (31:25)
So shall I jump first? Just because I'm not muted and Ronen is. It's always a challenge in those [inaudible 00:31:34]. So I am very much aligned with Kfir. I think that the role of law enforcement agencies is changing. Ron, of course, you know about my history and past with those agencies. I think again, before COVID-19 they all understood that the world is changing. They all understood that one of my good friends who is head of one of the European top security agencies told me, "We have dedicated people that come 7:00 AM, they drink coffee all day, and then maybe they will work till 7:00, 8:00, maybe 9:00 PM. And then they go to sleep. And he said that our clients would wake up at 3:00, 4:00 PM, will go to the closest internet cafe. They will take Vodka Red Bull and they would start their work. That was before COVID-19. Now, they're doing it from home and everything is connected, and that technology is there. The encryption is there and the know-how is there.
Mark Gazit: (32:38)
So I think the government agencies understand more and more they should be able to build tools and legislation that would allow them to identify this type of activities. They should count more on technology. And more and more people are becoming computer savvy in law enforcement agencies. I have to say there is a caveat here though, and that will give you again, an example, you asked me to give real examples. So I gave you an example, we found that our system in use [inaudible 00:33:14] artificial intelligence, in many cases, identifies a money laundering 70 days before the actual attempt to withdraw money from a bank and conduct the crime happens.
Mark Gazit: (33:23)
Now, on the other hand, we don't want to be in a world that is the minority report for those of you have seen the movie. So Police departments and security agencies, they can't just count on computers to indict people. No, none of us would like to be in a situation that suddenly some algorithm decided that somebody is guilty and then this person goes to jail. So I think that it creates a challenge for law enforcement agencies and we see with many regulators, how to use technology, but make technology full explainable and transparent. For example, AI is an area where you don't necessarily know how decisions been made. For example, you say, Alexa, turn on the lights. You don't care why Alexa understood you? You just knew they use was what they called neural networks and deep learning, etc. But when it comes to law enforcement agencies, you have to be able to explain each and every step. And usually when we start this type of discussion and with regulators, with government agencies, first, we say, "Look, we understand that black box is not good for you. Let's talk about glass boxes, let's talk about transparency.
Mark Gazit: (34:37)
And so to summarize what I said, I very much agree with Kfir that, like anybody else, law enforcement agencies are going through transformation. That's been extremely accelerated by COVID-19. And I think that there will be more and more scrutiny to see that those technologies that we use in day-to-day life will be explainable. We'll be transparent. We'll be able to also withhold the scrutiny of judges and courts, which I think is the right direction.
Ron Moritz: (35:13)
Yeah. In fact, just to add a quick comment there, I've been excited to see that in the area that you serve, the financial services, the regulators are finally coming up to speed when it comes to some of the deep tech technology that innovative companies like ThetaRay are introducing. Ronen, did you have anything you wanted to add to that thought?
Ronen Yehoshua: (35:35)
Yeah, I would add from a bit different direction. Even before COVID we always discuss that one of the major challenges defenders in cybersecurity have is that ... if you think about military? It's how to be on a defense posture. We've been taught in the army that the best defense you have to quickly move to attack. You cannot stay on the defense side because you always lose. But the challenge in the business world is how can you attack? You cannot attack, even if you knew, who would you attack? We don't know who to attack. So it got to the discussion, a different term, which is a reactive and proactive. So if you cannot attack, then the best you can do, you should be proactive rather than reactive. You cannot allow ourselves just sitting like a duck waiting for the attack coming onto you and build the defenses and wait for something to happen and react. You need to be proactive, but the challenge is how can you be ... what's the meaning of being proactive in cyber security?
Ronen Yehoshua: (36:49)
That's one of the things that Morphisec, actually was built upon on the idea of being proactive with moving down defense technologies and all that. So and I think now with COVID that even become even worse because we all understood that, again, with all this parameters, those defenses being reactive all the time, and suddenly, poof everyone is outside. There is no perimeter anymore. You don't know what to protect. Your employees are at home and moving around with the computers and your other applications are moving to the cloud. We had that before, but now everything is very intensive. So that brought many to think that we have to change a mindset from a defensive reactive to a more proactive approach.
Ronen Yehoshua: (37:40)
And I think one of the interesting subject that came up, or became more intensive is the zero trust architecture discussion which is a kind of a method, I would say that can cope with this new environment, new reality, where everything is dispersed. Everything is outside. You cannot think about any parameters. You don't have this military camp that you're protecting. Everyone is outside. And now you have to think differently how you protect. So zero trust is an interesting architecture, lots of vendors moving there. And I think that's something that we'll see evolving strongly because of that.
Ron Moritz: (38:27)
So that's interesting. You're starting to touch on some of these direct and long-term changes in cybersecurity that COVID-19 has brought about. And you've been engaged in the industry across many verticals for a long time. I'm just wondering, on the basis of this direct changes that you've talked about, has COVID driven other changes in cybersecurity consistently across all verticals, or if not, which sectors are actually experiencing the greatest impact and why do you think that's the case?
Ronen Yehoshua: (39:02)
Yeah. I think that we've seen two interesting segments which we didn't think about before that they become highly attacked. One of them is healthcare. Healthcare always was a target but I think it's tripped now, very, very intensive. And we see lots of successful attacks coming there and we get a lot of calls from customers that are in panic. We've been in a never-ending sales cycles with them and suddenly, "Hey, we buy now? Because shit we heard about the other hospital in the other County that was just hit." And so that segment is dramatically raising interest in the area of cyber attack. I don't have an exact answer why? I think those organization traditionally were not sophisticated, very exposed and suddenly have become a very easy attack and especially they're in turmoil, why? They're working so hard, there's so much load on those organization today. And I can assume that their IT and systems and security's collapsing, just collapsing from the load, from the diversity they have to deal with. So that's become an interesting a segment.
Ronen Yehoshua: (40:27)
And the second one, again, very surprising especially the U.S. is the education system, the K-12 and all that, attack tripped. And most probably the reason is the remote learning. All student now are connecting into the schools, organizations remotely and no one is prepared. This movement outside opens many, many doors and are just jumping on that. And this organization they're not sophisticated, it would take them time. And if you ask them for ransom, well, they would probably give you the ransom.
Ron Moritz: (41:09)
There's certain irony to hear you call out the healthcare industry in a pandemic year. Do you think that the response in the healthcare industry and maybe education as well has been adequate, or is there a lot left to do? I'm a healthcare CISO, Chief Information Security Officer, what do I need to include in my 2021 resolutions, where at the end of the year, we're all making resolutions. What are those guys going to be thinking about?
Ronen Yehoshua: (41:37)
Of course, they have to stress in what they have, and they have to do that not in the traditional way. They first action someone will do when he's under stress, he will try to build the defenses he knew in the past or he heard in the past, but as we just spoke, they are less relevant today. And they need to think about more innovative ways and approaches again, being proactive, applying prevention methods and things like that. And the challenge is also ... Again, many of those, such as healthcare security is not a business. Financial and bank and insurance. This is part of the day-to-day. They have lots of teams heavily invested. They have SOC analyst and all that. Healthcare will never have that, education will never have that. So they have the challenge of finding effective systems which are easy to operate. And as you know in security, it's a magic formula.
Ron Moritz: (42:47)
Sounds like making security simple is a way forward for all the cybersecurity companies.
Ronen Yehoshua: (42:55)
Exactly.
Ron Moritz: (42:55)
I want to get a little bit more personal before we begin wrapping up. All of you are of course, are responsible for important category, leading cybersecurity companies. MBA101 teaches us that you all have responsibilities to your employees, your investors, and of course your customers. That's the first thing you learn in business school. But there's no MBA course, or at least there hasn't been in the past. There might be in the future which, of course, we'll have to do over Zoom, but there's no MBA course to really prepare anybody for a pandemic and let alone CEO.
Ron Moritz: (43:26)
So I'm really interested in hearing your own experiences, how each of you might've read the economic signals, the business tea leaves in the first quarter of 2020, and then how you actually led your companies through the pandemic, and did COVID-19 effect your business models? Where you're forced to scramble to create new business plans? Did they impact some of your product roadmaps? And did COVID-19 provide new opportunities that you wouldn't have had had the pandemic not happen? So I'm really interested in hearing from all of you guys. So round robin it, whoever wants to go first, feel free.
Ronen Yehoshua: (44:06)
I can jump in. [crosstalk 00:44:07]-
Kfir Kimhi: (44:07)
Yeah, go ahead.
Ronen Yehoshua: (44:09)
No, Kfir, I was just speaking. Please.
Kfir Kimhi: (44:12)
Okay. I think that it's related to three things. First of all, when it's coming to customers, we look at the opportunity. And luckily for us, we are creating the next generation of the DLP, and traditional DLP was so hard and so complex and so expensive. So companies that even started a DLP project, and just in the beginning stages of the classification and look how bad and how long it's going to happen? As they're coming to us and know that they couldn't do it in a much faster way with a much lower budget, make it much more appealing to them to work with a startup company. And that's created a very big opportunity for us. And we see 600% in the last quarter coming because of that.
Kfir Kimhi: (45:16)
From the other perspective, we are talking about investment. And luckily for us, we did a short investment right before COVID started, but we are definitely looking now to do another round, to make sure that we are safe for the next 24 months and can grow faster. So we are definitely looking at that if weren't expecting to do finance year-round during 2021. Now we are working on that intensively to start doing it in Q1, 2021. And for the third parties, of course, our employees, which brings two different things to the stage. First of all, the workforce. We see a lot of opportunities in bringing more people in, very good people that can join in both from the technical perspective and also from the sales perspective. We see an increase in the amount of potential employees and employees that would like also to work on success fee, which we haven't seen in the past in such large numbers.
Kfir Kimhi: (46:36)
So I think that those are the three major changes that we see that we are trying to work with. And we hope that we build something that is strong enough to keep growing in this Covid time.
Ron Moritz: (46:53)
Mark or Ronen, any thought?
Ronen Yehoshua: (46:58)
[inaudible 00:46:58].
Mark Gazit: (46:59)
Okay. Thanks, Ronen. So definitely when COVID-19 started, and as you said, they don't teach you in Harvard Business School about COVID-19, but you always have this sort of two tendencies. And as CIO, I found that the always need to deal with the short-term, long-term growth versus profitability, etc. And here, a new crisis comes. So first, we braced for impact, we reduced cost significantly. We said, let's make sure that we have enough financing. Started financing round immediately. And evaluated all our current customers. And then when the fog went down a little bit, and we understood that COVID-19 is with us to stay. It's not something that will disappear in a month or two. It was back in April. I actually took another quote by Winston Churchill that said, "Never waste a good crisis."
Mark Gazit: (48:06)
So we said, "This is a crisis, so let's see what we can do?" And then we just started to listen to our customers and ask them and look at them and to see what's going on there? And we found something very interesting. On the other hand, their business model is changing. For example, when we install our system, it is usually a big project, long deployment cycle, a lot of integration with internal systems, they just cannot do it anymore because people are at home. And banking system is not something that you can do and replace remotely. So it was a surprise for them. On the other hand, we found that although some of the projects going slower, actually everything that comes to international transactions is growing. And in some cases, banks told us, "Look, let's slow down the project a little bit." But when it came to correspondent banking, they told us, "Look, we want it yesterday. We need it now."
Mark Gazit: (49:01)
And we said, "Look, if something good is happening to them, then let's focus on that particular area." I can tell you that we did more deployments during the COVID time than we did for the entire 2019, because they really needed solutions that are working, deployed and active. And, of course, we also had to change our sales model. We love meeting people. We sell trust. So building trust relationship is extremely important, but how can you do it when you can't even travel and meet with people? So we definitely created more events, virtual dinners, and we can talk a lot about it. Also, ability to take the company, to build the company, to keep it together every week. We always had what we call, [foreign language 00:49:57], it's religious. We do it, and people connecting from all around the world...
Mark Gazit: (50:06)
So in a nutshell, I would say that we do look at it as an opportunity. It's not a secret. Again, I mentioned something there because they made it public that their digital banking business grew by 40% during COVID-19 and we are lucky to be in heart of it. So we look what's working, we try to invest more in those areas. We try to find constantly things that are not working and try to not invest in those areas. And the most important is to keep in touch, to keep in touch with our customers, without shareholders, with other stakeholders. And of course, to make sure that all the employees keep in touch constantly.
Ronen Yehoshua: (50:50)
Yeah. So from an operational perspective more of the same as Mark as just mentioned, can add do that, that with all those actions that you mentioned internally, we also ... How you use [inaudible 00:51:07] every crisis is an opportunity. What do we take out of it post-COVID? Because we quickly understood that the way we work will change. So let's start now or get organized for the day after.
Ronen Yehoshua: (51:23)
For example, R&D, everyone they're using a desktop, we moved everyone to a laptop. It's a big project that gave a lot of flexibility about how we work with them. And we started planning how the office will look like, how we do the shifts with new people the day after, and start implementing it now. So looking from an operational perspective, look at the opportunities that Covid brings in. From a customer perspective, of course, every crisis is an opportunity as well. So we try seeing where the opportunities there? Work from home, of course, is an opportunity, we understood quickly that going out is a major issue. So we came out, of course, quickly, like everyone does, by the way, in our now market. Quickly with all kinds of offerings around that, all kinds of promotion around that. And of course, we were happy to see that works.
Ronen Yehoshua: (52:18)
And we also, from a product perspective, we, for example, that was the trigger for us to move to cloud delivery. Our product traditionally it's an architecture of a management system that is hosted usually on the on-premise because customer wasn't worried about security and all that, but now everyone wants to move to the cloud. So that was an opportunity for us to do that. We want to do that before, but they needed the trigger. And that was the trigger, and guess what? Now, almost every deal that we do is cloud-delivered.
Ronen Yehoshua: (52:52)
So that was also all kinds of issues around the product that we leveraged because of COVID. And of course there was a lot of challenges. Lead-Generation, very, very hard. People disappear. The phone number when the office is not working anymore. People are listening to webinars because they're bored and they have time, not necessarily because they want to buy. So you have a lot of a garbage in your lead generation. So a lot of challenges around that.
Ron Moritz: (53:30)
Hopefully, the people who registered for this Salt Talk are here to learn [crosstalk 00:53:33], at The top of the hour. And I really did want to ask one final question, because I know that two of you Ronen and Mark, you were already out in Abu Dhabi earlier this year following the signing of the Abraham Accords at the White House last summer. I'm aware and I have been aware for many years that there's significant demand for cybersecurity solutions throughout the Gulf Cooperation Council, especially in the financial, healthcare, and government sectors which we've talked about throughout this past hour.
Ron Moritz: (54:08)
Given Israel's place as a global cybersecurity powerhouse by most reports, second to the United States, I'd be remiss if I failed to ask about the opportunities these new relationships with the Gulf States and other States in that region offered to your companies and what impact that's had on your sales and marketing strategies or will have on your sales and marketing strategies? This seems like, maybe you have a different perspective, but it seems like the Abraham Accords are counterpoint to this very challenging pandemic here. So really quickly 30 to 60 seconds round robin, let's get your thoughts on that.
Ronen Yehoshua: (54:58)
I think all of us were very proud to be there. We're highly excited. Now, from a business perspective, in terms of security, again from a very initial look, it's a highly developed economic environment. Highly, amazing, but it seems that in the early days of digital transformation, I would say maybe one step behind the U.S. or Europe or something like that. That's what's my feeling. And they definitely understand that the transition the digital transformation brings with that the risk of cyber and they have to deal with that in the early days of the implementations. And of course, they are looking for best of breed. They're looking for the best technologies and the only used to work with Israel, I think before on the agriculture and all that. And I understand there's a great opportunity here because the [inaudible 00:55:54] cyber. So obviously cyber will be a hot topic, nice business to do there. And I definitely foresee things will happen. Looking forward to that.
Mark Gazit: (56:09)
Yeah. Ronen, I think it's a very nice finish to the discussion. Because absolutely Israeli technologies and the growth of the market in the UAE in the Middle East and the corporation thanks to Abraham Accords creates an enormous opportunity. It's not that there were no commercial ties. Again, you know about my past. But now at least for me to make it formal, to make it public, to be there, not only as a business person that loves doing business in the Gulf, but to be there as an Israeli, having Jonathan Medved come in there. And of course, being part of Margalits high-tech delegation, it's a totally different feeling, a combination of pride, but also understanding that it's a huge and developing market. UAE looking at themselves as the next financial hub of the world in par with United States in par with London and with Singapore and Hong Kong.
Mark Gazit: (57:15)
I think that's also a gateway to additional countries in the Middle East and also to Africa as well. And it's only three and a half hours flight from Israel, and it's almost the same time zone. So I think that not all the people appreciate the huge opportunity that it created. I think we Israelis really need to make sure that we provide them the best solutions. I totally agree with everybody who said, "It's a very, very developed economy." They know exactly what they're looking for. They're looking for the best solutions, very advanced economy. And I definitely think that the combination of their access to market and the enormous growth. And Israeli innovation creates something that far beyond what we really expect. In my eyes, this is the new Middle East that where economy drives peace.
Ron Moritz: (58:10)
I'm thrilled that we've been able to end on a high note like this. I think we've just got some really interesting and nuance points today. I want to thank Kfir, Ronen, and Mark for joining us. I know the demands of company building are many and more, and I really appreciate the time that each of you is carved out to share your insights. Today, we've heard from 3 of OurCrowd's 200 portfolio companies. You can see more technology and startups and investment opportunities in both cybersecurity and many other sectors at ourcrowd.com. Thank you to our partner, Salt. And make sure you join us for the next installment on December 3rd.
Ronen Yehoshua: (58:48)
And thank you, Ron, for hosting us.
Mark Gazit: (58:50)
Thank you very much. [crosstalk 00:58:52].
Kfir Kimhi: (58:51)
Thank you.