Last week, Hillel Yaffe Medical Center in Hadera fell victim to the biggest cyberattack ever launched against the Israeli health system. The ransomware attack shut down the hospital’s entire technology network. Recovery could take months.
More and more businesses – and their teams – operate today both in physical premises and remotely, via the cloud. Their systems are exposed to an increasing number and variety of hacking risks that are even more dangerous because they cannot be seen across different platforms.
Enter Cymptom, with security software that is continuously on the lookout for possible threats, prioritizes the risks and recommends how to address them in real time.
This young and fast-growing Israeli startup has developed a platform that continually assesses security risks and the cyberattack paths they could take. The platform is always running, and on a single screen, so it can easily be checked. It also provides a security score to track and benchmark progress.
And it takes less than an hour to install.
Best of all, Cymptom does not interfere with software already running, so it does not disrupt business while it provides full protection – a major benefit for companies that cannot afford interruptions or slow networks.
Cymptom takes a new approach. Instead of posing as an enemy hacker, the system identifies gaps in a company’s network – or in its connections with other networks – without interfering with the network or planting any code within the software.
“No one else is doing it this way,” says Itamar Mizrahi, Cymptom’s CEO and co-founder. “Most companies search for risks by penetration testing, which means simulating cyberattacks. That is time-consuming and just provides a snapshot of a singular moment. Our solution is much more appealing because it’s always in the background. It covers the entire network 24/7 and doesn’t disrupt daily operations, so it’s more cost effective, too.”
It is also more applicable to today’s work environment, says James Walker, a partner at Cue Ball Capital and former managing director of JP Morgan. “Increasingly, corporate data services span on-site and cloud-based services,” he says. “They’re a hybrid, and that makes them much more susceptible to attack. Their security has to be managed across environments.”
Founded by two former hackers from elite units of Israeli army cyber-intelligence and the Israel-based CyberArk information security firm, Mizrahi credits the company’s quick success to “leveraging the hacker mindset. We can stay ahead of the hackers because we used to play their game and we know the gaps they’re most likely to use.”
It is also part of a burgeoning Israeli cybersecurity sector. Israel attracted more than 40 percent of global cyber-investment in the first half of 2021, worth $4.5 billion so far this year, according to the IVC-Meitar Israel Tech Review.
After only two years in business, Cymptom projects its revenue will quadruple over the next year. It has already contracted with major international banks, management consulting, travel and telecom firms, and government-owned utility companies. Sales could double again in 2023 if trials succeed with an impressive pipeline of Fortune 500 and Global 2000 companies in Israel, North America and Europe.
“When the day is done, I can breathe a little more easily knowing that Cymptom is still scanning and finding the vulnerabilities and issues we need to focus on,” says Israel Bryski, head of Information Security for a New York-based investment management firm that uses Cymptom. “If we spend our days remediating those findings, you don’t have to ask me anymore what keeps me up at night.”
The company has a deep and impressive bench. Its president is Gilad Gans, who formerly served as managing director of SAP Israel and president of Stratasys North America. Investors include Jerusalem-based OurCrowd and Israeli cybersecurity guru Pinchas Buchris, a former director-general of the Israel Defense Ministry and commander of the storied Unit 8200 of Israel Military Intelligence.
Cymptom has applied for patent protection for its technology, and is in advanced negotiations to establish strategic partnerships with two cybersecurity giants and another multi-billion-dollar financial institution.
It was also named Best Cybersecurity Product at this year’s Global InfoSec Awards. “Cymptom embodies three major features we judges look for to become winners: understanding tomorrow’s threats, today, providing a cost-effective solution and innovating in unexpected ways that can help stop the next breach,” says Gary S. Miliefsky, publisher of Cyber Defense Magazine.
Although its concept is new, Cymptom does face “entrenched competition,” Walker says. “The grandfathers of the industry are recognizing that their solutions are outdated and need updating. But they start off with a structural disadvantage, because they are re-engineering solutions from 10-15 years ago, and that’s just harder,” he says.
“It’s not like AOL didn’t offer decent email. It did – but for a generation of technology that largely became irrelevant. So along came Gmail, which was created for 5G instead of dial-up internet, and it used that advantage to take over the market.”
Today’s advantage goes to companies like Cymptom that “start with a clean page,” he says. In September, Cymptom released a version of its technology that works on Microsoft’s Azure platform, and by early next year it expects to release tools adapted to the cloud platforms of Amazon and Google.
“Online security is just like protecting your home,” Mizrahi says. “You start off by locking your front door, installing security cameras and adopting a dog. But then you leave a key under the mat for the kids, you put a sticky-note on your desk with the password for the cameras and the dog chews a hole in the wall. It’s the same online. You create a system to protect your enterprise, but then as the business develops, it also develops holes that allow hackers to easily move around its network until they find the safe with the valued assets. Protecting the network has to be a continuous process.”
Cymptom is currently funding. For information about investing in the company via OurCrowd, click HERE.