News

Enterprise Security in an AI-Native World

03.05.2024

Cybersecurity has always been a fast changing landscape, but with the rise of widespread-access AI tools such as ChatGPT, we are seeing Artificial intelligence is catalysing a paradigm shift in cybersecurity architecture. Traditional systems, designed to protect against decades of relatively stable known threat types, are increasingly inadequate against AI-augmented attacks, which can analyze vast datasets and exploit vulnerabilities at unprecedented speed and with unprecedented creativity. 

Emerging challenges, such as the automated generation of sophisticated phishing attacks, which grew between 500% and 1000% YoY in 2023, or the exploitation of previously unknown software flaws which are being brought to light at volume through AI, require urgent solutions. Massive data management challenges and breaches are surging and impacting public businesses like Hubspot to security darlings like Okta. This isn’t just a risk to survival and security is no longer considered just a cost center. It is also critical infrastructure and 90%+ of businesses with poor security practices missed revenue goals last year. Even the premise behind alerts, alerts analysis and alert management is under stress due to the creative nature of attacks which can be layered and more complex than ever before.

This has prompted a wave of innovation among cybersecurity firms, focusing on adaptive, AI-centric security frameworks. These frameworks are designed to anticipate the evolving tactics of adversaries, ensuring that digital infrastructures can withstand the sophisticated cyber threats of tomorrow. Managing software access for AI agents or integrating security practices in the production and deployment of code, for example, are starting to emerge as crucial lines of defense for any organisation.

_________________________________________________________________________________________

At Seedcamp, we are aware of the above challenges and more, and thus are investing in a new stack of tooling and frameworks to stop attackers in the era of generative AI. Whereas tooling once focused on a certain element like a network, or a device, software is increasingly safeguarding the intersections and understanding the intent of both machines and humans. 

To this end, our thesis is underpinned by four distinct categories:

(1) Managing identity more intelligently for humans and machine agents

(2) Shifting left in the software development lifecycle to secure code as it is written

(3) Surfacing complex fraud detection beyond simple pattern recognition

(4) Securing an organisation’s data, regardless of how it is managed in transit, at rest and in use.

Identity

In the past, access management was rules-based systems that ensured only the right people access an organization’s data and resources. Role Based Access Management (RBAC), Identity Access Management (IAM) and Privileged Access Management (PAM) were ‘top-down’ and permitted access based on an employee’s rank and function. This was typically a ‘point solution’ in the sense that it solves a single problem in a tightly defined zone of relevance.

This top-down logic is being replaced by tooling that is more context-aware and primed to handle both machine and human users. Attackers have historically snuck past identity systems by understanding the rules and logic and posing as an entity that is permissioned, i.e. by using the email address and password of an employee. Today, machine agents are accessing the same software without passwords or ‘clearance’ in a traditional sense. It is therefore imperative to understand the ‘why’ and ‘how’ behind an access request, in order to decide on what should and should not be accessed. To this end, we have invested in businesses that manage, protect and bring visibility to this evolving environment.

  • Cakewalk – Full visibility over all employee applications, automated access reviews and simple access management
  • Cerbos – Decoupling authorisation logic from application code. Fine-grained access control with RBAC, ABAC, and beyond
  • Stealth – Reverse reinforcement learning to derive an agent or human’s full context in low-level machine environments
  • Stealth – IAM for digital identities and microservices

“AI is fundamentally changing the way companies manage their access to software: AI provides context to processes that were merely rule-based in the past. Think of user access reviews, offboarding, or time-based access – AI guides IT and Security teams with recommendations (e.g. “Julia hasn’t used Figma for 9 weeks. You can most likely remove her access.”). This not only frees IT and security teams from manual, mundane tasks but also increases your security and compliance posture.”

Johannes Keienburg, CEO of Cakewalk

Development and Infrastructure

Classical cybersecurity largely safeguards the end product – the ‘surface area’ is the zone in which users interact with the software. Detection happens after code has been written and shipped and prevents attacks on the application or infrastructure. Recently, tools are ‘shifting left’ in the software development cycle to automatically check the code base for vulnerabilities.

This developer-first tooling began by effectively scanning static code bases. More recently, it has become ‘real-time’ to operate in parallel with the machine or human actually writing code.  To the chagrin of software developers, programming is merging with security and vulnerability scanning will inevitably be instantaneous as code is written. To generalise, these alerts are slightly ‘higher fidelity’ and can help provision resources and even prioritise the haul of alerts that security analysts currently handle.

Catching issues long before code is shipped to the enterprise is exciting and at Seedcamp we are pleased to partner with organisations who make this their mission, including:

  • Arcjet – Security layer for next gen platforms & frameworks
  • Cyscale – Cloud workload protection platform (CWPP) solutions that cover a wide range of workloads including servers, virtual machines, containers, and serverless workloads;
  • Stealth – Infrastructure as code (IaC) to reduce cloud misconfigurations and tie together scattered services across the organisation

“Security should be something developers take responsibility for in the same way they consider how to structure their application, which database to use, and how to approach writing integration tests. It’s often said that developers don’t care about security, when really they just don’t have the right tooling. That needs to change if we want to build software that is secure by design.”

David Mytton, CEO of Arcjet

Fraud Detection

Impersonation and identity theft represent an enormous threat surface area for the enterprise and for individuals. Global fraud is worth over $1 trillion and onboarding customers, businesses and employees is a huge cost-center. To verify and approve a single identity, enterprises are already deploying several different packages which might independently check KYC, AML, sanctions, political interests and more. For fraudsters, it is essentially very easy to triangulate the personal details of someone from social media and online content. The volume of attempted attacks is only likely to continue growing. 

Additionally, fraud tends to be lodged in opaque spaces. Longtail personal details and identities are rarely checked, such as a reference for a job, a merchant on a food delivery platform or a guarantor of a tenancy. Hiding stolen identities or non-compliant information deep in documentation has historically been a simple way to get around checks which tend to focus on the main event – the user or customer. 

At Seedcamp, we are excited to partner with businesses securing the entire enterprise workflow against fraudulent individuals and businesses. Some of the solutions we’ve backed include:

  • Resistant AI – Detection of forged documents. Fraud detection for finance businesses across KYB, merchant onboarding KYC, customer onboarding, digital lending, tenant screening and more
  • SpektrAutomation of manual compliance tasks like risk management, client monitoring, and renewals
  • ZincReference check software an all-in-one employment background verification
  • SikoiaAutomated customer verification checks
  • Salv – Real-time collaborative financial crime-fighting network. Tactical information sharing for organisations across sectors and national borders

“Rising identity-based cyberattacks demand proactive solutions, making automated KYC verification vital for a more secure environment for businesses and their customers. With spektr, continuous client data monitoring, proactive alerts on profile changes, and international data screening ensure fast, secure operations.”

Mikkel Skarnager, CEO of spektr

Data

Finally, it is no secret that organisations are losing an uphill battle to prevent data leakage. As data is plugged into language models, it is almost impossible to tackle the probability that it will escape as an output and be sent outside the organisation. The explosion of free browser based services also means that employees are uploading confidential data on a daily basis to design, content and other automated tools that may be visible to 3rd parties. 

“The cybersecurity battleground is shifting. While traditional tools such as perimeter defenses are still important, they don’t work for the large and constantly growing attack surfaces that Generative AI exposes to enterprises. The first line of defense is the application developer. At Bookend we’re building for a future where developers can quickly and simply protect applications from Generative AI-related threat vectors that cause model misbehavior, and focus instead on empowering their organizations to innovate more rapidly.”

Pravin Pillai, CEO of Bookend AI

New tools are emerging to tackle this problem and the process of tracing data and keeping it squarely within an organisation’s four walls is just beginning. Where security was previously one-size-fits-all, it will need to intensify at certain intersections to prevent issues like toxicity and shield employees from a growing wave of fake AI-driven messaging and content. 

We are excited about the companies we have partnered with to bring transparency, collaboration and trust to data in the enterprise:

  • Bookend AI – Empowers enterprise developers to build safe, Generative-AI powered experiences for their users by preventing domain-specific model misbehavior such as bias, toxicity and hallucinations
  • Enz.ai AI governance platform that integrates directly into your workflow to see how you align with AI regulation 
  • Verax.ai – Enterprise-grade trust solutions to allow for the adoption of Gen AI products, starting with logic transparency. Understand why the data input into an LLM generates specific outputs

“The old paradigm for data security treated it as atomic pieces of information.  With the rise of Large Language Models (LLMs), Natural Language Processing (NLP), and evolving AI/ML techniques, the challenge of data security has now shifted to the level of Knowledge Management which derives meaning from the data we once tried to protect.  The paradigms of the old model do not translate well or scale to the new model and we have to find a more effective path than trying to persist the illusion of having our arms around the atomic information.”

Nick Vigier, CISO of Oscar Health*

_____________________________________________________________________________________

The security landscape is evolving rapidly and we are actively trying to solve how best to protect our valuable information infrastructure. If you are a founder of an early-stage security startup, we would love to hear what you’re building!

*Not a Seedcamp portfolio company

Unrivalled network
Unfiltered advice
Unwavering support