Source: SME South Africa Cybersecurity in South Africa is increasingly being regarded as a lucrative market for tech startups to get into with a growing number of startups taking up opportunities in the threat market. In the US, where the increasing wave of cyber attacks has been receiving huge attention, a large platoon of startups has steadily been coming into the industry over the past number of years to take a bite of the flourishing market. Gartner, Inc reported that global cybersecurity market topped the $75 billion mark in 2015 and is expected to reach $170 billion by 2020, while the Ponemon Institute revealed that 92% of Forbes Global 2000 companies reported data breaches in the past year. The recent attack involving Standard Bank, which lost a reported R300 million shows that this is also a concern in emerging markets. Up to 7% of all South African organisations experienced a cyber attack in the last year according to security firm Kaspersky Lab and according to the South African Banking Risk Information Centre (SABRIC), South Africans lose in excess of R2.2 billion annually to internet fraud and phishing attacks. Newly-launched cybersecurity startup, Snode is one of these tech startups that are looking to tap into and take advantage of Africa’s cybersecurity market that is predicted to be worth over $2.32 billion in 2020. Cyber criminals are now, more than ever, turning their attention to emerging markets which they perceive to be easy, yet lucrative, targets, says Nithen Naidoo, CIO and founder of Snode. “The company believes it provides a much needed service in South Africa.” Who is Snode Snode is a cyber intelligence solution startup that helps businesses protect themselves by providing real-time intelligence. They use advanced mathematical algorithms, the processing power of learning machines, and predictive analytics to provide insights into behavioural patterns, which they say will help identify and combat cyber threats before potential breaches occur. Snode has a team of over 12 consultants spread across offices in Johannesburg and London and the company has recently secured VC funding from Johannesburg-based telecommunications company, Hello Group. SME South Africa speaks with Naidoo about the biggest failings of cybersecurity startups in SA and why thinking outside the box is key for how they are hoping to change the face of cybersecurity in the country. Opportunities that cyber threat has created for security startups in South Africa. I think South Africa has a history of innovation. Our current landscape means we work within certain constrains. We design solutions very elegantly without even knowing it because of these constrains. Bandwidth in South Africa is expensive and it’s limited, so all our technologies seem to be produced in a very bandwidth efficient way. I think the cybersecurity industry globally is looking for more innovative solutions. People always talk about increased spend on cybersecurity, however, I don’t necessarily think that increased spend is the answer. I think innovation is the answer. There’s a great scope in cybersecurity for young individuals who are looking to apply their minds and come up with innovative solutions that not only solve a South African problem but solves a global problem. The biggest failing of most cybersecurity startups I can honestly talk from experience. My initial business took a very long time to take off because of some fundamental 101 mistakes. I think the biggest mistake was scalability. Taking any product or service to market you’ve got to look for two things – leverage and scalability. I may have got the leverage right because I was in cybersecurity industry for such a long time I was leveraging my experience, I was leveraging the contacts I had in that industry and I was leveraging the insights I had to bring me to market. “The internet takes us out of the physical location. Your corner shop suddenly becomes a shop on every corner all over the world” But I got scalability wrong – I did it in the form of consulting. Quite simply, I can sell an hour to an organisation in the form of consulting, but there’s only eight hours in a day. So I’ve already chosen a way forward that had limitations whereas if I had to look at the world of product, which is what Snode is, I get to touch lives of people across the globe without restriction, without limitation. If a young entrepreneur wanted to take away two valuable lessons that took me five years to understand – it’s one, look for scalability and two is to embrace channels like the internet, like social media and look for ways to grow your business globally. Think locally, act globally. How Snode is impacting the local security ecosystem Although Snode has various applications in various vertical market segments our target market seems to have chosen us. The mining sector particularly likes Snode because it’s a passive technology. In a mining business you have a lot of sensitive infrastructure also that mining industries don’t want to risk downtime. Snode is very low risk to implement in the most sensitive of environments. Yet it provides you with all the insights you need to defend your business against emerging cyber threats. In financial services, not only are the learning capabilities, pattern recognition and behavioral analytics built to detect cyber threats but they can very easily be applied to detect patterns of fraud within transactional data. So taking the Snode technologies application out of the pure cyber world and applying it to ATM fraud, for example. Other industries [where we are having an impact] are defense, the professional services sector as well as the public sector. How they are impacting public perception If you speak to many cybersecurity firms whether they be providing a service or product, they’ll tell you attack is inevitable and that’s how the public perceive the cyber landscape today, ‘It’s inevitable that I will be attacked’. But we need to be given the freedom to embrace technology and not be hindered by fear and the first place where this battle is fought is in user awareness. If I had to look at the root cause or the most effective way to combat most of today’s cybersecurity threats it would start at user awareness. How we are educating the market We started market education without even knowing it at Snode. Earlier you spoke to an actual client of Snode [Hello Group] and as a client the insights we provided him raised his awareness to the cybersecurity problem which made him want to invest in a cybersecurity solution startup. He realised the gravity of the problem and he realised the application of the solution. That happens every time we deploy a Snode technology in a client environment. And by exposing what is happening within the environment and exposing what is happening outside the environment the client becomes more educated. How we got our Funding We’ve been very fortunate with funding recently, once we solidified our concept within Snode. There is a lot of funding available to young entrepreneurs and older entrepreneurs alike but the foundation of the funding is based on your approach to those investors. Before we partnered with our angel investors Nadir Khamissa and Shazim Khamissa [founders of Hello Group], I got called in by a really big global brand who wanted to take a look at the Snode concept. And although they were blown away by Snode as a product, they were blown away by my team as a group of individuals to actually execute on this plan, where we failed to sell them was on our business acumen. “If you’re experiencing problems with you business, the first place to look for is innovation” We couldn’t provide them with answers to basic business questions like what would our expenditure be in the first year, what would our break-even point be going forward, what would our distribution channels look like, what would our sales channels look like, are we going to use direct marketing, are we going to partner, what strategic partners we’d make – and without that information no great idea is going to get funded. Thinking outside the box Thinking outside the box is important for any startup. If you’re experiencing problems with you business, the first place to look for is innovation. For cybersecurity startups I think there could be a red herring or trap that a lot of the cybersecurity startups could fall into, that of wanting to be in the cybersecurity market because it’s such a growing market and potentially worth a lot in the future. Just being in the cybersecurity market selling the same traditional technology or selling the same traditional ideas or developing a technology that is very similar to exiting technologies in the market space is really not enough. Some of the brands in the cybersecurity market are very well established. If you’re going to go against these brands you need to have a very competitive edge. How Snode is taking the unconventional route Unlike traditional technologies which evolve in a lab, Snode evolved while we were trying to help our clients. It actually evolved while we were trying to solve a real world problem. We never intended to create a product for market, we were really trying to add value and solve pain points which our customers were experiencing and the technology sort of evolved from there. We found a solution and we managed to productise it and that was the birth of Snode.
Source: ITWeb The company was started by three South Africans: Nithen Naidoo, CIO at Snode and brothers Nadir and Shaazim Khamissa, who are co-founders of the telecommunications company Hello Group. Nadir is an actuary and is a former MD of global equity derivatives trading at Deutsche Bank, based in London. Shaazim is the chief technology officer at Hello Group. Snode uses utilises advanced mathematical algorithms, the processing power of learning machines, and predictive analytics to provide real-time intelligence to business. The company's technology also uses intelligence amplification, whereby the power of machine learning is augmented with a trained individual's insight. According to Naidoo, intelligence amplification should not be confused with artificial intelligence which aspires to replace human involvement altogether. "Snode's application in cyber security leverages years of expertise in cyber intelligence and mathematics," he said. The company's technology does not replace traditional signature-based solutions, but is complementary, Naidoo pointed out. Snode believes it will provide a much-needed service in SA, especially as the vulnerability to cyber attacks is increasing as businesses are rapidly digitising. "Cyber criminals are now, more than ever, turning their attention to emerging markets which they perceive to be easy, yet lucrative, targets," said Naidoo. "Within emerging markets, it is the banking sector that is particularly vulnerable, as evidenced by the recent slate of SWIFT attacks. C-suite executives are also targeted," Naidoo explained. "Exacerbating matters is that cyber attacks frequently come from advanced and highly motivated crime syndicates that are dispersed globally," he continued. According to Naidoo a lot of cyber security breaches are not reported, particularly cyber espionage, and this is mostly due to companies not being aware of the breach. "We are no longer dealing with kids in the bedroom, but organised crime - government-led attacks, corporate espionage, and hacktivism and so on - and SA is not immune." Naidoo noted that a more intelligent line of defence is urgently required, as traditional end-point and signature-based technologies are inefficient in dealing with the rapidly evolving threat landscape. "The digital age brings with it incomprehensible amounts of data and the challenge is how to best use it, and glean value from it without wasting resources," he said. "Traditional signature-based protocols look at data in isolation. Threat intelligence helps but is retroactive, signature-based protocols are reactive, Snode is proactive." Naidoo said companies need more than a firewall. "A firewall is often unable to differentiate between a malicious login attempt and a real one, Snode provides that framework."
Source: TechSmart Cyber-intelligence company, Snode, has launched in South Africa. The company utilises advanced mathematical algorithms, the processing power of learning machines, and predictive analytics; providing real-time intelligence to your business. Snode provides insights into behavioural patterns, which help identify and combat cyber-threats before potential breaches may occur. Snode uses Intelligence Amplification (IA), which combines machine learning with the depth of human experience and insight. Differing significantly from Artificial Intelligence, which aspires to replace human involvement altogether. “Snode’s application in cybersecurity leverages years of expertise in cyber-intelligence and mathematics,” says Nithen Naidoo, CIO at Snode. “The company believes it provides a much needed service in South Africa; cybercriminals are now, more than ever, turning their attention to emerging markets which they perceive to be easy, yet lucrative, targets.” Within emerging markets, it is the banking sector that is particularly vulnerable, as evidenced by the recent slate of SWIFT attacks, as are C-suite executives. Exacerbating matters is that cyberattacks frequently come from advanced and highly motivated crime syndicates which are dispersed globally. The recent trend of commercial enterprises, governments and other NGO’s engaging in cybercrime further fuels the increased sophistication of attacks. A more intelligent line of defence is urgently required, as traditional end-point and signature based technologies are inefficient in dealing with the rapidly evolving threat landscape. “Snode believes that a more proactive and innovative approach to cybersecurity is needed. South Africa is already in the midst of a cybersecurity storm,” says Naidoo. “Snode brings existing security controls into a next-generation cyber-defence, capable of defeating today’s sophisticated and dynamic attackers.” Data is the core of any business, therefore it is of the utmost importance to effectively secure your information; protecting it against cyber-threats. “Snode tips the balance in cyber-warfare, to favour the defenders and root-out the attackers. Passively monitoring massive amounts of data traversing client networks, giving Snode a comprehensive view of all activities. It detects and reports suspicious behavioural patterns, as well as various anomalies, in real-time. No conventional solution does this,” concludes Naidoo.
Source: ITWeb Africa UK-based cyber-intelligence company Snode has launched in South Africa, aiming to use its advanced technology to secure businesses, especially in the banking sector. Snode uses advanced mathematical algorithms, the processing power of learning machines, and predictive analytics to provide businesses with real-time intelligence and insights into behavioural patterns that help identify and combat cyber-threats before they occur. The company's cyber-intelligence solution looks to help clients proactively manage their cybersecurity posture, with Snode saying this empowers businesses to be driven forward through embracing emerging technologies. A team of 12 consultants with extensive cybersecurity expertise and experience is spread across Snode's offices in Johannesburg and London, with the company advising on cybersecurity matters across various sectors, particularly financial services but also mining, professional services and aerospace. "Snode's application in cybersecurity leverages years of expertise in cyber-intelligence and mathematics," said Nithen Naidoo, CIO at Snode. "The company believes it provides a much needed service in South Africa; cybercriminals are now, more than ever, turning their attention to emerging markets which they perceive to be easy, yet lucrative, targets." Snode uses Intelligence Amplification (IA), combining machine learning with human experience and insight. This differs from Artificial Intelligence AI), which aspires to replace human involvement altogether. The company's focus in South Africa will be the banking sector, which it says is particularly vulnerable in emerging markets, as evidenced by the recent increase in SWIFT attacks. Cyberattacks frequently come from advanced and highly motivated crime syndicates which are dispersed globally, with the company saying equally sophisticated methods are needed to combat it. "Snode believes that a more proactive and innovative approach to cybersecurity is needed. South Africa is already in the midst of a cybersecurity storm," Naidoo said. "Snode brings existing security controls into a next-generation cyber-defence, capable of defeating today's sophisticated and dynamic attackers." He said data is the core of any business, and therefore it is of the utmost importance to effectively secure information and protect it against cyber-threats. "Snode tips the balance in cyber-warfare, to favour the defenders and root-out the attackers. Passively monitoring massive amounts of data traversing client networks, giving Snode a comprehensive view of all activities. It detects and reports suspicious behavioural patterns, as well as various anomalies, in real-time. No conventional solution does this," said Naidoo.
Author: ITWeb With the first day of ITWeb’s 2019 Security Summit underway at the Sandton Convention Centre in Johannesburg, 50 young tech enthusiasts are participating in this years’ Hackathon event sponsored by PwC. The hackathon, held by ITWeb in conjunction with ICT skills development company Geekulcha and Snode Technologies, aims to nurture individuals who are keen to develop their skills through learning and innovation, and who have a passion for cyber security. Running for the third time alongside the summit, this year’s hackathon is themed ‘Protecting connected citizens in the 4IR’. Aptly called #SS19hack, the hackathon has participants as young as 13 participating and engaging with industry leaders. Lerouro Mogeora, aged 13, is the youngest participant this year, while for 14-year old Sifiso Nkabinde this is the second year at the event. Those participating range from high school pupils to students from the Vaal University, the Tshwane University of Technology and the University of the Witwatersrand. There are 13 teams hacking it out, creating secure IoT applications. As they code, they need to identify at least three vulnerabilities within their applications utilising OWASP, an open source cyber security platform for checking common vulnerabilities. OWASP also has tools to assist the coders in improving the security of their software. A week ago, at a similar hackathon event in Kimberly, eight teams were competing, with the winning team there creating a solution that provides encrypted file share and messaging applications for government ministries. The top three teams from the event will also have their projects judged alongside those in Johannesburg. The overall winning team from the two Hackathons will win R20 000 sponsored by Micro Focus, with the second and third placed teams winning R10 000 and R5 000 respectively, courtesy of MTN. An added bonus for the top team in Johannesburg is that they will be awarded the Tshimologong Precinct Security Summit Hackathon trophy. The #SS19hack continues during the second day of the ITWeb Security Summit 2019. Mentors Ivan Regasek, CEO, ITWebRidewaan Hanslo, CSIR Steve Jump, TelkomSolomon Bhala, PwCBernard Mashala, Transet Nithen Naidoo, SnodeFrancois Mouton, CyanreIcconies Ramatsakane, PwCGift Nyembe, PwCMarco Loots, PwCMichael van Rensburg, SnodeTsholofelo Rantao, PwCThulisile Dlamini, Ikusasa Tech Solutions Panel of judges Doreen Mokoena, ZADNALucy Motsieloa, PwCSeth Robbertse, Micro FocusKendal Makgamathe, TshimologongSorene Assefa, Cyber Czar
On Thursday 23 May 2019, we attended the Freshworks Networking Meet talking about the impact of an increasingly connected world. In 2019, the influence of IoT, cloud, and BYOD have a dramatic impact, not only in our personal lives, but also in the world of business. It is crucial that organisations shift their thinking from a historic view of cybersecurity as a “grudge purchase” to something that is vital to the running of your organisation, is crucial for success and can often win battles in the boardroom. Our Founder and CEO, Nithen Naidoo, spoke about the changes we have seen in our client environments, especially with the workforce becoming increasingly dominated by millennials who expect to be connected at all times. Unlike traditional antivirus software, DLPs and firewalls, the Guardian platform is able to detect even the smallest changes in your networked environment and provides organisations with an unprecedented level of visibility and control of their network. It allows businesses across the globe to identify and prevent potential data exfiltration, malware infections and avoid catastrophic ransomware attacks such as the well-known Wannacry malware. Once the floor was opened for questions, the audience raised concerns around how secure (1) Mac vs Windows Operating Systems are and (2) mobile vs desktop platforms, with a mention of the recent Huawei-Google ban. The long and short of it is that there is no one platform that is more or less secure than another, every system contains some form of vulnerability and can be exploited just as easily, the question comes in around what is most lucrative for the attacker. The myth of a Mac being more secure than a Windows PC is largely due to the fact that there are simply more Windows PCs out there and most organisations across the globe make use of Windows Operating Systems as the norm. Attackers, like businesses, often focus on ROI and will always focus their attention on where they believe they can have the greatest impact. When it comes to the mobile industry, mobile malware is growing at a rapid rate and often mobile devices are a greater concern than laptop or desktop devices as many users often blindly accept permissions on all their applications and are generally more trusting when it comes to a potentially “life-changing” application that appears on the app store. This poses a particular risk to organisations as these devices are often brought into the office and are connecting to the corporate network, allowing the malware to spread though the network and impact the business productivity and reputation. Following Naidoo’s keynote, we joined a panel discussion chatting about creating a balance between organisational productivity and enterprise security in the age of consumerisation. Naidoo was joined by Darren Bilse (Systems and Technology Manager at Spark Schools), Andre Fredericks (CIO at Indie Sanlam) and Greg Lock (Senior Solution Architect at ITEC South Africa); moderating the panel was Saurabh Prabhuzantye (Business Head – MEA at Freshworks). Topics covered in the panel covered everything from how consumerisation of IT has impacted the organisations for which the panellists’ work, to how migration to the cloud has brought both benefits and challenges to IT heads and CIOs around the world, to understanding what you are buying and whether or not it suits your organisation and the needs of your team on the ground; real world problems facing real world organisations. The meet was a great information and knowledge sharing platform, allowing vendors and customers alike to openly share their opinions and experiences and to leverage off of the combined knowledge of South African and global IT professionals. We would like to thank the Freshworks team for inviting us to participate in this event and look forward to working with them in the future!
The Federal Bureau of Investigation (FBI) and Department of Homeland Security (DHS) have issued a joint Malware Analysis Report (AR19-129A) on a new malware variant used by the North Korean government. This malware was detected while tracking the malicious activities of the North Korean-backed hacking group Hidden Cobra (also known as Lazarus) and has been identified as Electricfish. Lazarus Group is a cybercrime group made up of an unknown number of individuals. While not much is known about the Lazarus Group, researchers have attributed many cyberattacks to them over the last decade. A notable attack by the group is the attack on Sony Pictures in 2014, which was the start to one of the largest corporate breaches in recent history. The hackers were able to cripple the Sony network for several days and gain access to valuable insider information including previously unreleased films and the personal information of approximately 4,000 past and present employees. The group was also able to access internal emails and reveal some very speculative practices going on at Sony. This latest report on Electricfish, published on the US-CERT website, comes with a detailed analysis of one malicious 32-bit executable file found to be infected with Lazarus' Electricfish malware. In this file, the malware appears to implement a custom protocol that creates a connection between the infected host and an external, malicious, destination host, bypassing authentication controls to reach outside of the network. Once a connection has been established, the Electricfish malware is able to funnel internet traffic between the two machines allowing the malicious actors to funnel information collected from compromised computers to servers that they control. The full, detailed report and analysis for the Electricfish malware sample as well as a full list of Indicators of Compromise (IoC’s) are available within the AR19-129A advisory.
Author: ITWeb Africa "Intriguingly challenging," is how one student described ITWeb's 2019 #SS19Hack Ideathon, held at the Tshimologong Digital Innovation Precinct in Braamfontein this past weekend. The ideathon is a build-up to the third annual cyber security-focused hackathon that will run alongside ITWeb Security Summit 2019 from 27 to 31 May. Organised by ITWeb in partnership with Snode Technologies and Geekulcha, the full-day software development training and brainstorming event hosted a bunch of young tech enthusiasts eager to learn new skills and solve problems. Mixo Ngoveni, founder of Geekulcha, told ITWeb the aim of the #SS19Hack Ideathon, and ultimately the hackathon in May, is to improve cyber security skills, tools and capabilities in the country. "With this one in particular, it is all about protecting the connected citizen." Those in attendance (students, tech entrepreneurs, software and hardware developers, designers and analysts) were welcomed by Kendal Makgamathe, community manager at Tshimologong, and Ivan Regasek, ITWeb CEO. The participants were separated into two teams: the red team (the attackers) and the blue team (the defence). Nithen Naidoo, founder and CEO of Snode Technologies, said the idea behind breaking the teams into two was about the "gamification" concepts, and making it more exciting for both the players and supporters. Ridewaan Hanslo, software engineer, advisor and researcher at CSIR, told the blue team: "You are the people that must find solutions. They [hackers] get glorified by finding problems; that's typically how it works." Steve Jump, head of corporate information security governance at Telkom, was one of the mentors and spoke to students about the importance of "securing by design" when writing software. Solomon Bhala, senior manager of cyber threat detection and response at PwC, gave a detailed credit card fraud presentation that had teams actively participating and asking questions around cyber attacks and credit card fraud. Naidoo noted Snode is working with PwC and a few large security companies to offer all the participants three-month internships so they can take the skills they have learned at the #SS19Hack Ideathon and implement them. They would get to work with knowledgeable cyber security teams, get paid, and potentially become full-time employees of those companies. "So it is a great opportunity not just for us to nurture talent but to source it for other cyber security companies."
Nithen Naidoo, Founder and CIO, Snode talks about: what the company does and how; how Snode Guardian can identify cyber-attacks; how the company has been funded; and future plans.
The second in a series of videos from the PHP Meetup event hosted at the Hello Group on 16 January 2018.
The first in a series of videos from the PHP Meetup event hosted at the Hello Group on 16 January 2018.
Snode is a data analytics platform that is designed to make the lives of whomever uses it easier, to assist in solving problems that were previously thought impossible, and to ultimately make a fundamental difference in the world as we know it.