How this startup is hoping to change the face of cybersecurity in SA

November 3, 2016

Source: SME South Africa


Cybersecurity in South Africa is increasingly being regarded as a lucrative market for tech startups to get into with a growing number of startups taking up opportunities in the threat market.

In the US, where the increasing wave of cyber attacks has been receiving huge attention, a large platoon of startups has steadily been coming into the industry over the past number of years to take a bite of the flourishing market.

Gartner, Inc reported that global cybersecurity market topped the $75 billion mark in 2015 and is expected to reach $170 billion by 2020, while the Ponemon Institute revealed that 92% of Forbes Global 2000 companies reported data breaches in the past year.

The recent attack involving Standard Bank, which lost a reported R300 million shows that this is also a concern in emerging markets. Up to 7% of all South African organisations experienced a cyber attack in the last year according to security firm Kaspersky Lab and according to the South African Banking Risk Information Centre (SABRIC), South Africans lose in excess of R2.2 billion annually to internet fraud and phishing attacks.

Newly-launched cybersecurity startup, Snode is one of these tech startups that are looking to tap into and take advantage of Africa’s cybersecurity market that is predicted to be worth over $2.32 billion in 2020.

Cyber criminals are now, more than ever, turning their attention to emerging markets which they perceive to be easy, yet lucrative, targets, says Nithen Naidoo, CIO and founder of Snode. “The company believes it provides a much needed service in South Africa.”


Who is Snode

Snode is a cyber intelligence solution startup that helps businesses protect themselves by providing real-time intelligence.

They use advanced mathematical algorithms, the processing power of learning machines, and predictive analytics to provide insights into behavioural patterns, which they say will help identify and combat cyber threats before potential breaches occur.

Snode has a team of over 12 consultants spread across offices in Johannesburg and London and the company has recently secured VC funding from Johannesburg-based telecommunications company, Hello Group.

SME South Africa speaks with Naidoo about the biggest failings of cybersecurity startups in SA and why thinking outside the box is key for how they are hoping to change the face of cybersecurity in the country.


Opportunities that cyber threat has created for security startups in South Africa.

I think South Africa has a history of innovation. Our current landscape means we work within certain constrains. We design solutions very elegantly without even knowing it because of these constrains. Bandwidth in South Africa is expensive and it’s limited, so all our technologies seem to be produced in a very bandwidth efficient way.

I think the cybersecurity industry globally is looking for more innovative solutions. People always talk about increased spend on cybersecurity, however, I don’t necessarily think that increased spend is the answer. I think innovation is the answer.

There’s a great scope in cybersecurity for young individuals who are looking to apply their minds and come up with innovative solutions that not only solve a South African problem but solves a global problem.


The biggest failing of most cybersecurity startups

I can honestly talk from experience. My initial business took a very long time to take off because of some fundamental 101 mistakes. I think the biggest mistake was scalability. Taking any product or service to market you’ve got to look for two things – leverage and scalability. I may have got the leverage right because I was in cybersecurity industry for such a long time I was leveraging my experience, I was leveraging the contacts I had in that industry and I was leveraging the insights I had to bring me to market.


“The internet takes us out of the physical location. Your corner shop suddenly becomes a shop on every corner all over the world”


But I got scalability wrong – I did it in the form of consulting. Quite simply, I can sell an hour to an organisation in the form of consulting, but there’s only eight hours in a day. So I’ve already chosen a way forward that had limitations whereas if I had to look at the world of product, which is what Snode is, I get to touch lives of people across the globe without restriction, without limitation.

If a young entrepreneur wanted to take away two valuable lessons that took me five years to understand – it’s one, look for scalability and two is to embrace channels like the internet, like social media and look for ways to grow your business globally. Think locally, act globally.


How Snode is impacting the local security ecosystem

Although Snode has various applications in various vertical market segments our target market seems to have chosen us. The mining sector particularly likes Snode because it’s a passive technology. In a mining business you have a lot of sensitive infrastructure also that mining industries don’t want to risk downtime. Snode is very low risk to implement in the most sensitive of environments. Yet it provides you with all the insights you need to defend your business against emerging cyber threats.

In financial services, not only are the learning capabilities, pattern recognition and behavioral analytics built to detect cyber threats but they can very easily be applied to detect patterns of fraud within transactional data. So taking the Snode technologies application out of the pure cyber world and applying it to ATM fraud, for example.

Other industries [where we are having an impact] are defense, the professional services sector as well as the public sector.


How they are impacting public perception

If you speak to many cybersecurity firms whether they be providing a service or product, they’ll tell you attack is inevitable and that’s how the public perceive the cyber landscape today, ‘It’s inevitable that I will be attacked’. But we need to be given the freedom to embrace technology and not be hindered by fear and the first place where this battle is fought is in user awareness.

If I had to look at the root cause or the most effective way to combat most of today’s cybersecurity threats it would start at user awareness.


How we are educating the market

We started market education without even knowing it at Snode. Earlier you spoke to an actual client of Snode [Hello Group] and as a client the insights we provided him raised his awareness to the cybersecurity problem which made him want to invest in a cybersecurity solution startup. He realised the gravity of the problem and he realised the application of the solution.

That happens every time we deploy a Snode technology in a client environment. And by exposing what is happening within the environment and exposing what is happening outside the environment the client becomes more educated.


How we got our Funding

We’ve been very fortunate with funding recently, once we solidified our concept within Snode. There is a lot of funding available to young entrepreneurs and older entrepreneurs alike but the foundation of the funding is based on your approach to those investors.

Before we partnered with our angel investors Nadir Khamissa and Shazim Khamissa [founders of Hello Group], I got called in by a really big global brand who wanted to take a look at the Snode concept. And although they were blown away by Snode as a product, they were blown away by my team as a group of individuals to actually execute on this plan, where we failed to sell them was on our business acumen.


“If you’re experiencing problems with you business, the first place to look for is innovation”


We couldn’t provide them with answers to basic business questions like what would our expenditure be in the first year, what would our break-even point be going forward, what would our distribution channels look like, what would our sales channels look like, are we going to use direct marketing, are we going to partner, what strategic partners we’d make – and without that information no great idea is going to get funded.


Thinking outside the box

Thinking outside the box is important for any startup. If you’re experiencing problems with you business, the first place to look for is innovation. For cybersecurity startups I think there could be a red herring or trap that a lot of the cybersecurity startups could fall into, that of wanting to be in the cybersecurity market because it’s such a growing market and potentially worth a lot in the future.

Just being in the cybersecurity market selling the same traditional technology or selling the same traditional ideas or developing a technology that is very similar to exiting technologies in the market space is really not enough. Some of the brands in the cybersecurity market are very well established. If you’re going to go against these brands you need to have a very competitive edge.


How Snode is taking the unconventional route

Unlike traditional technologies which evolve in a lab, Snode evolved while we were trying to help our clients. It actually evolved while we were trying to solve a real world problem.

We never intended to create a product for market, we were really trying to add value and solve pain points which our customers were experiencing and the technology sort of evolved from there. We found a solution and we managed to productise it and that was the birth of Snode.


Snode enters the SA cyber security market

October 28, 2016

Source: ITWeb   The company was started by three South Africans: Nithen Naidoo, CIO at Snode and brothers Nadir and Shaazim Khamissa, who are co-founders of the telecommunications company Hello Group. Nadir is an actuary and is a former MD of global equity derivatives trading at Deutsche Bank, based in London. Shaazim is the chief technology officer at Hello Group. Snode uses utilises advanced mathematical algorithms, the processing power of learning machines, and predictive analytics to provide real-time intelligence to business. The company's technology also uses intelligence amplification, whereby the power of machine learning is augmented with a trained individual's insight. According to Naidoo, intelligence amplification should not be confused with artificial intelligence which aspires to replace human involvement altogether. "Snode's application in cyber security leverages years of expertise in cyber intelligence and mathematics," he said. The company's technology does not replace traditional signature-based solutions, but is complementary, Naidoo pointed out. Snode believes it will provide a much-needed service in SA, especially as the vulnerability to cyber attacks is increasing as businesses are rapidly digitising. "Cyber criminals are now, more than ever, turning their attention to emerging markets which they perceive to be easy, yet lucrative, targets," said Naidoo. "Within emerging markets, it is the banking sector that is particularly vulnerable, as evidenced by the recent slate of SWIFT attacks. C-suite executives are also targeted," Naidoo explained. "Exacerbating matters is that cyber attacks frequently come from advanced and highly motivated crime syndicates that are dispersed globally," he continued. According to Naidoo a lot of cyber security breaches are not reported, particularly cyber espionage, and this is mostly due to companies not being aware of the breach. "We are no longer dealing with kids in the bedroom, but organised crime - government-led attacks, corporate espionage, and hacktivism and so on - and SA is not immune." Naidoo noted that a more intelligent line of defence is urgently required, as traditional end-point and signature-based technologies are inefficient in dealing with the rapidly evolving threat landscape. "The digital age brings with it incomprehensible amounts of data and the challenge is how to best use it, and glean value from it without wasting resources," he said.   "Traditional signature-based protocols look at data in isolation. Threat intelligence helps but is retroactive, signature-based protocols are reactive, Snode is proactive."   Naidoo said companies need more than a firewall. "A firewall is often unable to differentiate between a malicious login attempt and a real one, Snode provides that framework."


SA start-up Snode steps up war on cyber crooks

November 23, 2016

Source: TechCentral   One of the biggest problems with identifying cybersecurity breaches is knowing that they happened at all. Too often, attackers breach companies’ defences and remain undetected — until it’s too late. A new South African start-up, Snode, incubated by fast-growing South African fintech company Hello Group but now spun off as its own business, has developed a solution that it believes will help IT departments identify suspicious behaviour as it’s happening, even when traditional security measures like firewalls fail to stop intruders. Snode, which was founded by cybersecurity expert Nithen Naidoo, has developed technology that alerts companies to the tell-tale signs that a cyberattack might be about to take place. “If you are looking for fraud only at the point where it occurred, you will always be reactive,” Naidoo said. “But if you can predict the fraud by looking at precursor patterns, you can prevent it and become proactive in your response.” Hello Group CEO Nadir Khamissa said Naidoo became involved with the company about 10 years ago to help it root out cybersecurity breaches and shore up its cyber defences. He became even more involved as the company moved into mobile money transfer with Hello Paisa. Hello Group, which has provided venture capital funding to Snode, needed something beyond basic firewall and signature (username and password) security mechanisms. “We needed something to understand patterns of behaviour, which is something we could not buy.” Naidoo built technologies that passively “sniff” all of a company’s network data, differentiating between different types of traffic going through the network in real time using “deep-packet inspection”. "The technology is “aware” of the start and end point of every packet of data, both internal and external," Khamissa said. “This is imperative to be able to understand patterns of behaviour. This enormous volume of data gets put into machine-learning algorithms that understand the patterns and is then overlaid with the expected or traditional behaviour of a user to identify anomalies.” The problem with most security solutions is the analyst interface “turns into a Christmas tree” of alerts — most of them false alarms — defeating the purpose, he said. “We have invested in pattern-recognition technologies to avoid these false positives. Snode understands patterns of behaviour and eliminates those.” Snode, Khamissa said, doesn’t replace firewalls and username-and-password-based security mechanisms. Rather, it is a layer on top of those solutions to help companies understand and identify behaviour and vulnerabilities. “Snode at its core uses mathematics to detect anomalies and patterns in any type of data from any source and understand the behavioural patterns of normal behaviour from abnormal behaviour,” explained Naidoo. “Just your presence on the network leaves a trace and affects the network in a certain way. Snode understands your systems environment and it has a signature for it. It identifies any stray from what it deems normal behaviour.At some point in the early stage of a cyberattack, there would have to be some form of reconnaissance. Snode actively looks for this, whether it’s a hacker doing a port scan, or an employee accessing a system they don’t normally access,” he said. “It does this in real time, with in-flight analytics.” Although Snode can’t analyse encrypted network traffic, it can still pick up anomalies. “If my encrypted channel suddenly does 2GB of traffic at 2am, that’s an anomaly. Sure, you can mask your identity in various ways, but no matter you do, you are going to influence the system.” Khamissa said Snode uses machine-learning algorithms to augment human efforts to defend digital networks. “The good guys are completely outgunned in the cyberwar. Attackers are highly motivated and mechanised. In the defence, you typically have a junior guy in IT patching servers, looking at endless alerts. To notch up your defence capabilities, you need something like Snode to augment the defenders of your networks.” After developing the solution inside Hello Group for many years, it has now been “productised” to be sold to other companies. Snode has run the solution in various iterations with PricewaterhouseCoopers over the past three years. PwC will now take the product to market as the company’s first reseller partner. It also has customers in South Africa, Nigeria, the UK and Australia. “Our focus is really on South Africa for now, but we have been getting a lot of requests from abroad,” said Khamissa. The key industry it intends focusing on is financial services, he said.