Israeli cybersecurity firm CYE Ltd. announced today it has raised $100 million in new financing to expand its business, which combines technology and “white hat” hacking to help enterprises identify their most serious vulnerabilities.

The 80-person company uses algorithms and graph modeling to conduct a full assessment of a customer’s cybersecurity landscape by launching attacks conducted by experienced experts. The company requires technical staff to have at least six years of practical experience in military or government security. Many were trained by the highly regarded Israeli Defense Forces.

Once CYE gains permission from customers, it launches full-force attacks on their infrastructure and websites. “We mimic different threat actors ranging from cybercriminals to nation-states,” said founder and Chief Executive Reuven Aronashvili. “We work 24-by-7 with a platform that identifies relative IP addresses, collects intelligence and plans and executes operations.”

The company applies an algorithmic approach to measuring the likelihood that various attack routes will be exploited so that customers can assess relative risks. Predictive analytics are then applied to help the achieve the best balance of protection and cost.

Although CYE has raised $140 million, the eight-year-old firm “has been profitable since day one” and doesn’t need the money, Aronashvili said. The purpose of the new round was more to bring strategic investors into the fold than to fund operations. “We are more interested in the partnership than the money,” Aronashvili said.

European Private equity firm EQT AB led the round with participation from 83North Ltd. “EQT is one of the top 10 private equity firms worldwide, with a network of portfolio companies worldwide that are quite remarkable,” the CEO said.

Inattention to basics

Enterprises have been pouring vast amounts of money into cybersecurity tools: Worldwide spending grew 6% to $125.2 billion in 2020, according to International Data Corp. But CYE’s experience has been that the most frequent gaps are caused by process failure and human errors.

Poor identity and password management is the most common vulnerability, Aronashvili said. That’s followed by multifactor authentication protocols that are put in place but not enforced and poorly implemented network segmentation and segregation practices that leave file servers accessible to anyone on the network. In many networks, intruders who gain access to an endpoint can move laterally between servers almost unimpeded.

Genuinely sophisticated exploits represent fewer than 15% of all those the company has identified, he said. Even when sophisticated attacks succeed in gaining access, organizations tend not to apply basic protections inside their networks.

“From initial access attackers can use lateral movement to extract passwords, get domain admin access and take advantage of poor segmentation and segregation,” he said. “It’s so frustrating to see that over and over again.” Network segmentation is a time-consuming process but not a difficult one, he noted.

“We’ve done a lot of work that didn’t involve any budget at all by just securing configurations and improving the deployment of existing tooling,” Aronashvili said.

The new funding will be used primarily to expand operations into western Europe and the U.S. with later expansion to South America. The company will not relax its experience requirement for technical staff, the CEO said.

Photo: Wikimedia Commons