As business networks sprawl out of data centers and onto smartphones, IoT devices, cloud servers and more, the threat posed by hacking and other criminal activity has soared.
Cybersecurity professionals can no longer rely on protective tools like firewalls to keep out every attacker and so, to answer these new threats, a crop of startups have popped up in the field of “managed detection and response.” MDR relies on machine learning algorithms to monitor network data and activity for anomalies that may reveal the presence of hackers within a system. When it does, security analysts at security operations centers step in to assess and neutralize the intruder.
One local player in the field is CI Security — formerly known as Critical Informatics — which just raised $9.6 million in Series B funding led by East Seattle Partners, bringing its funding total past $16 million since it was founded in 2012. The company started its operations defending highly complex and regulation-heavy healthcare networks, and has since branched out into the public and financial sectors.
Security is not a technology problem, it is a people problem.”
“We’re honored to continue our work defending hospitals, clinics, cities, ports and school districts,” President and Chief Information Security Officer Mike Hamilton said in a statement. “Our mission is to make sure the lights stay on, healthcare is available, the water supply is safe and ... commerce continues unabated during this time of unprecedented threat activity.”
Headquartered in Seattle, the company’s analysts — the people who vet and respond to threats — work out of Security Operations Centers over the Cascades in Ellensburg and in Bremerton, on the Kitsap Peninsula. With fresh cash in its pocket, CI Security intends to hire more success engineers — dedicated advocates that understand individual customer’s needs and assets — and security analysts that are available to investigate threats 24 hours a day.
“Security is not a technology problem, it is a people problem,” CEO Garrett Silver said. “There is a material shortage of security talent, and organizations cannot recruit and retain enough people to manage the technology they already have. Our managed detection and response solution uses technology to enable (our) analysts to extend our customers’ teams.”
CI Security will also invest in its technology offerings. The platform currently monitors a customer’s onsite digital assets, as well as their AWS, Azure and Microsoft Office 365 services, plus a long list of IoT endpoints — including medical devices. The company’s managed detection and response technology collects and analyzes network packets, NetFlow, server logs and security events detected by firewalls, and streams metadata to Bremerton and Ellensburg, where analysts apply so-called “smart hunting techniques.” If analysts do detect an intruder within a system, the company provides an action plan to the customer, and work together to mitigate the threat.
“Authentic MDR starts with the acknowledgment that great detection and response comes from awesome analysts amplified by great technology,” Silver said. “Our purpose-built technology with power data ingest means CI Security analysts conduct deep investigations to remove false positives and catch events that (other cybersecurity services) miss.”