The threat of being hacked is a perennial worry for businesses everywhere and, with an estimated 2,200 incidents a day in the US alone, it’s a threat that needs to be taken seriously say Matt Conlon and Conor Flannery, founders of cybersecurity software start-up Cytidel.
Both have deep knowledge of the cybersecurity sector and, in their experience, the tools available to triage security risks are not fit for purpose. As a result, already hard-pressed security teams waste huge amounts of time patching irrelevant vulnerabilities because they have no way of knowing which ones represent the biggest threat.
“Millions of corporate and government networks have already been breached due to poor software design and a severe shortage of cybersecurity personnel,” Conlon says. “Patching vulnerabilities manually takes between 60 and 150 days, which gives hackers ample time to strike. And with hundreds of new threats coming in every day, security teams are fighting a losing battle.”
Existing solutions provided by cybersecurity companies help organisations identify threats and gaps but, as they don’t take context into account, this makes them unreliable— Matt Conlon
Armed with intimate knowledge of where the shortcomings lay, the founders set out to develop a system that would close the threat gap and streamline the workload for security teams swamped by the demands of manually reviewing thousands of weak spots in IT networks.
“From working as cybersecurity consultants, we could see that people were constantly stressed out by their workload and felt there had to be a way to improve productivity while also reducing the burnout level and turnover rate among cybersecurity professionals,” Conlon says. This ultimately led to a solution designed to protect against breaches rather than repair them.
“Our software suite goes far beyond existing solutions by offering customised predictive algorithms that integrate with a customer’s existing security tools and data, and automatically rank the risk profile of each threat as it occurs,” says Conlon. “It then identifies and assigns a risk score specific to that customer’s environment and delivers precise remedial action. This allows the customer to patch only relevant vulnerabilities thereby saving around 50 per cent in time and reducing the risk of a breach by some 80 per cent.”
Conlon adds that existing solutions provided by cybersecurity companies help organisations identify threats and gaps but, as they don’t take context into account, this makes them unreliable.
“Two companies may have the same IT system with the same vulnerability but organisation A uses it to process customer payments while organisation B only uses it as a test device,” he says. “Intuitively, organisation A is more at risk. However, existing tools will prioritise the threat as exactly the same for both organisations. We solve this problem by taking a data-driven approach to IT risk prioritisation to close the door before someone gets in. Organisations are drowning in data. Our system brings clarity and context to it.”
Cytidel was established in September 2021 and the co-founders are now working full-time in the business which is based in Mayo. Conlon says the market for cybersecurity software is growing at a rate of more than 50 per cent a year. Potential target markets for the company’s system will include financial services, insurance, utilities, critical infrastructure and large companies managing multiple IT assets.
The next step for Cytidel is a seed round of €1m to fund hiring, beginning in the first quarter of 2023 as well as further product development and expansion into international markets
As experts in their field, the founders have been able to undertake most of the development work themselves and have bootstrapped start-up costs at roughly €100,000 with support from Mayo LEO and Enterprise Ireland’s new frontiers programme.
The next step for Cytidel is a seed round of €1 million to fund hiring, beginning in the first quarter of 2023 as well as further product development and expansion into international markets.
Cytidel is already cash positive as the founders have been running a cybersecurity consultancy in tandem with rolling out the new software which has allowed them to validate the product in situ. The software side of the business is based on a SaaS revenue model.