Asian companies are more concerned about “saving face” – by getting rid of all traces of hacks and defacements – than their Western counterparts
Internet security was one of the biggest stories of 2014. The year ended with a bang as hackers leaked an astonishing amount of confidential data from Sony Pictures, implicating executives and celebrities, and creating a media firestorm. It’s a stunning embarrassment for the company, and a wake-up call for other firms to shore up their defenses.
With hackers on the prowl, internet security companies stand to benefit. That’s the case for Banff Cyber Technologies, a Singapore-based startup which focuses on mitigating the damage caused by cyber attacks.
In its short lifespan, Banff Cyber has gained over 30 paying large enterprise customers, consisting of government bodies, listed companies, and Forbes Global 2000 firms. In Singapore, it’s monitoring over 20 government websites, along with banks and telcos customers. State governments in Australia are using its products, and the startup is closing deals in the Philippines.
Its first product is the WebOrion Defacement Monitor, which detects within five minutes any unauthorized changes on a website – or it can do so in up to one minute if you pick the on-site version over the cloud-based product . The monitor then notifies the webmaster through an email or SMS.
That’s where the second product, the WebOrion Restorer kicks in. At a button press, it redirects visitors to a copy of a website, which is 80 to 90 percent true to the original and hosted on Banff’s pre-hardened Linux server. That strips away a lot of known vulnerabilities in web apps that could be responsible for the intrusion in the first place.
“This addresses [security] from a different perspective, which we don’t see the major players like Symantec or McAfee doing,” says Banff Cyber founder and CEO Matthias Chin. Then there are firms like Cloudflare, a content delivery network with security monitoring as a side dish. Banff Cyber is different because it focuses on detection and restoration.
Chin says Banff’s products “buy [clients] time on the backend to fix the original server. It gives them three to five days to ensure everything is secure before returning back to the original website.”
Given how fast it takes for visitors to spot the defacement, take a screenshot, and share it with the whole wide world, Banff Cyber can’t always stop the media from having a field day with a cyber intrusion. But at least it can minimize the damage.
Think of the company as the firefighters and insurers you’ll be thankful for when everything goes wrong.
If McAfee was born in Asia…
Chin’s products carry a uniquely Asian flavor. After speaking to potential customers in the region, Chin found them to be more concerned about “saving face” – by getting rid of all traces of hacks and defacements – than their Western counterparts.
This shaped his expansion plans. With most of his customers now Singapore-based, he foresees venturing into Australia, Japan, and the rest of Southeast Asia in the near future. While he has a promising customer base and has raised S$600,000 (US$450,000) in seed funding from Clearbridge Accelerator as part of the Singapore government’s TIS initiative, he’s raising a series A round of over a million dollars to expand faster. He also received a government grant from SPRING TECS.
Chin is a longtime security professional with stints at Singapore Computer Systems, ST Electronics, and Cisco Systems. These experiences give him an understanding of both the enterprise and government sectors.
He started the company in August 2012 with Hwee Hong Tan, a colleague when he was a network engineer at internet service provider Pacific Internet in 1998. Banff Cyber began life doing cyber security consulting and services before moving into products.
“We saw a big gap in cyber security because a lot of large companies are not moving fast enough to catch up with hacker trends and threats. My team members are all ethical hacking trained. We know how easy it is to create loopholes and vulnerabilities to exploit a system.”
He adds: “Within one hour of any Microsoft announcement, we know the hacker community can create an exploit and share it globally. But as a defender it’ll take me months to address the problem.”
The startup is expanding its scope to include preventive and vulnerability scanning. The new product will be ready by the end of 2015 or early 2016. It’s a logical extension for Banff, which started up with defacement monitoring but developed the Restorer when customers asked for it. Adding prevention to the mix will give them a complete suite of products.
Chin will continue focusing on large enterprise customers for the first phase. After speaking to small and medium enterprises, he doesn’t sense much demand there yet. “Some of them feel that if their website gets defaced, they’ll get free publicity in Tech in Asia or Channel NewsAsia,” Chin says with a grin. But he could revisit that segment in the future with a cheaper cloud-based plan.
This post was originally published on Tech In Asia