Modern field guide to security and privacy

Venture capitalist Ted Schlein anoints the next hot cybersecurity startups

Schlein talks about his latest investments, some of the myths about cybersecurity, and what it will take for the new crop of security startups to keep up with sophisticated hackers. 

|
KPCB
Ted Schlein, venture capitalist for Kleiner Perkins Caufield & Byers

Behind most tech startups is a team of investors. Behind many of the cybersecurity startups that have grown into behemoths is Ted Schlein. A longtime partner at Silicon Valley’s Kleiner Perkins Caufield & Byers, Schlein spearheaded investments in LifeLock, Bit9, and Mandiant, which was recently snapped up in a billion-dollar acquisition by FireEye. He also sits on the board of In-Q-Tel, a nonprofit investment firm that funds technology to support the Central Intelligence Agency's mission. Passcode spoke to Schlein about trends in cyber defense’s growing industry. Edited excerpts follow. 

Passcode: Global cyberattacks have increased 48 percent this year. Have you also seen more cybersecurity startups emerging from Silicon Valley in the last year?

 TS: Yes. Although, security has always been a relatively steady area of investment in the Valley. The threats have always been there and they continue to get worse year after year. Large corporations are always willing to take chances on startups. I think the fact is that cyberthreats and cyberbreaches are becoming more mainstream and more topical. It’s caused more investment dollars to flow into the area.

Passcode: If it’s a steady area of investment, why are the attacks getting worse?

TS: The bad guys go where the money’s at. In the world of cyber, there are two kinds of threats. There’s information stealing or there’s monetary stealing. If it’s information, it’s usually coming from the Chinese. If it’s monetary, it’s usually coming from Eastern Europe. We live in an interconnected world. The sophistication that comes with some of the tools of cybercrime has just led to more dollars being stolen.

Passcode: You mentioned information stealing. How is commercial encryption adapting to mitigate that threat?

TS: Encryption is very tricky to employ in a mass way: The infrastructure needed to manage it is complicated. I’m working with a company called Ionic Security that’s attempting to allow people to encrypt all of the data in their systems, keep it encrypted in the cloud, and then only unencrypt it when you have been positively authenticated to be who you say you are. I think encryption technology may be a data-centric approach to security, rather than trying to stop bad guys across the network.

Passcode: So, is the trend in emerging cybersecurity technologies more preventative than predictive?

TS: I see a big trend moving away from prevention to what I call detection. Most people are starting to realize that there are only two different types of companies in the world: those that have been breached and know it and those that have been breached and don’t know it. Therefore, prevention is not sufficient and you’re going to have to invest in detection because you’re going to want to know what system has been breached as fast as humanly possible so that you can contain and remediate.

We’re working with a company called Shape Security that’s invented the world’s first botwall. A botwall is able to determine: is this traffic for this website coming from an automated source versus a human? And if it’s coming from somebody automated, stop it. If it’s a human, allow it to go through.

Passcode: How are companies better equipping themselves, talent wise, to fight cybercrime?

TS: I don’t believe global 2000s are able to hire the talent that you need to combat today’s cybercriminals. I think the concept of crowdsourcing your security needs is starting to arise.

I’m working on a company called Synack, which is really a way for you to crowdsource some of the top security researchers in the world. And you as a company can contract with Synack and they will turn these security researchers on your corporate assets to show you how secure you are. So in other words, you’re hiring them to hack into your systems on an ongoing basis to make sure that you do what you need to do to protect yourself.

Passcode: What cybersecurity risks do you see coming into play on an international scale?

TS: As terrorist groups become more sophisticated, they’re going to use cyber means to do their terrorism. The Balkanization of the Internet ... could lead to much larger cyber threats. Obviously, right now, there seems to be a mistrust of the US due to the Snowden leaks, and I hope that that subsides because I do think that the US is in the best position to protect a lot of the infrastructure, more so than many other countries.

 

You've read  of  free articles. Subscribe to continue.
Real news can be honest, hopeful, credible, constructive.
What is the Monitor difference? Tackling the tough headlines – with humanity. Listening to sources – with respect. Seeing the story that others are missing by reporting what so often gets overlooked: the values that connect us. That’s Monitor reporting – news that changes how you see the world.

Dear Reader,

About a year ago, I happened upon this statement about the Monitor in the Harvard Business Review – under the charming heading of “do things that don’t interest you”:

“Many things that end up” being meaningful, writes social scientist Joseph Grenny, “have come from conference workshops, articles, or online videos that began as a chore and ended with an insight. My work in Kenya, for example, was heavily influenced by a Christian Science Monitor article I had forced myself to read 10 years earlier. Sometimes, we call things ‘boring’ simply because they lie outside the box we are currently in.”

If you were to come up with a punchline to a joke about the Monitor, that would probably be it. We’re seen as being global, fair, insightful, and perhaps a bit too earnest. We’re the bran muffin of journalism.

But you know what? We change lives. And I’m going to argue that we change lives precisely because we force open that too-small box that most human beings think they live in.

The Monitor is a peculiar little publication that’s hard for the world to figure out. We’re run by a church, but we’re not only for church members and we’re not about converting people. We’re known as being fair even as the world becomes as polarized as at any time since the newspaper’s founding in 1908.

We have a mission beyond circulation, we want to bridge divides. We’re about kicking down the door of thought everywhere and saying, “You are bigger and more capable than you realize. And we can prove it.”

If you’re looking for bran muffin journalism, you can subscribe to the Monitor for $15. You’ll get the Monitor Weekly magazine, the Monitor Daily email, and unlimited access to CSMonitor.com.

QR Code to Venture capitalist Ted Schlein anoints the next hot cybersecurity startups
Read this article in
https://www.csmonitor.com/World/Passcode/2014/1219/Venture-capitalist-Ted-Schlein-anoints-the-next-hot-cybersecurity-startups
QR Code to Subscription page
Start your subscription today
https://www.csmonitor.com/subscribe