The future of the workplace is hybrid and with it comes untold implications on data security. There were 1.5 billion attacks against IoT (internet of things) devices during the first half of 2021, according to Kaspersky research. Luckily, a few Southern California companies are at the forefront of security tools taking direct aim at these malicious actors.
Evan Blasband, co-founder and CTO of cybersecurity company Allthenticate, said customers express how complex and disjointed it is to manage multiple systems for everything from access control to user credentialing.
“For us it is important to consolidate all these disparate solutions for security and usability purposes, as well as peace of mind,” Blasband said.
The Santa Barbara-based startup is building an ecosystem where administrators can manage everything for employees from one place — access control, passwordless computer logins, passwordless SSO, and SSH key management under one smartphone-based system.
“Companies shouldn’t be relying on their employees to implement complex security requirements that halt productivity, but rather provide them with solutions that handle the burden for them,” Blasband said.
MedCrypt, a San Diego-based cybersecurity solution provider for medical devices, launched a services arm this year to guide customers in “knowing what they don’t know” when establishing device cybersecurity programs.
“In 2022, customers are looking for data to substantiate budget requirements for expanding cybersecurity from a point-in-time reaction to a proactive comprehensive strategy that supports a device over its lifecycle,” said Vidya Murthy, MedCrypt’s COO.
Budgets include purchasing tools specific to known vulnerability management, Murthy explained, with emphasis on generating Software Bill of Materials (SBOMs) and integrating into the CI/CD pipeline. Customers are asking for maturity assessments to understand how much security is enough, especially with patient safety on the line.
“Having a barometer on meeting needs and defending patient safety in an increasingly adversarial environment seems to be top of mind,” said Murthy.
Companies of all sizes are increasingly turning to San Diego-based security and compliance automation platform Drata for assistance navigating a complex regulatory data privacy landscape.
“Customers use Drata to help track their compliance progress for frameworks like SOC 2 or ISO 27001, or regulations such as HIPAA,” said Daniel Marashlian, Drata’s CTO.
Drata, valued at $1 billion after a Series B round of funding, even brought on its own compliance manager who helped them get SOC 2 Type 2 verification.
“Most companies less than a year in business don’t have a compliance manager, but we felt it was critical for our company to walk the walk from day one,” Marashlian said.
As businesses rely on technology and connectivity more than ever, having the proper safeguards in place is essential.