Cybersecurity may be seeing an influx of startups and service providers looking to compete in the space, despite there being many companies operating, there is still plenty of opportunity for innovation.
Cybersecurity startup HoxHunt, is finding success in promoting behavior training as a key element to successful cybersecurity efforts.
HoxHunt recently secured €2.5 million in a Series A funding round that involved key investors including Dawn Capital, IceBreaker Venture Capital, and F-Secure founder and current Nokia chair Risto Siilasmaa. This fresh injection of funding allows the Helsinki-based company to expand into more markets in Europe, especially in the United Kingdom, the Nordics, and the Benelux regions.
How HoxHunt Works
Generally, corporate cybersecurity efforts focus on hardening their infrastructures’ defensive perimeter. While these initiatives could prevent malicious actors from breaking into their networks, companies tend to overlook the importance of security from within their organisation.
About 90% of security incidences in organisations are caused by human error. Hackers often exploit human weakness through carefully crafted social engineering attacks. Often, hackers will seek to manipulate employees into making mistakes and exposing vulnerabilities that could be used to breach networks.
HoxHunt aims to thwart these kinds of attacks by educating users on how to properly identify threats and react when faced with such attempts. Users are taught using simulated attacks which are designed to mimic the real thing.
Mika Aalto, who co-founded HoxHunt two years ago and serves as its CEO, believes that “Traditional education such as e-learning does not work against social engineering-based attacks. As social engineering taps into people’s emotions, being aware of attacks is only one part of the solution,” he continues. “To be prepared, people need to experience the attacks themselves.”
HoxHunt’s artificial intelligence-driven engine can send personalised phishing emails to try and trick users into clicking links or leaking sensitive data. Users have to report these attacks using a special plugin. The system then provides timely feedback on how well users have reacted to the given threat. People can also use the plugin to report actual attacks since HoxHunt also features real-time analyses and threat response features.
In addition, gamification elements reward users for participating. Managers can track how well their teams perform so that companies can fill in education gaps wherever needed.
“We have seen that sending only a few attacks per year does not change people’s behavior,” says Aalto, “and we’ve found that by gamifying the learning model, we are able to send 30 to 40 attacks per year. Employees are asking for more, mind you. This continuous learning model has been able to create unparalleled sustainable results, lowering the risk of falling to a single attack from 40% to an average of 2%.”
Security is now a shared responsibility among all users within organisations. This social-meets-security approach promotes the importance of human behavior in security strategies.
What the Funding Means
Cybersecurity is a growing industry, especially now that cyberattack threats have become more aggressive and complex. Almost 160,000 incidents were reported in 2017 – double the number of cyberattacks reported in the previous year.
As such, businesses are expected to increase their spending in cybersecurity in order to protect their networks and data. By 2019, companies are projected to spend $124 billion in tightening their security, representing a growth of 8.7 percent from 2018 estimates.
Various ventures are working to capitalise on this growth. This could potentially lead to a saturation of providers in the market. HoxHunt, however, seeks to establish its foothold in the space by taking on the human element of security. Fortunately, this appears to be a less saturated area making the service unique and quite valuable.
The company has also found a strong partner in Dawn Capital. The London-based venture fund is among Europe’s largest early-stage benefactors focused on enabling software-as-a-service (SaaS), cloud, and financial technology startups. Dawn Capital has a strong record of identifying winning startups. Its investment in email security platform Mimecast proved successful with the company already reaching a market capitalization of around $2 billion.
HoxHunt’s successful funding round hints at a bright future for the company. It may take a bit of time but they will achieve great success as enterprises realise the value that the company provides especially in this changing business landscape.