The end of the year in cybersecurity mirrored the wider world by concluding in catastrophe: With more than 10,000 people dying every day from Covid-19, a highly sophisticated electronic espionage campaign targeted U.S. government agencies and critical private industry, all customers of a single company: SolarWinds.
But there are some champions trying to make the online world a safer place. Our inaugural Forbes Cybersecurity Awards celebrate their achievements.
Outstanding Firm: Dragos
Cyberattacks are a threat to the world’s power supplies and critical infrastructure. Just ask Ukraine, which was subjected to two attacks that knocked out power supplies in the last decade. Dragos specializes in stopping these attacks, and it’s gaining plaudits for securing this crucial niche. In December, it announced $110 million more in funding, in a round led by National Grid Partners and Koch Disruptive Industries.
Best Product: Corellium
Emulating Androids and iPhones inside a computer turns out to be incredibly useful to anyone testing the security of the devices and to app developers making sure their tools work properly before putting them out into the world. Apple hates it, though. The Cupertino giant is suing Corellium, an eight-person startup that creates “virtual” versions of smartphones for testing. Apple alleges Corellium is violating copyright by copying iPhones, a charge the Florida-based company is vigorously defending itself against.
Most Intriguing Newcomer: Greynoise
This startup filters distracting “noisy” alerts from security tools. Founder Andrew Morris says that helps companies to stop “chasing ghosts” so IT doesn’t waste hours looking into an anomaly that wasn’t a real threat.
Disruptive Innovator: R2C
This company, which has the backing of Sequoia Capital and Redpoint Ventures, is the creator of Semgrep. It’s a static source code analyzer, which might not sound sexy but helps app developers identify weaknesses in their tools on an easy-to-understand platform. Two of the three cofounders coded for Palantir, so R2C packs some serious technical chops.
Annus Horribilis: Twitter
In July, Twitter’s security mechanisms were bypassed by hackers who took control of high-profile accounts belonging to Bill Gates, Elon Musk, Kanye West, Barack Obama and others to promote a Bitcoin scam. Given the impact, it might have looked like a group of elite cyberspies carried out the attack. But in reality, it was coordinated by a teen in Florida, according to U.S. investigators. Any company can be hacked, but this was a big black eye for a social media giant that spends vast sums on security.
Forbes Forecast: Prolonged post-pandemic surveillance
There will be two after-effects of the pandemic on the worlds of security and privacy. First, companies will have to continue to allow workers to operate from home securely as they realize employees prefer flexibility. More worryingly, the necessary surveillance to track the spread of the coronavirus will become normalized, even after vaccines have put an end to the disease’s spread. Expect governments to say continued surveillance is necessary to keep future pandemics at bay and privacy advocates to argue they’re prolonging the snooping for their own Orwellian reasons.