Bad guys lurking in the shadows of the “dark web” have proven that they can sneak into data systems no matter how many cybersecurity walls are built to stop them.

While many businesses may feel like waving a white flag, the great white hope of cybersecurity is a young Israeli company focused on preventing cyber thieves from stealing critical data on their way out of a system.

In technical terms, enSilo provides a real-time data exfiltration prevention platform. It’s exactly the kind of technology that could have prevented hackers from stealing confidential and embarrassing information from entertainment giant Sony in November last year, and also could have stopped hackers making off with the data of millions of payment cards from customers when US store Target was among 1,000 or so businesses hit in a hack just over a year ago.

The company named for “siloing” malicious attacks is “the only company in the world currently stopping threat actors already on the inside from inflicting damage and stealing valuable data,” Roy Katmor, cofounder and chief executive of enSilo, tells ISRAEL 21c. “We prevent the consequences of data exfiltration and data ransoming.”

 Data stealing has reached massive proportions. Image courtesy of enSilo
Data stealing has reached massive proportions. Image courtesy of enSilo

Katmor, a veteran security market strategist, likens his company to health professionals and operating systems to chronically ill patients: Just as treatment can control the disease and increase longevity, organizations must keep dosing a persistently compromised network.

He says a malicious attack is “not a virus; it’s a chronic disease. You have to understand that you can control it but you cannot cure it. This is the analogy we give to customers and for many it’s very hard to accept.”

Organizations that invest only in attack detection will continue to be compromised, warns Katmor. And that’s why investors and technology experts, as well as financial, insurance and healthcare companies, are putting their trust in this startup that came out of stealth mode in March with a $10 million Series A funding round. The top management hails from companies including Imperva, Akamai, EMC and Rafael.

“We don’t think [hack attacks are] a one-time thing. You always need to assume that you’re compromised,” says Katmor about enSilo’s mission to “shift the model from trying to block inbound threats to concretely stopping attackers already on the inside from taking sensitive data out.”

Business as usual

While enSilo’s technology is blocking malicious outbound communications, employees can continue working as usual even if their devices are infected. And rather than being alerted over and over again to every security breach, they receive only a single alert if a threat attempt is detected on exfiltration.

“We do prevention in real-time of a bad communication going out. We don’t look in; we only look out. It gives you the ability to carry on business as usual even on a compromised device,” Katmor says.

This unique technology – which has virtual patching against targeted attacks — is being praised by security specialists as a game-changer in the cybersecurity field.

“Organizations today are under constant and chronic attack at some level. All are faced with the real threat of their most valued resources being stolen through one or more of a variety of sophisticated methods. Defending against data exfiltration is at the core of security prevention and should be considered for any environment to mitigate these threats while maintaining ‘business as usual’ operations,” said senior information security executive David Monahan of Enterprise Management Associates in Colorado.

Katmor says his team of 30 people has many more surprises on the way as it delivers an updated product in the first quarter of 2016, addressing specific needs customers have communicated.

enSilo’s team of 30 people has more surprises on the way. Photo: courtesy
enSilo’s team of 30 people has more surprises on the way. Photo: courtesy

There is no doubt that enSilo’s “change of approach” will spur copycats. But as the saying goes, imitation is the finest form of flattery. “I’m not worried; in a way, it’s a market validation. It’s a confirmation that we’re on the right path,” Katmor tells ISRAEL21c.

In August, the company – with its R&D in Herzliya and headquarters in San Francisco — expanded its service to more operating systems. Financed by Lightspeed Venture Partners and Carmel Ventures, enSilo exhibited on the Startup Boulevard at the DLD Tel Aviv Innovation Festival in early September.

“We’re trying to be a big vendor. You’re going to see a lot more investing in the future — not the far future,” Katmor predicts.