How would you describe the best job in the world of security research? Would it be to work at the forefront of security research, diving into the bits and bytes of advanced malware and global threats, or to have a versatile job that can take you anywhere in the world.
Well – at Kaspersky Lab, and specifically in GReAT, you have both!
I’m a man of security and martial arts. I’ve had my share of both, and still have a lot to learn. While both are exciting and fulfilling, there is nothing greater than giving without expecting to get anything in return. Volunteering, in general, is something I personally put as one of the top priorities, but I have never had the chance to volunteer in a way that makes the world tick. One amazing opportunity to take a break from the day to day activities of hunting malware trends is exactly that.
I met Oleg Ishanov, former VP of our company, at the very beginning of what was called the Security Startup Challenge 2015. It was sunny in Jerusalem, the weather was fantastic and the Hebrew University became a host for security startups from all around Israel. We’ve seen amazing ideas and together we decided that I should join the team of mentors and set sail on a journey I never thought possible.
Participation badge at the SSC finals, MIT, Boston MA
On January 10th of this year, a mailbox started filling up with incoming requests to join one of the most exciting programs existing to-date in the world of security. The security giant Kaspersky Lab launched its lavish acceleration program and a team of mentors, including myself, took their seats on the front row, waiting for the most brilliant and innovative minds to take the stage and convince us that they deserve a spot in the Bootcamp. As the program continued, we found ourselves searching for startups who hadn’t even applied. Some of them came as an audience and stayed as competitors: and some of them even came only with a wild idea in their minds and made it all the way to the finals with their prototype all running! It was incredible.
From this moment on, a journey took place around the world. Kaspersky experts, mentors and other parties met the startups in their homelands and tried to understand whether they were acceleration program material or not.
As I mentioned earlier, first up was Israel. We met at the Hebrew University in Jerusalem. The weather was great and the hall was full of anxiety, excitement and the warm feeling of standing under the wings of the eagle in the sky of security – Kaspersky Lab. Jerusalem was just the beginning. After it the team visited Berlin, San Francisco, Moscow and, last but not least, Singapore.
From Jerusalem to Singapore – SSC first round
For almost 3 months, hundreds of startups took their shot at impressing the team and qualify for the program, but only 40 made it. And in May the list was closed and the 40 received an announcement that they were part of the bootcamp. As far as what some of them told me, it was an unforgettable moment. Although it took place after they had already met with some of the mentors, it was as if the journey had just started. Luxembourg was the next checkpoint; and while waiting for this bootcamp to begin, every 4-6 startups were assigned to one of the mentors, as a tracker. The tracker’s role was to track the decision makers and make sure they were making smart choices, and even to join the brainstorming to evaluate all other options beforehand.
Joining decision makers of a small startup and understanding their way of thinking is not an easy task. It is rather challenging to inspect the situation and analyze the decisions in real-time, assuring them that you have alternatives to offer.
As a tracker, I felt that the startups assigned to me had unique characteristics. Not one of them had an equivalent market. Medical security, social privacy, security through gamification and cyber assurance are all very divergent markets. They were still in the early stages, which meant that every day for them mattered, every decision was inspected to its root cause and future results, and every line of code was thought over in advance, to make sure we were prioritizing properly.
Startups were mostly caught up between marketing, branding, improving their technology and getting the interest of VCs and new leads, but I also found some who really struggled to understand if they are actually what they claim to be or should they pivot. Pivoting in general is not a bad thing, however it should be done with care and after the founders considered all other options before making any radical decisions.
Other startups had problems leaving their jobs and start full time; this is, without a doubt, one of the first things VCs are looking for – commitment. Another case that surprise me must was startups who rely on early acquisition and some of them are even confident in their decision to make their solution completely free.
The world of the startups is fascinating and full of surprises. One day is never similar to the next. You keep shifting and adjusting, tossing sketches and starting from scratch. As a tracker, you’re witnessing all that.
To The Bootcamp, And Beyond.
Every startup had to follow the program’s demands and present its progress every week in a Skype/Face2Face meeting with the mentors, called a board meeting (BM).
These meetings were a tool for the mentors to test the founders in real-time, ask questions and listen to a 20-minute speech which was followed by a strict presentation of nothing but facts. This analysis was enough for the mentors to grade each startup from a level of 1-10, and add relevant feedback for later assignments. Those who received the highest scores qualified to the next week of the bootcamp, and finally to the finals.
Bootcamp summary from PwC offices in Luxembourg
The bootcamp turned 40 startups into 11 finalists and after several weeks the announcement was made public. The startups who made it to the finals in Boston had to make sure they had everything prepared as they were about to attend a week of intense competition that included, among the rest our judges, doctors and professors of the institute where the finals took place – the Massachusetts Institute of Technology, also known as MIT.
The finalists were: Re-Sec, Excalibur, Pipe, ZeroDB, DriveWare, Security In Motion, SiteSecure, CTF365, Whispeer, Crypho and Keygo.
The finals took four days in total and the startups were crunched in a little room in E50 building’s 4th floor. The old brick building may seem quiet on the outside, but one specific room was full of innovative, forward-looking and mostly brilliant minds, which I personally admire.
4th floor, E50 building, MIT – Finalists listen to Sharon’s (SecInMotion) pitch
Three days went by fast as the startups were working non-stop. They practiced their pitch with Angelika Blendstrup and Gigi Wang, were tutored by Professor Stuart Madnik on how startups should approach CISO/CSO and finally had a session with me and my tennis balls, including a nice story on how I started juggling.
A Session With Me And My Tennis Balls
The third day was an absolute thrill. I had the opportunity of having a comic session with all the participants. The word ‘tennis’ is (and was in the session) in light grey, since the idea was to break the ice before the big finale. We sat in a semicircle and three tennis balls were virtual links I used in order to allocate questions to the founders who answered them. A program was running in the background of my laptop, displaying the acceleration program-related questions on a projector screen, and a one minute timer counting the allocated time to answer each one. Each time 10 seconds were left on the timer, I tossed the ball to a person in the circle to get ready for the next question. After breaking the ice, we all sat together and talked about every subject that rose to the surface.
My next talk was on the day after; a speech that was combined with moderating the final keynote pitches of each startup, right before the big announcement about the winners. At 10AM of the final day, Christel had opened the day with moderating the 5-minute pitch which included questions from the audience. First row were our judges from MIT – Prof. John R. Williams, Associate Prof. Nickolai Zeldovich, Mr. Michael Coden, Prof. Stuart Madnick and Dr. Abel Sanchez.
Since it’s the last day we had to first pick the winners – without question a tough decision to make!
It was a complete honor to sit side by side with them and share thoughts on the final winners. It was also tough to convince them which one deserved the better chance.
We picked the top five and started moving from there towards the top 3.
It came to a point where each one of the judges and mentors had his favorite startup and was not about to give up on it. Judges from MIT decided to make a surprising move and announced two startups as “Honorable Mention”, which is a much respected rank from MIT and will gain the startups who won it (Whispeer and CTF365) the media coverage they need and the opportunity to accomplish a big step forward in penetrating their market.
As the sun set on the final day, the view from the 6th floor of the media lab building was stunning. The Charles River that splits Cambridge from Boston is a view from the building’s wooden balcony that you can’t ignore.
Next up was Natalya Obelets, Deputy Head Of Education Initiatives and Christopher Doggett, Managing Director of Kaspersky Lab North America. Keynotes were done and it was my time to take my place.
The view from the balcony in MIT Media Lab
Warm up story and we’re off
In almost every speech I give I try to bring a personal story to wrap the main idea of what I’m about to deliver to the audience. This time I thought about creating a presentation, but an incident with my older daughter in the hotel pool changed my mind and I decided to go freestyle.
At first I had to speak about what had happened. My daughter, who waited for me in the hotel room with her sister and mother every day, was excited to see me coming back to lunch break on the last day. She reminded me that I had promised to take her to the pool. I changed in to my swimsuit quickly, as all the startup founders and mentors were still busy with the finals, and rushed to the pool. She was so excited that she almost drowned in one of her jumps in to the water, while I was floating around deep in thought about my speech. That was the moment when I knew I needed to speak about mistakes.
Security Startup Challenge day of announcements
The people in the front row of the room had hundreds of years of experience, while professors from MIT were gazing at the big screen TV that had nothing but the SSC logo on it. I started talking about mistakes. Why are they so important? Isn’t it obvious? Well, for some of us, expectations are so big that we forget to remember the experience we gain in the privilege of making mistakes. Everyone makes them; it’s inevitable and is the most basic factor that differentiates us from a machine. I was mostly sharing experience from the program, rather than speaking about generic mistakes. One startup, for example, wanted to penetrate its market in Singapore. They struggled their way through middle-men who were after their money rather than their success. “Surprise, surprise”, I told them – we have here startups from Singapore, why not just sit together and bridge this gap without the middle-men?
They acted like a train with no stops – one source, one destination. But the answer lay under their noses. Others made mistakes in how they presented their startup to the board, and some made mistakes around prioritizing tasks.
Speaking at the finals – freestyle about mistakes and how to embrace them
In a three- minute freestyle pitch, each startup had to present, for the last time, its agenda, before major people that had come to the event specifically to meet their next investment. MIT also hosted TV crews and interviewed each founder for local and external publications.
We’ve seen a lot during the program and learned as we went. The most important idea was to keep it simple. Open your mind and make sure you have all the options laid on the table. Research, consult, decide, act, analyze results and prioritize interactions – and never forget to smile while doing each of the above! We are here for the journey as well, not only for the goal.
With that in mind, I passed the mic to my colleagues and we continued with some word of advice to consider as a startup and when joining such a program. We got amazing feedback from startups, ground teams and judges from MIT. I would like to acknowledge my team of mentors for having me on board this journey and giving me the opportunity of influencing the world of security in such way that is most crucial today – innovation.
Team Of Mentors & Education: Oleg Ishanov, Eugene Barulin, Nickolai Mityushin, Ilya Antipov, Ilya Kuznetsov, Alena Gilevskaya, Veniamin Ginodman, Natalya Obelets and Christel Gampig-Avila.
Security Startup Challenge 2015 Winners: Excalibur, Pipe, ZeroDB & DriveWare
I hope to see each one of the startups become a successful business, a market game changer and a role model to learn from. It was a pure privilege working with them.
I also wish all the best to the winners. And we hope to see new innovations and brilliant minds in the next program.
Source: Kaspersky