Face-to-Face with our Portfolio: Vicarius
Meet Vicarius, the world’s first cyber security platform designed to offer clients proactive attack mitigation strategies in real-time. This Jerusalem-based start-up was founded in 2016, born from the vision to protect users against the software vulnerabilities that cause approximately 90% of the cyber-attacks worldwide.
Vicarius’ proprietary Vulnerability Assessment (VA) technology uses machine learning to detect exposures in software before hacks occur, and offers customers built-in, immediate solutions and prioritisation tools in a functional ‘risk-snapshot’ dashboard to securely reinforce threat zones.
In our latest Face-to-Face interview, we sat down with Vicarius CEO and Co-founder Michael Assraf to discuss how this Israel start-up is safeguarding our increasingly digitised energy systems, as well as to explore their role as firms adapt to the current COVID-19 pandemic.
Can you tell us a bit about what your company does, what problems you solve for your customers and what you are focusing on at the moment?
Michael Assraf: Modern organizations usually have multiple security tools – anti-virus software, firewalls etc. – but at the end of the day, they are running a growing number of software services internally. Even if they have the most advanced security tools, they are exposed to approximately 1,100 new software vulnerabilities every month, opening the business to massive threats. The only way to handle this risk today is by keeping the software up-to-date. That’s where Vicarius comes into play – we provide organizations with a clear strategy to secure software they own or run, with or without the need to wait for the vendor response.
Why do you see cyber security as an important enabler for a utility and which challenges do you foresee for utilities going into a digitised and decentralised energy system?
Boaz Kantor: I think the two are very much connected. Utilities and the energy system more generally are growing potential targets for cyber-attacks. As evidence of this, we’ve seen recent large-scale disruptions to the industry including a first-of-its-kind cyber-attack on the U.S. power grid last year and hacks to Ukrainian utilities in 2015 and 2016 that resulted in long-term outages. The threat surface will only increase as we shift to smarter grids and the IoT rapidly expands; this requires a new breed of cyber security companies to protect it.
Why did the Innovation Hub invest in Vicarius? What did you see in the company in particular and how does it fit with your strategy?
Lisa Cohen: We were impressed, first of all, by the team, followed by their technology. Michael and the other two co-founders, Roi and Yossi, have formed an excellent team and their own backgrounds are first class. On the technology side, Vicarius’ Vulnerability Assessment and Management has the potential to safeguard the integrity of many industries, particularly the fast-changing energy sector. The drive towards decentralised and digitalised energy will converge IT and OT (Operating Technology) systems. The IT environment will likely be the easier point of entry, and this makes Vicarius’ technology, which is capable of identifying vulnerabilities in IT environments before hackers do, a crucial layer of defence in any energy system.
Especially in Israel, there so many investors that invest in cyber security technologies. Why did you choose innogy Innovation Hub as an investor?
Michael Assraf: The Israeli cyber security start-up ecosystem is very mature and we have many VCs that specifically invest in cyber security companies. Our seed round was led by Jerusalem Venture Partners, a top-tier cyber security VC. We also wanted to have a strong corporate VC that would allow us to form a new use case of our solution, and innogy Innovation Hub is probably the best partner we could possibly have.
Can you tell us about your approach to giving growth support to Vicarius?
Lisa Cohen: The team here in Tel Aviv is already supporting Vicarius’ growth, and we knew from the start that we wanted to support their international expansion. Similar to our other cyber security portfolio companies, we introduced Vicarius to innogy, and are connecting them to experts in Sales and Business Development. In addition, despite the difficult situation with COVID-19, we are actively working in the UK to connect them to selected potential customers, as well as other relevant contacts that can support their growth from our network.
What makes innogy Innovation Hub unique compared to other investors (VCs or other corporates)?
Michael Assraf: Most of the foreign corporate VCs in Israel will have one or two partners to look for new investments. Many times, this structure makes it harder for them to push their portfolio companies internally because their first two priorities are scouting start-ups and running current investments. innogy Innovation Hub’s presence worldwide is impressive. Their scale means the team can support almost every aspect of our business – from marketing, to business development, to funding and more.
How is Vicarius supporting the digitalized business models of companies across various industries and when do you expect exponential growth for your business?
Michael Assraf: The process of disclosing and fixing software vulnerabilities today is largely handled by legacy solutions. With the lack of next-gen platforms in this field, Vicarius shines with a product that fits multiple environments like cloud infrastructures, endpoints, PoSs, internal servers and pretty much everything in between. The fact our platform is cloud-first and cloud-native, we are able to grow even if companies move to decentralized or working from home models, which is exactly what we’re seeing now –more and more companies are deploying Vicarius to secure their remote telework force.
Can you provide some concrete examples of how the innogy Innovation Hub has provided growth support/cooperation?
Michael Assraf: Our product was released in the last quarter of 2019. By that time we were exploring ways to build our sales operation, and Lisa Cohen, Investment Director at the innogy Innovation Hub Israel team, who is also an observer at the Vicarius Advisory Board, was instrumental in arranging meetings for us with sales thought leaders and high-ranked officers. Her knowledge and connections saved us time and money and made our targets more achievable.
With the huge increase in people working from home as a result of the Covid-19 pandemic, cyber security issues have been in the spotlight. How is Vicarius supporting businesses and employees in this context? How has the market changed and how are you responding to the crisis in terms of the products/services you offer?
Michael Assraf: A few pieces of research have been conducted to explore security officers’ primary concerns during the COVID-19 crisis. These consistently show that remote endpoints security is one of the top concerns. To answer this growing need and share our empathy for companies that have been hit hard by the impact of COVID, we are now offering our product free for two months, or until the business recovers. One of the things that strengthened our decision to do so was the vast increase (30%-40%) in cyber-attacks against seriously hit COVID-19 countries. We want to be there to support them through this crisis.
To learn more about Vicarius, visit their portfolio profile here.