Safeguarding the integrity of the energy industry with Vicarius
In our digital-first climate, technologies are growing fast in terms of volume, sophistication and complexity – and meanwhile, so is cybercrime. According to Accenture, the amount organisations spend on cybersecurity is expected to grow to US$125 billion by 2020, a figure dwarfed by the projected US$90 trillion cost of cyberattacks by 2030. So it is no wonder that building cyber resilience has shot up the agenda in boardrooms worldwide in recent years. The stakes are getting higher and a culture of mere tick-box compliance will no longer suffice. Executives need to do more to ensure that their most valuable assets are safe within their corporate walls.
The need to bolster digital defences is especially critical in the energy world, which is undergoing rapid digitisation and in constant transition. The industry is becoming increasingly complex with growing numbers of consumers, prosumers and third-party apps, not to mention billions of interconnected devices. The World Energy Council noted in its recent World Energy Congress report a “massive” increase in the number of successful cyberattacks in recent years, and raised concerns that the industry may be unprepared to deal with the rising threats.
As we decarbonise, more data is flowing from distributed energy resources, such as wind turbines, solar panels and other decentralised energy storage and generation systems. These added grid-connected infrastructures introduce vulnerabilities for attackers to exploit. Essentially, the scope of cybersecurity must be extended beyond its traditional perimeters to support our shift to a green economy.
At innogy Innovation Hub, we support companies that are tackling the energy industry’s new and emerging cybersecurity needs with next-generation technologies and business models. That’s why we recently participated in a US$5 million investment in Jerusalem-headquartered Vicarius, the world’s first cyber security platform to offer clients proactive attack mitigation strategies for software vulnerabilities in real-time. Founded in 2016, Vicarius’ proprietary Vulnerability Assessment (VA) technology uses machine learning to detect exposures in software before hacks occur, and offers customers built-in, immediate solutions and prioritisation tools in a functional ‘risk-snapshot’ dashboard to securely reinforce threat zones.
The funding will be used to accelerate Vicarius’ international growth and operating scale. It will also be used to build out the company’s product offering, making it available to more clients across multiple industries, and to develop its new Tel Aviv and East Coast US offices. The funding round was led by Jerusalem Venture Partners with Goldbell also investing.
“We are pleased to announce our investment in Vicarius. We are impressed by the team and the sophistication of their technology for Vulnerability Assessment and Management. This technology has the potential to safeguard the integrity of many industries, and it’s of increasing strategic importance for the energy sector. As systems become increasingly software-enabled, complex and IoT connected, and as decentralised energy paradigms gain popularity, security defence systems such as Vicarius that can scale across diverse and expanding infrastructures and networks represent the next generation of cybersecurity.” – Christof Kortz, Head of Strategic Cyber Security Venturing at innogy Innovation Hub
“Despite the increasingly sophisticated nature of cyberthreats and software weaponization, little has changed in over a decade in the management and ‘patching’ or upgrading systems against cyberthreats. Unlike current approaches that reactively map out potential threats based on pre-existing vulnerability data, Vicarius’ algorithm maps predicts vulnerabilities and potential zero-days based on live attack scenarios, offering an elimination pathway suitable for the zero-day malware era.” – Michael Assraf, CEO & Co-Founder at Vicarius
Vicarius is the first solution in the world to detect vulnerabilities in software before a hack takes place. The system uncovers known and yet-to-be-discovered threats, prioritizes them based on the business context, and automatically protects the software with or without installing security patches. Amid growing cybersecurity risks, companies don’t have control over vulnerabilities in the software they buy. Vicarius’ approach to application protection is an innovative way to secure software without having its source code, installing a patch or involving the vendor. Vicarius was founded in 2016 by three Israeli entrepreneurs from the information-security industry and is headquartered in the JVP Media Quarter in Jerusalem. https://www.vicarius.io/