Human cyber security platform founded by professional hackers CultureAI has raised $4m in seed funding.
The investment was led by Senovo and saw participation from new investors Conviction alongside existing investors Passion Capital. Angel investors Paul Forster (co-founder, Indeed) and Guntram Friede (head of marketing, EMEA salesforce & MuleSoft) also joined the round.
CultureAI said it will use the additional capital to accelerate its product development and to expand into new markets. The company said it will also be expanding its commercial and technical teams in its Manchester city centre office, located within minutes of half a dozen cyber security organisations, including UK government intelligence agency GCHQ.
Founded when professional hacker James Moore saw even the best security awareness training making no difference to attackers’ ability to compromise organisations, CultureAI is being adopted by a rapidly growing number of organisations to identify and prevent security incidents caused by employees.
Moore explained that professional hackers gain access to organisations’ data most commonly as a result of human behaviour or error.
“As an example, multi-factor authentication (MFA) is often touted as a key cyber defence – yet we find that an average of 32% of employees accept MFA authentication requests sent by attackers, essentially opening the door for them. The traditional awareness training approach simply doesn’t improve behaviours like this – hacking people is still too easy,” he said.
The common approach to security awareness for employees today, Moore said, is to provide generic training videos, offer multiple choice quizzes, and then to expect employees to be “perfect”.
CultureAI offers a coaching, rather than training, approach. Moore said, “We built CultureAI to detect human security risks and automatically use those insights to drive technical interventions and coaching – not simply ‘train’ people. It’s a very different way to managing human risk.”
Jon Stokes, chief technology officer, said within minutes the platform can detect human security incidents across an organisation and combine those events with machine-learning to automatically drive cyber security coaching programmes that are tailored to each employees’ cyber strengths, weaknesses and job role.
“The result is people preventing breaches, instant responses to protect people when security incidents occur and the ability to measure security behaviour improvement – something awareness training has never managed,” Stokes added.
Copyright © 2021 FinTech Global
Copyright © 2018 RegTech Analyst