GamaSec provides a unique combination of cybersecurity, remediation-as-a-service and financial assurance to minimize the risk of website attacks for small and medium-sized businesses, to help them gain the same security and resilience as large enterprises. In this interview, GamaSec CEO Avi Bartov introduces the company’s solutions to website security and offers some valuable tips for keeping your online assets safe.
Please describe the background and vision behind GamaSec
I founded Gamasec with Ziv Kamir CTO and Lior Rachmani COO over a decade ago with the original purpose of providing IT security consultancy services to customers in Europe. For more than 10 years now we have been providing those services to our customers, who are mostly Fortune 500 companies in Europe such as The Rothschild bank, TetraPack, Carrefour, Quick, and many others.
For six years, I had to travel on a weekly basis from Europe to Israel and back. I figured there must an easier way to do this. I was a big believer in SaaS and was convinced that the next best thing would be the web, not only for e-commerce but for any business, as a means to provide information to its customers, partners, and employees.
Based on that, we took all the know-how that we had gathered over the years and created our own technology: an automatic virtual hacker, in order to provide a Web application scanning software as a service.
Very quickly we saw that a scanner is not enough as a standalone solution, so we added a malware detection scanner, which allowed us to cover the entire detection panel, with application scanning and malware detection.
The company was oriented to the SMB market, in which customers were demanding not only detection tools but also the prevention of future web attacks. We partnered with a Korean company to provide an application firewall and DDoS detection solution, and both are offered to our customers through the arsenal of services that we provide. With that, we provide a 360-degree cyber web solution.
In 2017 we made a strategic decision to create alliances and partnerships with insurance companies. We realized that cyber insurance is going to be more and more involved in the lives of companies worldwide. As most insurance companies do not have the background or the expertise in order to provide this kind of service, a partnership between a cybersecurity company and an insurance company was the missing piece.
We created partnerships with three insurance companies: Assurant, CNA Hardy, and BFL/Zurich insurance, who are integrating our solution in all of their cyber-insurance policies and provide it to their customers free of charge. They recognized that by using our tool they are not just minimizing the risk but are also increasing their clients’ awareness of how they handle sensitive information.
We are now going to launch another alliance with BFL, a Canadian Broker, whereby all cyber-insurance customers will be covered by GamaSec’s integrated solutions, and get a 10% discount off the cost of their insurance provided by Zurich insurance.
We received the Best Scanner Award at Cybersecurity Excellence awards in 2018 and at AI Cybersecurity Award in 2019.
According to your website, “Web applications are the biggest Achilles heel in an organization’s security strategy.” Why?
The advantage of the internet is that you have access to a website 24/7. All you need is a computer and an internet connection, but it also presents a security problem: hackers, too, can connect and have access to any web service.
The majority of hacks begin with a bulk attack on lots of different websites. When they identify a vulnerability, they go deeper in order to explore the attack and see if that website is worth hacking into. That’s why the website is the bridge between hackers and companies, a bridge between the person sitting on their computer and your company database.
Most businesses apparently do not believe they are at risk of losing one of their most valuable assets, which is customer data, to cybercriminals. Anyone who reads the daily news knows that it is a foolish gamble to make.
Once you are logged in to the website, you are connected to the company’s database. That’s what hackers are using in order to execute their criminal actions.
The last report by the US National Cyber Security Alliance showed that in the SMB market, more than 50% of businesses that were under attack went out of business within six months. This proves just how important cybersecurity is.
What are the most fundamental precautions that any website owner should take to protect their data?
If your website doesn’t have any vulnerabilities, the attacker will move to one that does. Be sure to constantly update your applications to prevent your exposure to known threats.
Additionally, an application firewall would place a shield behind your website to block any unwelcomed users. Those two services can provide a very high level of security and make the hacker lose interest and move on to the next website.
Which data protection technologies do you find to be the most intriguing these days, and why?
I think the next generation of cyber tools is tools that have the capacity to provide real-time answers – tools that are able to detect hackers in real-time and identify if its a human or a robot, and to stop the attack in real-time. We are working on this kind of solution, based on deception elements, to provide a real-time answer and to detect, monitor and stop attacks in real-time. This is what we are going to see in the future on the market.
It’s now time to employ tools that provide comprehensive protection by detecting in real-time and closing vulnerabilities that hackers look for when targeting their next victim
What are your near-future plans for GamaSec?
We believe very strongly regarding the APAC market and have recently created alliances with Japanese and Singapore partners. We strongly believe that the next market for us, after the US, is Asia and Japan.
Our goal is to replicate the success we had with insurance carriers and to create more Insurtech alliances and partnerships. We are one of the first companies to offer a pre-breach cyber solution and create this kind of alliance, minimizing the risk that insurance companies are taking and providing it to their customers for constant monitoring of potential cyber risks