Sign in Subscribe

Evolution of Cyber Protection

By Vestigo Envisions —

With Great Power Comes Great Responsibility

"Data is the pollution problem of the information age, and protecting privacy is the environmental challenge."

- Bruce Schneier

If you are worried about AI and the speed with which it's changing many ways we work, we think you should be equally concerned about protecting the data and results of its work. This quote from cyber expert Bruce Schneier captures it well. At Vestigo, we love startups trying to tackle both of these issues: having clean data for the algorithms involved to use as well as defending the environment.

As new AI-enabled companies are being built, the best thing for us to recognize is the resulting need to create industrial-grade protected environments for their solutions. Knowbl is a very good example of this in Fund II. Namely, they provide customer care solutions that are built on the same intense success of ChatGPT but with an easy-to-use plug and play approach and, most importantly, all in a way that allows their customers to know their data is protected.

As investors, our job is to dig into these new technologies and gain insights into not only how they may change an environment but also how they create new risks. These new risks are no reason to run away from the opportunity, but it is very telling if the entrepreneur really understands the impact they will have on a client's environment and has a solution for it.

-Mark & Dave

In this episode of the Vestigo Ventures FinTech Podcast, Frazer speaks with Austin McChord and Carlson Choi, co-founders of Cork, a cybersecurity solution for managed service providers (MSPs).

Austin is a relentless entrepreneur whom many of you will know as the founder and CEO of Datto, which was recently sold to Kasaya for $6.2B. He is also a founder at Casana (a medical device company where he is the CEO), Havoc Robotics, Outsiders Fund, and serves on the boards of Zorus and Shelf. Most importantly for this episode, he is a co-founder and chairman at Cork.

Carlson is a co-founder and CEO of Cork. Prior to founding Cork, Carlson held technology leadership roles at Datto, Superluminal, Jack in the Box, Jollibee Foods Corporation, Mattel, and Activision Blizzard. He has dedicated his career to launching disruptive industry products and solutions from the earlier days of online digital gaming, digital to life toys, and mobile food ordering.

💡
Check out the full episode on either Apple Podcasts or Spotify using the links below!
‎The Vestigo FinTech Podcast: #9: Cyber Protection for MSPs with Austin McChord & Carlson Choi, co-founders of Cork. on Apple Podcasts
‎Show The Vestigo FinTech Podcast, Ep #9: Cyber Protection for MSPs with Austin McChord & Carlson Choi, co-founders of Cork. - 6 Jun 2023
Apple Podcasts

Thinking About Tomorrow Today: A Cyber Security Framework

Cybersecurity plays a crucial role in protecting digital systems, networks, and data from unauthorized access, theft, damage, or disruption. It involves a set of practices, technologies, and processes designed to safeguard computers, servers, mobile devices, electronic systems, and the information they store or transmit. As early-stage investors, we seek to understand how founders think about and demonstrate incorporating a cyber security and compliance framework. We share our experiences and encourage a top ten approach:

  1. Risk Assessment: Conduct a thorough evaluation of potential risks and vulnerabilities your company may face, focusing on protecting valuable assets like customer data and trade secrets.
  2. Implement a security mindset: Cultivate a culture of security within your organization by prioritizing cybersecurity, implementing strong password policies, regular updates, and educating employees about common threats.
  3. Develop a cybersecurity strategy: Create a comprehensive strategy tailored to your company's needs, including network security, access controls, encryption, data backups, and incident response plans.
  4. Secure your infrastructure: Ensure your network and systems are adequately protected by using firewalls, anti-virus software, encryption, and regularly updating software and firmware.
  5. Employee training and awareness: Provide cybersecurity training to employees, educating them about phishing, social engineering, and safe online practices. Foster a reporting culture for suspicious activities or incidents.
  6. Data protection and privacy: Understand the data protection regulations and requirements relevant to your business and ensure compliance. Implement measures like encryption, access controls, and data classification to safeguard sensitive information. Develop a privacy policy that outlines how customer data is collected, used, and protected.
  7. Third-party risk management: Assess the security practices of any third-party vendors or partners you work with, particularly those who handle sensitive data or have access to your systems. Implement contractual agreements that outline security requirements and regularly monitor their compliance.
  8. Incident response and recovery: Develop an incident response plan to effectively handle cybersecurity incidents. This plan should outline the steps to be taken in the event of a breach or other security event. Test the plan regularly and make necessary updates based on lessons learned.
  9. Stay updated: Stay informed about the latest cybersecurity threats, trends, and best practices. Join industry forums, subscribe to cybersecurity newsletters, and engage with cybersecurity professionals to stay ahead of potential risks.
  10. Complete a SOC 2 audit: A significant component of the audit focuses on assessing the effectiveness of an organization's security controls. This includes measures such as network security, access controls, encryption, vulnerability management, incident response, and monitoring. The audit evaluates whether these controls are properly designed and implemented to protect against cybersecurity threats.

A cyber, disaster recovery, and compliance framework is important because it safeguards sensitive data, prevents financial losses, maintains business continuity, preserves reputation and customer trust, ensures regulatory compliance, and mitigates emerging threats. It is an essential aspect of business operations in an increasingly interconnected and digital world. As former operators, we have seen a few things that help us think about tomorrow today. We have all learned that while you cannot predict the threat landscape, you can prepare.

Cheers.

- Ian

In light of staying prepared, here are some additional references that may be useful:

SEC Proposes Slate of New Cybersecurity Regulations. Is Your Firm Ready?
The SEC is continuing its focus on cybersecurity regulations by announcing three new proposed rules and re-opening the comment period
Corporate Compliance InsightsBaker Donelson
Home Page | CISA
Cybersecurity & Infrastructure Security Agency America's Cyber Defense Agency
2023 Hotline & Investigation Management Benchmark Report
Use data from peers to maximize the ROI of your compliance program Gain Actionable Insights 2023 Hotline & Investigation Management
Corporate Compliance InsightsCorporate Compliance Insights
How to Tell if Your Passwords Were Hacked—and What to Do if They Were
Discovering that even one password has been possibly stolen can be unsettling. But what’s the game plan if you’ve used that password on dozens of sites?
The Wall Street JournalDalvin Brown

AI Meetup

Nick, Chris, Frazer and Kelly at the AI Meetup hosted by 186 Ventures and Founder Collective in May.

Spotlight on Angel Investing

A snapshot of the event surrounding the early-stage FinTech ecosystem hosted by Mass Fintech Hub.
Ian joined by moderator Siobhan Dullea of Innovate@BU and fellow panelist David Chang of Hunt Club and TBD Angels.

Portfolio Updates

Alloy Named to the Forbes Fintech 50 2023

Riding the momentum of a successful Series C and global expansion in 2022, Alloy continues to turn heads in the new year! Check out the full publication here.

The Future Of Wall Street: Fintech 50 2023
Innovative firms serving the back office needs of Wall Street and other large enterprises continue to prosper. One promising area for startups: fraud prevention.
ForbesHank Tucker

Oliver Belin Honored with Most Influential CEO Award

Calculum's CEO and founder, Oliver Belin, was awarded the Most Influential CEO Award for Supply Chain Financing by CEO Monthly as part of their Global CEO Excellence Awards 2023!

Oliver Belin Honored with Most Influential CEO Award | Calculum
Oliver Belin, our CEO and Founder , had been honored with the prestigious ‘Most Influential CEO Award for Supply Chain Financing’ in Florida. | Calculum
Calculum

Retirable Partners with The Medicare Geek

Retirable partners with the company that specializes in training and supporting insurance agents help consumers navigate their Medicare decisions, helping Retirable to offer a more holistic retirement solution.

Retirable And The Medicare Geek Partner To Empower Medicare Consultants With Health And Wealth Services
Discover why Retirable and The Medicare Geek are partnering to empower Medicare consultants with value added services across the health and wealth spectrum.
RetirableRetirable

Roots Automation Introduces InsurGPT

Roots Automation has released a generative AI model, using proprietary, fine-tuned LLMs and trained specifically for the Insurance market, to expand the capabilities of Digital Coworkers.

Roots Automation Introduces InsurGPT (TM) - World’s Most Advanced Generative AI Model for Insurance
InsurGPT(TM) further expands the natural language capabilities of Digital Coworkers by utilizing proprietary fine-tuned Large Language Models (LLMs) - designed specifically for Insurance…
World’s Most Advanced Generative AI Model for InsuranceMay 10, 2023

Interesting Reads

Ignoring Cybersecurity Is Intellectually Dishonest
The latest report by cybersecurity firm Sophos showed how 97% of organizations suffered a breach in the last year.
ForbesEmil Sayegh
AI in cybersecurity: Yesterday’s promise, today’s reality
Why AI will drive more speed and accuracy in security and give defenders an edge.
MIT Technology ReviewSridhar Muppidi, IBM Fellow and CTO IBM Security
Successfully deploying machine learning
By focusing on data, value propositions, and talent, enterprises can get ready to take the next step beyond experimentation.
MIT Technology ReviewMIT Technology Review Insights

Apply to One of Our Portfolio Companies!

Looking for an exciting new opportunity in Fintech, InsurTech or ML? Check out the latest openings at our incredible portfolio companies!
Vestigo Ventures Job Board
Search job openings across the Vestigo Ventures network.
Manifesto Portfolio Team Jobs


Our mailing address is:
 Vestigo Ventures
1 Kendall Sq Ste B2101
Cambridge, MA 02139-1588

Add us to your address book

DISCLAIMER: The information presented in this newsletter is intended for general informational purposes only and may not reflect current law or regulations in your jurisdiction. By reading our newsletter, you understand that no information contained herein should be construed as legal, financial, or tax advice from the authors or contributors, nor is it intended to be a substitute for such counsel on any subject matter. No reader of this newsletter should act or refrain from acting based on any information included in, or accessible through, this newsletter without seeking appropriate professional advice on the specific facts and circumstances at issue from a professional licensed in the reader's state, country, or other appropriate licensing jurisdiction. This newsletter and its content should not be considered a solicitation for investment in any way.