Canada’s Cybersecurity Startups Securing the Future with AI
Canadian businesses of all sizes and types find themselves confronted with an ever-growing challenge. Keeping our sensitive data safe – including communications, client and employee personnel information and confidential business critical information like customer data and IP – becomes increasingly difficult as the speed and frequency of cyber attacks increase. In just two years, the number of password attacks detected by Microsoft has risen from 579 per second to more than 4,000 per second, illustrating the need for new strategies to keep pace.
AI is at the forefront of this change, helping overburdened IT teams of all sizes to detect threats, respond quickly to neutralize risks and create tailored defense options for an organization’s needs. But staying ahead of bad actors who are also leveraging AI to bolster their attacks means working collaboratively to drive innovative solutions. It has never been more critical for Canada’s cybersecurity community to design, deploy, and use AI securely.
Some of the most exciting and inspiring innovation in the use of AI for cybersecurity comes from Canada’s thriving cybersecurity startup community. From advanced threat detection and response systems to secure communications platforms, these startups are essential, nimble collaborators pushing the boundaries of what is possible in cybersecurity both here at home and around the world. Through support programs like Microsoft for Startups and BizSpark, Microsoft collaborates with cybersecurity innovators across the country who are leveraging Microsoft AI technology to create security solutions that keep us all safer online.
Canadian cybersecurity startups like Beauceron Security, Flare and Penfield.AI demonstrate the kind of forward-looking application of AI that is required to give the defenders an edge over the attackers.
BEAUCERON SECURITY
Location: Fredericton, New Brunswick
For most busy professionals, taking a cybersecurity training course is not at the top of their to-do list, but cyber smart education for every employee is crucial to the security hygiene of any organization, especially given that human error accounts for 46% of all cybersecurity incidents.
Beauceron Security, born out of the University of New Brunswick, takes a unique gamified approach to cybersecurity learning that is not only dramatically effective in decreasing susceptibility to common cyber attacks – it may even be fun. Built into your existing productivity applications, Beauceron gives employees incentives for positive cyber safe activities, like recognizing and reporting phishing attempts. These reports generate a personal cyber risk score to motivate future action. But Beauceron’s CEO David Shipley notes that the goal isn’t getting a perfect score (anyone and everyone can fall victim to a sophisticated scam), it’s about helping everyone on your team to understand their important role in supporting a strong cybersecurity culture.
Beauceron uses AI to analyze the emails reported by employees, sifting through up to 60,000 suspicious emails a month to determine which flagged emails are suspicious – a system that is 85% accurate at identifying phishing. Employees can also receive contextual feedback using AI analysis, helping them to identify next steps or improve their security knowledge.
Beauceron has the numbers to back up their impact – the system reduces susceptibility by as much as 50%. Today, over 650,000 people in various sectors, from education and healthcare to banking and critical infrastructure have access to Beauceron technology, a number that is growing by 25% each year.
FLARE
Location: Montreal, Quebec
Founded by a red teamer (covert hackers that work for the good guys to identify gaps in an organization’s cybersecurity armour), Toronto-based FLARE is a cyber threat exposure management platform that helps organizations identify, analyze and protect against cybersecurity threats that are on the horizon.
Many organizations work to build a strong defensive posture, but “locking the doors” in today’s environment may not be enough to prevent attacks. Information about your organization, either shared intentionally or leaked online, can be leveraged by attackers to infer key organizational information and launch malicious attacks. Using AI, bad actors are completing these tasks faster and more successfully than ever before. By understanding what threats lie outside their walls, organizations can monitor and prepare for them.
Using AI, FLARE can review and extract thousands of threats across the internet – looking at everything from websites to social media and forums on the dark web – and break them down into what matters to a defender and their organization. FLARE applies layers of AI to help uncover what is relevant and what’s not across different languages, slang and code. For example, if FLARE uncovers a list of your company emails or other stolen data in the hands of cybercriminals, the system will convey that information to you in a report you can share with stakeholders and suggest next steps to prevent or stop them from using your data against you. Understanding the importance of the human element, FLARE meets directly with customers to understand their business, their tools and their unique needs to deliver the insights they need.
FLARE’s customers include financial institutions, grocery chains., law enforcement and some of the top ten largest technology firms in the US.
Penfield.AI
Location: Toronto, Ontario
In an industry plagued with a chronic workforce shortage (ISC2 estimated a gap of over 25,000 unfilled security roles in 2022 in Canada), Penfield.AI marries human intelligence with AI to help analysts work faster, smarter and with better accuracy.
The Penfield.AI platform analyses how senior analysts in an organization solve cybersecurity problems, including their actions and queries, decisions, and tool usage to detect attacks. Using AI, these interactions are transformed into rich knowledge to automatically streamline procedures, reinforce best practices, and facilitate ongoing analyst development.
Penfield.AI’s approach acknowledges that every organization is unique in the way they tackle cybersecurity problems and that human intervention is key to tackling complex tasks. Using AI, the platform can automatically create best practice checklists and ensure every defender in an organization performs like a top analyst. This means analysts don’t have to start from scratch to approach common problems and junior analysts get the guidance they need to tackle problems with the speed and intuition of top analysts.
Penfield.AI works with organizations across sectors including financial organizations, MDR/MSSPs, NGOs as well as government agencies like the Canadian Centre for Cybersecurity.