With so many people working from home on their personal devices during the coronavirus pandemic, cybersecurity has gotten more important than ever. Security companies have developed new ways to protect people from malicious activity on their phones and computers—even when they’re on their own—by detecting phishing messages, political misinformation, denial-of-service attacks, and other types of cyberattacks. They’ve also come up with new techniques to help stop fraud by confirming that people are who they say they are without relying so much on passwords and centralized databases that can themselves be targets for criminals. And they’ve built new systems for securing people’s most sensitive business data, whether it needs to be accessible on corporate servers or on individual employee cellphones.
For tracking disinformation campaigns around the world through the 2020 elections and beyond
Researchers at the social network analysis company Graphika made a name for themselves in 2020 by reporting suspected Russian operations targeting conservative voters before the U.S. presidential election, flagging Chinese state efforts targeting Taiwan, and discovering global misinformation around COVID-19. Working with competing companies—including Facebook, Google, and Twitter—helps Graphika spot deceptive activities that aren’t limited to just one site and get posts taken down, rooting out online disinformation. For more on why Graphika is a 2021 Most Innovative Company, click here.
For using cryptography to allow companies to vouch for users without sharing personal data
Identiq lets companies verify that new customers are who they claim to be based on digital references from other companies in its network. It has developed cryptographic tools to let companies confirm they’re talking about the same person without having to actually share any data with Identiq or even with each other, meaning fewer opportunities for data breaches or privacy violations. Because data comes from partner businesses’ own systems, it can essentially be kept permanently up to date. For the system to work, Identiq needs a critical mass of business, and a May 2020 virtual summit brought praise from companies like transportation booking company Gett, gift card and payment tech company Blackhawk Network, and international payment company PayU.
For spotting the hacks that can cause apps to crash—on iOS, Android, Windows, and Linux
ZecOps makes automated software that spots when apps crash on computers and phones, then tries to find out what went wrong. That’s because software crashes aren’t always just annoyances: they can be signs of ongoing hacker attacks or dangerous vulnerabilities. In 2020, the company expanded its software to Android, Linux, Windows, and macOS, in addition to iOS, which it already supported. The company’s research discovered previously unknown security vulnerabilities affecting Windows and iOS, and it’s signed customers including Swisscom, KPN, and government agencies around the world.
4. Beyond Identity
For allowing users to access secure websites without having to enter their passwords
Cofounded by Netscape founder Jim Clark and launched in 2020, Beyond Identity uses the same digital security certificates that browsers use to verify that websites are legit to log in users without the need for passwords. This can make it easier for people to access sites—and harder for hackers to steal credentials to impersonate site users. The company has rolled out integrations with login management technologies like Okta, Ping Identity, and Microsoft Active Directory Federation Services so businesses can have their employees log in to workplace systems using Beyond Identity and the login programs they already use.
For protecting gamers from doxing and identity theft with software they’ll actually use
In June 2020, cybersecurity company NortonLifeLock rolled out Norton 360 for Gamers, security software specifically designed for people who play online games. It includes dark web monitoring features to scour for the use of gamers’ digital identities by people who could be selling their passwords or trying to hijack their inventories of virtual items. The software also provides password management, webcam security, and virtual private network capabilities to reduce the risk of account theft and targeted hacks like denial of service attacks and even swatting attacks designed to knock players out of the game. It’s also designed to limit unnecessary notifications, keeping gamers from being distracted by superfluous alerts as they play online.
6. Intelligent Waves
For developing Hypori, a virtual secure work smartphone within your personal phone
Intelligent Waves developed Hypori, a virtual smartphone within a phone to help separate work from personal data. The system allows people to use their own devices for work without having to give employers access to personal data or intermingle sensitive company files with their own personal information. The technology has been used during the COVID-19 pandemic to give government and private workers secure access to files while working remotely.
For shielding e-commerce sites, including $12 billion in Black Friday to Cyber Monday sales
PerimeterX, which protects websites and apps from hacking by bots and human attackers, is widely used by brands from Godiva to Zillow, but isn’t yet widely known outside of the security world. This year, it rolled out a number of innovations, including a suite of modules for protecting websites and APIs, integrations with cloud vendors, new CAPTCHAs and protections against novel forms of attacks. It also found vulnerabilities in common web software including Google Chrome. The company’s main vertical is e-commerce, putting its services in high demand in 2020 as shoppers and retailers moved their transactions online—and hackers and bots followed. One of its most important products is Code Defender, which can spot when an outside script has been inserted into an application, especially ones that may be tracking shoppers on the site and sending their information to an outside domain. In 2020, the company saw 60% growth of customer base to include some of the biggest brands in the world, including a top five retailer and top 10 airline. Over the five-day Thanksgiving through Cyber Monday period, PerimeterX processed 93.7 billion total traffic requests and protected more than $12 billion in global e-commerce transactions.
For securing the data warehouses that companies use for analytics and data processing
Okera lets companies work with potentially sensitive data while carefully controlling and logging who accesses what bits of information. That, along with features to obscure sensitive information like account numbers, helps comply with laws like the new California Consumer Privacy Act and reduces the risk of a potentially disastrous data breach while letting businesses make legitimate use of customer data. Its software works with popular business intelligence and cloud computing programs from Microsoft Power BI to Amazon Athena. In 2020, the company introduced tools that let users build policies around who can access data without having to write any code.
For keeping track of revisions to files to protect computers against ransomware attacks
NeuShield protects systems against the growing problem of ransomware. It keeps track of file changes over time so even if a system is compromised, files can be quickly restored to an earlier good version. It can also detect abnormal behavior that indicates ransomware is present, letting users quickly discover there’s been a breach. The software can even help restore previous good versions of files if they’ve been accidentally changed through user errors rather than malicious attacks.
10. Abnormal Security
For using AI to spot phishing and email fraud, even across multiple companies
Abnormal Security uses machine learning to detect phishing and email fraud. Its software learns over time what normal emails look like within an organization so that it can detect suspicious messages trying to steal money or information. In 2020, the company introduced its new VendorBase technology, which aggregates information across multiple companies so that fraudulent emails purporting to come from business affiliates whose own systems have been compromised can be rooted out.