Why Rilian, Why Now

I have received countless inquiries since BlackHat where I announced my decision to reduce my involvement at my rewarding investing gig to return to entrepreneurial pursuits in the name of mission support. Even moreso as word spread that I was relocating my family to the Middle East and deliberately refocusing my attention on the needs of the emerging markets. This past week I had the pleasure of officially coming out of stealth mode, breathing into life Rilian Technologies.

This post, the first of a series of thought pieces, is intended to provide a glimpse into the thought process that led to Rilian’s creation and a wink to what is in store.

Why Rilian?

‍

Rilian is a go-to-market accelerator and systems integrator for venture-backed security companies seeking access to the rest of the world.

The idea was conceived based on my experience as an entrepreneur, operator, investor, and civil servant, having learned to design, sell, deliver, scale, and adopt capabilities that equipped the organizations I served to secure themselves and their constituents against faceless, borderless forces that are unafraid of adopting every tool and technique at their disposal to criminally enrich themselves, steal intellectual property, and jeopardize the integrity of society-preserving critical infrastructure.

I, along with a cadre of brave men and women you will come to know, recognize that the proliferation of artificial intelligence has irreversibly tipped the cat-and-mouse game of cyber defense in favor of those unafraid to embrace the latest in human ingenuity and experiment with new classes of capabilities erstwhile only available to the most sophisticated nation-state actors.

Before Rilian, what has the traditional cyber adoption cycle looked like? Entrepreneurs — most of them affiliated with the venture ecosystems of Silicon Valley, Tel Aviv, and Bangalore — leveraged the loose fabric networks they grew up in to identify market gaps and create innovative solutions to meet this demand. They leaned on these networks to hone their minimum viable products and relied on the size of their domestic markets (as well as global social networks in the case of Israel) to establish themselves. Their path to scale followed the path of least friction, most often through natural adjacencies with other sectors within the same geography and analogous sectors in adjacent, mature markets [1] [2].

What was the net effect? According to market research, there are over 3,500 venture-backed security companies today. These companies are overwhelmingly focused on the needs of the United States, Western Europe, and India. A study by Momentum Cyber indicated that the lifespan of cybersecurity startups typically ranges between 3 to 4 years, after which many are acquired by strategic platform players such as Palo Alto Networks, CrowdStrike, Microsoft, and Cisco. These platform players rely on the venture-backed ecosystem as their source of innovation, generating accretive shareholder value by promoting these capabilities through established distribution channels to the rest of the world [3] [4].

What does this mean for security leaders responsible for the national security agencies, critical infrastructure providers, and financial service industries in the rest of the world? There is a natural lag in the availability of access to these sources of innovation by that same 3-4 year maturation period. For some of the most acute needs, local players make their best efforts to develop solutions (although, admittedly, more often than not, they are addressed by “home brew” solutions that by definition, will never see scale). This results in further market fragmentation, with incumbency serving as additional friction to new entrants that constrains market forces seeking economies of scale.

Why Now?

‍

The status quo is no longer tenable in the face of artificial intelligence-driven tools, tactics, and procedures being wielded by adversaries who know no borders and face no friction in adopting the latest and greatest capabilities.

We have seen adversaries' desire to attack the soft underbelly of the global security community for some time. For example, in 2016, the global financial ecosystem was rocked by the hack of the Bangladesh Bank, which resulted in over US$81 million being stolen by a sophisticated ring of cyber attackers who exploited vulnerabilities in the SWIFT financial messaging system, As of 2018, only around US$18 million of the US$81 million transferred to the Philippines has been recovered [5][6]. More recently, the Hong Kong financial ecosystem was subjected to a deepfake-enabled spear-phishing attack where AI-generated audio mimicking a company executive was used to fraudulently transfer millions [7].

The situation is even worse within regions in conflict. In 2015, the Ukrainian power grid was subjected to a widespread power outage caused by Russian-affiliated cyber groups, marking the first known cyberattack to successfully disrupt an electrical grid. Such attacks have become more frequent during recent conflicts, with an increased number of attacks targeting Ukraine's infrastructure in 2022 [8]. Outposts of stable countries adjacent to regions of growing conflict are also not immune, as evidenced by reports that Ghana’s critical infrastructure had been compromised by cyber groups affiliated with the Chinese Communist Party (CCP) [9].

The frequency and severity of such attacks against non-traditional targets will only increase. Gone are the days of “Nigerian Prince” email scams purporting to offer immeasurable wealth, delivered in broken English via email or cold calls. Today’s threat actors have tools available at their fingertips to speak to audiences unaccustomed to phishing, smishing, and spear-phishing attacks — in their audience’s native tongue, cognizant of colloquial expressions, and increasingly “delivered” by trusted confidants via deepfake video and voice calls [11].

What’s Next?

‍

“Necessity is the mother of invention,” or so the saying goes, attributed to the likes of Plato. However, this is most true where that necessity is understood by those best equipped to innovate and produce a compelling solution. In today’s economy, those fortunate enough to find themselves in an ecosystem that promotes innovation are largely contained within the Western and Indian hubs cited above. However, as outlined earlier, these are the same communities least likely to understand the growing needs that emerging markets face.

In enters Rilian. We were deliberately established to shortcut the legacy innovation cycle and introduce entrepreneurs to the real needs being felt by the emerging markets, helping broaden innovators’ understanding of global demand and shape their resulting solutions. Further, we intend to work through the local service provider ecosystems that best understand the needs of the emerging markets (and are best suited to ensure sustainable operation) to deliver the same. Through this paradigm, we intend to level the playing field and equip the global security community with access to the cutting-edge security tooling required to combat today’s most dire threats.

The path to achieving global security is not as simple as awareness and market access. Much work is needed to overcome friction inherent in technology transfer and adoption and even more to incorporate the innovation being born within conflict zones across the emerging markets to elevate and enhance capabilities conceived in mature, stable markets.

The posts that we plan to release in the weeks and months ahead will systematically unpack how we are addressing these friction points and the lessons we have learned (and continue to learn) now that we are operating on the front line. In time, we will introduce our audience to the entrepreneurs and innovators who have joined us on this mission — each with their own incredible backstory and perspective on the dynamics at hand. I look forward to continuing the dialogue here and through comments posted to this article on our LinkedIn page — please follow us and engage as you feel called to. Security is a communal effect.

Citations

‍

1. Crunchbase, "Global Venture Funding in Cybersecurity." Link
2. Momentum Cyber, "Annual Cybersecurity Almanac." Link
3. Gartner, "Cybersecurity Technology Adoption." Link
4. CB Insights, "State of Cybersecurity Report 2023." Link
5. Reuters, "Bangladesh Bank Heist Exploits SWIFT System." Link
6. Inquirer.net, "Ex-RCBC branch manager free on bail" Link
7. Financial Times, "Deepfake Audio Fraud in Hong Kong." Link
8. The Guardian, "Ukraine Power Grid Cyberattack." Link
9. Positive Technologies, "Africa Cybersecurity Threatscape 2022-2023 Link
10. The Diplomat, "China Calls Hacking Report 'Far-Fetched.'" Link
11. Aon, "The Evolution of Phishing Campaigns." Link

‍