Tag Archives: Group

M12 announces $4 million global competition for women entrepreneurs – Stories

Microsoft’s venture fund, M12, partners with EQT Ventures and SVB Financial Group to accelerate funding for women leaders

REDMOND, Wash. — July 26, 2018 M12, Microsoft Corp.’s venture fund, in collaboration with the EQT Ventures fund and SVB Financial Group, on Thursday announced the Female Founders Competition, seeking to accelerate funding for top women-led startups focused on enterprise technology solutions. Two winners will share $4 million in venture funding, as well as access to technology resources, mentoring and more.

Women entrepreneurs receive a disproportionately small amount of venture funding, with only 2.2 percent of the total invested in 2017 going to women-founded startups. Studies have shown that investing in companies founded by women delivers significantly higher returns than the market average. By shining a light on this highly talented, but underfunded group of entrepreneurs, M12 and its partners seek to not only fund innovative female entrepreneurs, but to spotlight the funding gap that exists and the benefits of more equitable distribution of capital.

“We formed M12 to make smart bets on innovative people and their ideas, and the Female Founders Competition is an extension of that mandate,” said Peggy Johnson, executive vice president of Business Development at Microsoft. “This isn’t about checking a box; it’s an opportunity to remind the VC community that investing in women is more than just good values, it’s good business.”

“The EQT Ventures team is all about backing founders with the ambition, drive and vision to build a global success story,” said Alastair Mitchell, partner and investment advisor at EQT Ventures. “This competition reflects this and offers women entrepreneurs a great platform from which to launch their business, providing them with access to capital and mentorship. It also raises awareness of the funding gap between male and female founders, and the EQT Ventures team wants to play an active role in bridging that gap.”

Submissions will be accepted from July 26, 2018, to Sept. 30, 2018, and open across three regions: Europe, Israel, and North America (U.S., Canada and Mexico). Companies will be eligible to apply if they have at least one woman founder, have raised less than $4 million in combined equity funding and/or loans at day of application, and offer or intend to release a product, service or platform that addresses a critical business problem.

“At SVB, we strive to help innovative companies succeed,” said Tracy Isacke, head of Corporate Venture at Silicon Valley Bank. “Research tells us diverse teams are more successful. We believe this is true for our business, our clients’ businesses and the innovation economy at large. Our partnership with Microsoft has created a great opportunity for SVB to engage in this competition and is one of the many ways we are supporting diverse representation in the global innovation ecosystem.”

Up to 10 finalists will pitch in person for the chance to be one of the two startups that earn a $2 million investment as well as access to technology resources, mentoring and additional support. The competition also seeks to drive greater awareness for both finalists and winners, with the potential for future funding from the broader VC community. Full guidelines and contest information can be found on M12’s application page.

About EQT Ventures

EQT Ventures is a European VC fund with commitments of just over €566 million. The fund is based in Luxembourg and has investment advisors stationed in Stockholm, Amsterdam, London, San Francisco and Berlin. Fueled by some of Europe’s most experienced company builders, EQT Ventures helps the next generation of entrepreneurs with capital and hands on support. EQT Ventures is part of EQT, a leading investment firm with approximately EUR 50 billion in raised capital across 27 funds. EQT funds have portfolio companies in Europe, Asia and the US with total sales of more than EUR 19 billion and approximately 110,000 employees.

About SVB Financial Group

For 35 years, SVB Financial Group (NASDAQ: SIVB) and its subsidiaries have helped innovative companies and their investors move bold ideas forward, fast. SVB Financial Group’s businesses, including Silicon Valley Bank, offer commercial and private banking, asset management, private wealth management, brokerage and investment services and funds management services to companies in the technology, life science and healthcare, private equity and venture capital, and premium wine industries. Headquartered in Santa Clara, California, SVB Financial Group operates in centers of innovation around the world. Learn more at svb.com.

About M12

As the corporate venture arm for Microsoft, M12 (formerly Microsoft Ventures) invests in enterprise software companies in the Series A through C funding stage. As part of its value-add to portfolio companies, M12 offers unique access to strategic go-to-market resources and relationships globally. Visit https://m12.vc/ to learn more.

For more information, press only:

Microsoft Media Relations, WE Communications for Microsoft, (425) 638-7777, rrt@we-worldwide.com

Lucy Wimmer, PR for EQT Ventures, +44(0) (755) 128-9177, lucy@eqtventures.com

Julia Thompson, PR for Silicon Valley Bank, (415) 764-4707, jthompson3@svb.com

Note to editors: For more information, news and perspectives from Microsoft, please visit the Microsoft News Center at http://news.microsoft.com. Web links, telephone numbers and titles were correct at time of publication but may have changed. For additional assistance, journalists and analysts may contact Microsoft’s Rapid Response Team or other appropriate contacts listed at http://news.microsoft.com/microsoft-public-relations-contacts.

Evergreen Services Group: New deal to up MSP revenue to $40M

Evergreen Services Group, a holding company focused on purchasing managed service providers, is on the cusp of its fifth acquisition, a move that will bring the investor’s MSP revenue to more than $40 million.

The company, based in San Francisco, launched in 2017 as a spinoff of Alpine Investors, a private equity firm. Evergreen has received a $100 million equity commitment from Alpine to launch its acquisition campaign, which got underway seven months ago, according to Ramsey Sahyoun, head of M&A at Evergreen.

Evergreen’s investments include Executech, an MSP in the Salt Lake City area; Wolf Consulting and Jenlor, MSPs in greater Pittsburgh; and Interlaced LLC, an MSP in San Diego specializing in Apple environments.

Next up is an acquisition of an Austin, Texas, MSP that Evergreen Services Group expects to announce next week.

M&A in the MSP market

Evergreen’s acquisitions are in line with the general consolidation trend ongoing in the MSP market. A number of investment groups, including Fusion Agiletech, Converge Technology Partners and Great Hill Partners in conjunction with Reliam Inc., for example, are in the process of building IT services company platforms.

Sahyoun said Evergreen offers a different opportunity for MSPs in the M&A landscape. He said Evergreen purchases 100% of a company and generally pays in cash upfront, noting that other investors strike deals based on earn-outs or seller notes.

In addition, Evergreen takes a long-term view as it acquires companies, Sahyoun said.

“We are not going to smash a few MSPs together and sell in three or four years,” he said. “We are fortunate … to have a long-term financial backer behind this vision of ‘Let’s do this over many years and not just try to make a quick buck.'”

The long-range view enables Evergreen to invest in its acquired companies. Sahyoun said investments in sales and marketing, as well as in service delivery, sets up the acquired companies to have sustainable growth.

The companies Evergreen has acquired thus far will operate as stand-alone, independent platforms, he explained. Evergreen’s approach is to treat companies above the $1 million EBITDA threshold as platforms and those below that mark as add-on acquisitions that would be tucked into one of Evergreen’s platforms.

While Evergreen Services Group doesn’t plan to integrate the platform companies, there will be coordination among its holdings. Sahyoun said Evergreen recently started to bring executives from the companies together in a peer-group format in which they can share best practices and discuss business challenges. In addition, Evergreen provides a subject-matter expert directory and playbook on its website to help companies through such tasks as selecting an IaaS provider or collecting accounts receivable.

Chart showing recent transactions in the IT services industry
Evergreen Services Group is among the investment organizations looking to do deals in the MSP market.

Looking for SMB focus, MRR

Evergreen’s acquisition approach is to look for MSPs serving the small and medium-sized business market that have more than half of their business coming from monthly recurring revenue (MRR).

We look for companies that have a good, predictable stream of revenue.
Ramsey Sahyounhead of M&A, Evergreen Services Group

“That is what we value and what gets us excited about this industry,” Sahyoun said of MRR. “We look for companies that have a good, predictable stream of revenue.”

Customer satisfaction and high retention rates are also important factors in assessing acquisition candidates. To determine customer satisfaction, Evergreen Services Group goes through a process of talking to a subset of an acquisition candidate’s customers as part of its post-letter-of-intent due diligence.

Sahyoun said the company uses a third-party vendor to conduct the customer surveys, which yield such information as net promoter scores.

In general, Sahyoun suggested the recent uptick in acquisition activity in the MSP market signals a greater confidence in the companies following the MSP business model.

“The business has gotten fundamentally better over time,” he said, noting the shift from break-fix to MMR revenue. “That is a big part of what is driving investor interest.”

Other news

  • Microsoft made several announcements ahead of its annual partner conference, Microsoft Inspire. Among the disclosures is a free version of Microsoft Teams; a Whiteboard app for Windows 10 that is also slated for iOS; an expanded Azure Data Box offering; and new programs and resources that aim to help partners take advantage of Microsoft’s global customer and partner ecosystems. Microsoft also unveiled an Azure Expert MSP program, two Cloud Practice Playbooks and four Digital Transformation eBooks. Microsoft Inspire will run July 15 to 19 in Las Vegas.
  • Accenture has acquired Kogentix, a Schaumburg, Ill., company that focuses on big data and AI services. Kogentix employs about 220 big data engineers, data scientists, machine learning engineers and software developers, according to Accenture.
  • IT management software company SolarWinds has acquired Trusted Metrics, a threat monitoring and management vendor. SolarWinds said it will launch SolarWinds Threat Monitor, a tool for MSPs and managed security services providers, as a result of the buyout. In related news, private equity investment firm and SolarWinds backer Thoma Bravo revealed plans to purchase a majority interest in identity and access management player Centrify.
  • More than half of North American channel partners expect to see an increase in IT spending in 2018 compared with last year, according to a mid-year survey of 363 partner companies undertaken by OneAffiniti, a channel marketing solutions provider.
  • Dataguise, a data privacy protection and compliance vendor, unwrapped the DgSecure Partner Program for selling the company’s data governance enablement software. The program provides training and certification; incentives; demo software; sales leads and sales enablement tools; and market development funds (MDF). Partners can also access deal registration and marketing materials through the Dataguise partner portal, the vendor said.
  • Networking vendor Ruckus Networks unveiled a program for enabling partners to sell Ruckus Cloud Wi-Fi. The Cloud-Ready Specialization Program offers tools, training, technical support and incentives and is open to Select- and Elite-level Ruckus Ready partners, the vendor said. Ruckus also provides Smart Cities, Large Public Venue and Education specializations.
  • Yamaha Unified Communications, an audio and video conferencing vendor, introduced a global partner program. The program features three tiers — Basic, Emerging and Prime — with incremental benefits and incentives. At the Basic level, partners can access deal registration, a demo program, special discounts, product training and post-sales technical support. Emerging and Prime partners can tap volume incentive rebates and marketing support such as MDF, according to Yamaha UC.
  • WhiteHat Security, an application security provider, and RiskIQ, a digital threat management firm, are integrating their platforms. The integration gives joint customers “a detailed inventory of web-facing properties, which we can onboard into WhiteHat Sentinel for continuous scanning,” according to John Atkinson, vice president of strategic alliances at WhiteHat Security. As a result, channel partners can provide a “comprehensive solution for dynamic application security testing.”
  • Cybersecurity vendor Bitdefender expanded its security offerings for MSPs. New products include Patch Management, Advanced Threat Security, and Endpoint Detection and Response, available within the Bitdefender Cloud Security for MSP endpoint security suite. The three new offerings can be purchased via monthly usage-based licensing, Bitdefender said.
  • LogiGear, a software-testing vendor, said Royal Cyber, a solution provider based in Naperville, Ill., has joined its roster of value-added resellers. Royal Cyber will provide automation testing using LogiGear’s TestArchitect technology, LogiGear said.

Market Share is a news roundup published every Friday.

Digital transformation process: Align business and IT, shake legacy

At the Strongbow Consulting Group, founder and managing partner Cathy Horst Forsyth and her team help large enterprises digitally transform — specifically around network and infrastructure. From her experience with Fortune 500 companies, legacy applications and systems and misalignment of technology and business strategies can cause significant setbacks in the digital transformation process.

In this SearchCIO interview from the MIT Sloan CIO Symposium, Horst Forsyth details the trends and challenges that she’s seeing in enterprises that are going through the digital transformation process and what’s needed to be successful.

Editor’s note: This transcript has been edited for clarity and length.

What parts of the enterprise are leading the charge in the digital transformation process?

Cathy Horst Forsyth: You see it all on the edges of the business where we have lines of business working directly with their customers, with their individual goals. I think where we see digital transformation being most progressive and most successful is when those lines of business — at the front end of the business — are working closely with their technology partners. What doesn’t seem to work well, or at least what can fall back and have negative consequences is when the lines of business are transforming and driving digital transformation that does not align with a corporate strategy and isn’t compliant with [an organization’s] technology strategy. So, where we see the most success, whether it’s marketing, sales or any particular functional area within the firm, is really that alignment with the business executive and the technology team to make sure the execution is both successful and compliant with the overall goals of the organization.

What parts of the enterprise are less far along in the digital transformation process?

You really can’t underestimate the [extent to which] legacy infrastructure systems and applications tether large companies down.
Cathy Horst Forsythfounder and managing partner, Strongbow Consulting Group

Horst Forsyth: Again, it’s kind of hard to generalize from my perspective. I can’t say one department or function is necessarily behind. But I would say that with organizations that are tethered to legacy applications, legacy infrastructure or legacy systems, it’s very difficult to dig themselves out of that. It’s probably not for lack of wanting to transform digitally, but you really can’t underestimate the [extent to which] legacy infrastructure systems and applications tether large companies down. Again, that’s one of the reasons [Strongbow] focuses specifically on the largest of enterprises. It is a lot easier to start ‘greenfield’ and to drive innovation when you haven’t been a classic Fortune 500 company for the past 50 or 100 years. Even though it’s about culture, leadership and many other things, the legacy infrastructure really can be an impediment. Where there are sunk costs or where it’s difficult to even understand where that infrastructure resides — which is an issue at times — we really see those organizations being hindered.

What kinds of strategies are effective in getting the entire enterprise to the same level of digital prowess?

Horst Forsyth: Once again, I go back to the top executives and the executive committee and [having the ability to] really understand and articulate business strategies. So, what are we trying to accomplish? Why are we trying to accomplish it? Anything can be framed in terms of opportunity or threat. Having everyone understand that simplistic business strategy is definitely a forerunner to then understanding how to leverage technology and achieving [digital transformation]. I think that, to some extent, technology strategy should be driven across the business — including on the front lines — but it needs to be monitored so that it’s consistent and compliant with corporate standards. And I think that the executives need to monitor and keep track of what’s going on, but allow it to go on and grow in a flexible fashion.

The case for cloud storage as a service at Partners

Partners HealthCare relies on its enterprise research infrastructure and services group, or ERIS, to provide an essential service: storing, securing and enabling access to the data files that researchers need to do their work.

To do that, ERIS stood up a large network providing up to 50 TB of storage, so the research departments could consolidate their network drives, while also managing access to those files based on a permission system.

But researchers were contending with growing demands to better secure data and track access, said Brent Richter, director of ERIS at the nonprofit Boston-based healthcare system. Federal regulations and state laws, as well as standards and requirements imposed by the companies and institutions working with Partners, required increasing amounts of access controls, auditing capabilities and security layers.

That put pressure on ERIS to devise a system that could better meet those heightened healthcare privacy and security requirements.

“We were thinking about how do we get audit controls, full backup and high availability built into a file storage system that can be used at the endpoint and that still carries the nested permissions that can be shared across the workgroups within our firewall,” he explained.

Hybrid cloud storage as a service

At the time, ERIS was devising security plans based on the various requirements established by the different contracts and research projects, filling out paperwork to document those plans and performing time-intensive audits.

It was then that ERIS explored ClearSky Data. The cloud-storage-as-a-service provider was already being used by another IT unit within Partners for block storage; ERIS decided six months ago to pilot the ClearSky Data platform.

“They’re delivering a network service in our data center that’s relatively small; it has very fast storage inside of it that provides that cache, or staging area, for files that our users are mapping to their endpoints,” Richter explained.

From there, automation and software systems from ClearSky Data take those files and move them to its local data center, which is in Boston. “It replicates the data there, and it also keeps the server in our data center light. [ClearSky Data] has all the files on it, but not all the data in the files on it; it keeps what our users need when they’re using it.”

Essentially, ClearSky Data delivers on-demand primary storage, off-site backup and disaster recovery as a single service, he said.

All this, however, is invisible to the end users, he added. The researchers accessing data stored on the ClearSky Data platform, as well as the one built by ERIS, do not notice the differences in the technologies as they go about their usual work.

ClearSky benefits for Partners

ERIS’ decision to move to ClearSky Data’s fully managed service delivered several specific benefits, Richter said.

He said the new approach reduced the system’s on-premises storage footprint, while accelerating a hybrid cloud strategy. It delivered high performance, as well as more automated security and privacy controls. And it offered more data protection and disaster recovery capabilities, as well as more agility and elasticity.

Richter said buying the capabilities also helped ERIS to stay focused on its mission of delivering the technologies that enable the researchers.

“We could design and engineer something ourselves, but at the end of the day, we’re service providers. We want to provide our service with all the needed security so our users would just be able to leverage it, so they wouldn’t have to figure out whether it met the requirements on this contract or another,” Richter said.

He noted, too, that the decision to go with a hybrid cloud storage-as-a-service approach allowed ERIS to focus on activities that differentiate the Partners research community, such as supporting its data science efforts.

“It allows us to focus on our mission, which is providing IT products and services that enable discovery and research,” he added.

Pros and cons of IaaS platform

Partners’ storage-as-a-service strategy fits into the broader IaaS market, which has traditionally been broken into two parts: compute and storage, said Naveen Chhabra, a senior analyst serving infrastructure and operations professionals at Forrester Research Inc.

[Cloud storage as a service] allows us to focus on our mission, which is providing IT products and services that enable discovery and research.
Brent Richterdirector of ERIS at Partners HealthCare

In that light, ClearSky Data is one of many providers offering not just cloud storage, but the other infrastructure layers — and, indeed, the whole ecosystem — needed by enterprise IT departments, with AWS, IBM and Google being among the biggest vendors in the space, Chhabra said.

As for the cloud-storage-as-a-service approach adopted by Partners, Chhabra said it can offer enterprise IT departments flexibility, scalability and faster time to market — the benefits that traditionally come with cloud. Additionally, it can help enterprise IT move more of their workloads to the cloud.

There are potential drawbacks in a hybrid cloud storage-as-a-service setup, however, Chhabra said. Applying and enforcing access management policies in an environment where there are both on-premises and IaaS platforms can be challenging for IT, especially as deployment size grows. And while implementation of cloud-storage-as-a-service platforms, as well as IaaS in general, isn’t particularly challenging from a technology standpoint, the movement of applications on the new platform may not be as seamless or frictionless as promoted.

“The storage may not be as easily consumable by on-prem applications. [For example,] if you have an application running on-prem and it tries to consume the storage, there could be an integration challenge because of different standards,” he said.

IaaS may also be more expensive than keeping everything on premises, he said, adding that the higher costs aren’t usually significant enough to outweigh the benefits. “It may be fractionally costlier, and the customer may care about it, but not that much,” he said.

Competitive advantage

ERIS’ pilot phase with ClearSky Data involves standing up a Linux-based file service, as well as a Windows-based file service.

Because ERIS uses a chargeback system, Richter said the research groups his team serves can opt to use the older internal system — slightly less expensive — or they can opt to use ClearSky Data’s infrastructure.

“For those groups that have these contracts with much higher data and security controls than our system can provide, they now have an option that fulfills that need,” Richter said.

That itself provides Partners a boost in the competitive research market, he added.

“For our internal customers who have these contracts, they then won’t have to spend a month auditing their own systems to comply with an external auditor that these companies bring as part of the sponsored research before you even get the contract,” Richter said. “A lot of these departments are audited to make sure they have a base level [of security and compliance], which is quite high. So, if you have that in place already, that gives you a competitive advantage.”

RAMpage attack unlikely to pose real-world risk says expert

A group of researchers developed a proof of concept for a variant of the Rowhammer exploit against Android devices and proved that Google’s protections aren’t enough, but one expert said the RAMpage attack is unlikely to pose a real-world threat.

A team of researchers from Vrije Universiteit Amsterdam, the University of California at Santa Barbara, Amrita University of Coimbatore, India and EURECOM — including many of the researchers behind the Drammer PoC attack upon which RAMpage was built — and created both the RAMpage attack against ARM-based Android devices and a practical mitigation, called GuardION.

According to the researchers, the most likely method for attacking a Rowhammer vulnerability on a mobile device is through a direct memory access (DMA) based attack.

As such, they developed the RAMpage attack, “a set of DMA-based Rowhammer attacks against the latest Android OS, consisting of (1) a root exploit, and (2) a series of app-to-app exploit scenarios that bypass all defenses,” researchers wrote in their research paper. “To mitigate Rowhammer exploitation on ARM, we propose GuardION, a lightweight defense that prevents DMA-based attacks — the main attack vector on mobile devices — by isolating DMA buffers with guard rows.”

The researchers said a successful RAMpage attack could allow a malicious app to gain unauthorized access to the device and read secret data from other apps, potentially including “passwords stored in a password manager or browser, personal photos, emails, instant messages and even business-critical documents.” However, lead researcher Victor van der Veen was careful to note it is unclear how many devices are at risk because of differences in software.

“With RAMpage, we show that the software defenses that were deployed to stop Drammer attacks are not sufficient. This means that the only remaining requirement is having buggy hardware. Since we have seen bit flips on devices with LPDDR2, LPDDR3, and LPDDR4 memory, we state that all these devices may be affected, although it is uncertain how many,” van der Veen wrote via email. “Local access is required. This means that the attacker must find a way to run code (e.g., an app) on the victim’s device. A second requirement is that the device needs to be vulnerable for the Rowhammer bug: it is unclear what percentage of devices expose this issue.”

In a statement, Google downplayed the dangers of the RAMpage attack: “We have worked closely with the team from Vrije Universiteit and though this vulnerability isn’t a practical concern for the overwhelming majority of users, we appreciate any effort to protect them and advance the field of security research. While we recognize the theoretical proof of concept from the researchers, we are not aware of any exploit against Android devices.”

Google also asserted that newer devices include protections against Rowhammer attacks and “the researcher proof of concept for this issue does not work on any currently supported Google Android devices,” though Google did not specify what qualified as a “currently supported Google Android device.” 

Liviu Arsene, senior e-threat researcher at Romania-based antimalware firm Bitdefender, said this could mean “that ‘currently supported devices’ refers to Android builds to which Google still issues security patches, which means that Android Marshmallow (6.0.) and above may not be susceptible” to the RAMpage attack. According to Google’s latest platform numbers, more than 62% of Android devices in the wild are above this threshold.

However, van der Veen thought Google might be referring to its own handsets.

“I believe they hint at the devices that fall under their Android Reward program, which is basically the Pixel and Pixel 2. We did manage to flip bits on a Pixel, and I think that it is likely that there are Pixel phones out there on which the attack will work,” van der Veen wrote. “I don’t see criminals exploiting the Rowhammer bug in a large-scale fashion. It is more likely to be used in a targeted attack. I do think that Google can do a bit more though.”

Arsene agreed that the RAMpage attack does appear “very difficult and unlikely to happen on a mass scale.”

“Attackers would have to know in advance the type of device the target owns, because some manufacturers and OS builds implement different row sizes (e.g. 32KB, 64KB, 128KB), making the attack significantly more complex and less reliable,” Arsene wrote via email. “Google may be right in saying the attack should not be of concern to average users, but it could be used in highly targeted attacks that involve stealthily compromising the device of a high priority individual. For mass exploitation of Android devices there are likely other, less sophisticated methods, for compromise. Attackers will often go for the path of least resistance that involves maximum efficiency and minimum effort to develop and deploy.”

GuardION defense

Despite the relatively low likelihood of the RAMpage attack being used in the wild, researchers developed a mitigation based on protecting Google’s ION DMA buffer management APIs, which were originally added to Android 4.0.

“The main reason for which defenses fail in practice is because they aim to protect all sensitive information by making sure that they are not affected by Rowhammer bit flips. Hence, they are either impractical or they miss cases,” the researchers wrote in their paper. “Instead of trying to protect all physical memory, we focus on limiting the capabilities of an attacker’s uncached allocations. This enforces a strict containment policy in which bit flips that are triggered by reading from uncached memory cannot occur outside the boundaries of that DMA buffer. In effect, this design defends against Rowhammer by eradicating the ability of the attacker to inject bit flips in sensitive data.”

I think they main message should be that Rowhammer-based exploits are still possible, despite Google’s efforts.
Victor van der VeenPhD candidate in the VUSec group at Vrije Universiteit Amsterdam

Van der Veen added via email, “I think they main message should be that Rowhammer-based exploits are still possible, despite Google’s efforts. I think there is also (scientific) value in our breakdown of other proposed mitigation techniques and how they apply to mobile devices, plus our proposed defense, GuardION.”

GuardION may not be real-world ready either though. The researchers noted that Google said the mitigation technique resulted in too much “performance overhead” in apps, but they continue to work with the Android security team “to figure out what a real-world benchmark looks like so that we can hopefully improve our implementation.”

Arsene said “the existence of security research that exploits hardware vulnerabilities does not necessarily mean that users will be more at risk than before.”

“Some of it is purely academic and the practical applications of weaponizing this type research may never become a reality for the masses,” Arsene wrote. “However, users should realize that unpatched, outdated, and unsupported devices and operating systems will always involve significant security risks to their privacy and data.”

M12 and VC partners award $3.5 million to most innovative companies harnessing the power of artificial intelligence

Madrona Venture Group, Notion and Vertex Ventures present in partnership with M12 the winners of Innovate.AI, a global startup competition

NEW ORLEANS — May 1, 2018 — On Tuesday, M12, Microsoft Corp.’s venture fund (formerly known as Microsoft Ventures), announced at Collision Conference the four winners of its global startup competition, Innovate.AI: Envisagenics, Hazy, ZenCity and Voiceitt. Together with Madrona Venture Group, Notion and Vertex Ventures, M12 awarded the four winners a combined $3.5M in venture funding and up to $2M in Microsoft Azure credits to help progress the future of artificial intelligence.

In October, M12 and its venture partners kicked off a global competition called Innovate.AI in a bid to find undiscovered startups around the world working to transform the future through AI. Hundreds of startups across North America, Europe and Israel applied to compete for their region’s respective prizes and demonstrate how artificial intelligence can advance how we live and work.

“From revolutionizing health practices to matching job seekers with skill-based careers, entrepreneurs across the globe captivated us with technologies that bring to life AI’s transformative potential,” said Nagraj Kashyap, corporate vice president, global head of M12. “The number of impressive applicants we received painted a clear picture of how AI can be used to change the way we work, play and live, signaling a bright future for continued AI innovation.”

Winners of each region were awarded a total of $1M in venture funding from M12 and its partners and up to $500K in Azure credits. The winning companies include:

North America: New York-based Envisagenics integrates AI and RNA therapeutics to unlock previously inaccessible cures for hundreds of diseases caused by splicing errors.

“Envisagenics takes a critical issue of disease caused by cancer and genetic irregularities and applies AI to drive the discovery of new drugs,” said S. Somasegar, managing director, Madrona Venture Group. “It is just this type of big and world-changing thinking that we are looking for in startups as they apply this incredibly powerful technology to the core problems in our society. We are excited to work with them as they help drug companies save lives.”

Europe: London-based Hazy uses AI to automate data anonymization to help businesses share data more securely.

“High-profile leaks and regulatory changes risk turning a company’s data from its biggest asset into its greatest liability,” said Alex Flamant, vice president, Notion. “We are excited to be working with the Hazy team as they build the internet’s anonymization layer to secure sensitive datasets.”

Israel: Tel Aviv-based ZenCity uses artificial intelligence to analyze data from conversations on social media, city hotlines and other communication channels to surface trends in real time to city officials to improve citizen’s lives.

“ZenCity can impact the lives of billions of people,” said Emanuel Timor, general partner at Vertex Ventures. “The company is utilizing AI to help city managers provide a better service to their citizens and to understand in real time what their citizens care about. We were highly impressed by the technical solution of the company and its proven ability to have real impact on the decisions of municipal policymakers and their citizens.”

AI for Good: Tel Aviv-based Voiceitt was awarded the AI for Good prize, which included $500K in funding from M12 and $500K in Microsoft Azure credits for best exemplifying the use of AI to improve society, aligned to the mission of M12’s AI Fund. Voiceitt builds speech recognition technology designed to understand nonstandard and dysarthric speech, assisting people who suffer from diseases and disorders such as cerebral palsy, autism, stroke, ALS and Parkinson’s to communicate.

Microsoft’s mission is to make AI more accessible and valuable to everyone. With the help of M12 and its partners, these startups are primed to further that end.

More on Innovate.AI can be found at Innovate.AI.

About Madrona Venture Group

Madrona (www.madrona.com) has been investing in early-stage technology companies in the Pacific Northwest since 1995 and has been privileged to play a role in some of the region’s most successful technology ventures. The firm invests predominately in seed and Series A rounds across the information technology spectrum. Madrona manages more than $1.3 billion and was an early investor in companies such as Amazon.com, Apptio, Rover.com, and Redfin.

About Notion

Notion invests in the enterprise tech of the future, in the teams and companies that have what it takes to solve the biggest problems facing the business world, transforming entire industries in the process. The Notion team founded, built and exited two highly successful SaaS businesses — Star and MessageLabs and invests exclusively in enterprise tech and SaaS with the ambition to build category leaders. The Notion portfolio includes Brightpearl, Dealflo, GoCardless, MOVE Guides, NewVoiceMedia, Currencycloud, Tradeshift, Triptease and Workable. For more information visit: https://notion.vc/

About Vertex Ventures Israel

Vertex Ventures is a leading global venture capital group supporting entrepreneurs to transform their innovative ideas into world-class businesses. With cumulative committed capital in excess of $2.5 billion, Vertex invests in early-stage IT and healthcare opportunities in Silicon Valley, China, India, Israel, and South East Asia. Since 1988, Vertex is honored to have partnered with the founders of global leaders such as Waze, 91, Grab, IGG, CyberArk, Reebonz, SolarEdge, Force10, FirstCry, Yatra and Changba. Vertex Ventures Israel is one of the pillars of the Vertex Group’s network of Funds focusing on early stage opportunities in the Information Technology sector in Israel. Learn more here.

About M12

M12, formerly Microsoft Ventures, is the corporate venture arm of Microsoft (Nasdaq “MSFT” @microsoft), the leader of digital transformation in the era of an intelligent cloud and an intelligent edge. M12 partners with visionary entrepreneurs looking to drive digital transformation. As part of its promise to portfolio companies, M12 offers unrivaled access to go-to-market resources and strategic relationships globally. M12 currently operates in London, New York, San Francisco, Seattle and Tel Aviv. Learn more here.

For more information, press only:

Microsoft Media Relations, WE Communications for Microsoft, (425) 638-7777, rrt@we-worldwide.com

Erika Shaffer, Madrona Venture Group, (206) 674-6330, erika@madrona.com

Kate Hyslop, Notion, +447795 260286, khyslop@notion.vc

Naama Zalzman-Dror, Vertex Ventures Israel, +972 (524) 375 188,

naama@vertexventures.com

 

Note to editors: For more information, news and perspectives from Microsoft, please visit the Microsoft News Center at http://news.microsoft.com. Web links, telephone numbers and titles were correct at time of publication, but may have changed. For additional assistance, journalists and analysts may contact Microsoft’s Rapid Response Team or other appropriate contacts listed at http://news.microsoft.com/microsoft-public-relations-contacts.

 

 

The post M12 and VC partners award $3.5 million to most innovative companies harnessing the power of artificial intelligence appeared first on Stories.

Hackers use ATM jackpotting technique to steal $1M in US

A group of hackers stole over $1 million through ATM jackpotting in the United States.

The hacking group, believed to be an international cybercrime gang, used a technique seen in other countries over the past few years to get ATMs to rapidly spit out cash on demand. Called “jackpotting” because the cash shoots out of the machine the way winnings do on a slot machine, the attack requires the hackers to have physical access to the ATM. Once they have physical access, the hackers can use malware or they can replace the hard drive with an infected one and take control over the system.

ATM jackpotting attacks have happened in other parts of the world — including Central America, Europe and Asia — for several years, but now the attacks have made their way to America, according to a warning sent out to financial organizations by the U.S. Secret Service.

The confidential Secret Service alert, which investigative cybersecurity journalist Brian Krebs reported on, said that ATMs running Windows XP were at the greatest risk of being jackpotted and the hackers were targeting ATMs located in pharmacies, big box retailers and drive-thrus. The Secret Service recommended that ATM operators upgrade to Windows 7 to minimize the risk.

According to Krebs, the Secret Service alert explained that once the hackers have physical access to an ATM, they use an endoscope — an instrument typically used in medicine — to locate where they need to plug a cord into the inside of the cash machine to sync their laptop with the ATM.

The attackers then use an advanced strain of malware called Ploutus.D, which was first reported to have been used in jackpotting attacks in 2013 in Mexico.

[embedded content]

How ATM jackpotting works

The hackers reportedly disguise themselves as ATM maintenance crews to gain access to the machines without raising suspicion. Once the malware has been installed on the compromised ATM it will appear to be out of order to potential users. Then, one attacker can go up to the machine while remote hackers trigger the malicious program, and the hacker who appears to be an ordinary ATM user receives the outpouring of cash. The Secret Service report said that in an average Ploutus.D attack, the money is continuously dispensed at a rate of 40 bills every 23 seconds until the machine is totally empty.

After they’ve emptied the ATM, the hackers disguised as the maintenance crew come back and remove their tools to return the ATM to normal operations — without any available cash.

In his blog post about the recent wave of ATM jackpotting attacks, Krebs noted that the hacking group has been targeting Diebold Nixdorf ATMs, which are vulnerable to the Ploutus.D malware. Specifically, Secret Service warned that the attacks have focused on the Opteva 500 and 700 series from Diebold.

Krebs also said the Secret Service had evidence that further attacks were being planned across the country.

Diebold issued a warning about the attacks and suggested that countermeasures to ATM jackpotting should include limiting physical access to the ATM, making sure the firmware for the machines are up to date with the latest security updates, and monitoring the physical activity of the machines. Without physical access, ATM jackpotting is not possible.

In other news

  • A fitness tracking app accidentally exposed the location of military bases around the world. Strava, an app that logs walking, running and other movements, published an interactive map with over 13 trillion GPS points from its users a few months ago. The map has since been used to confirm the location of military bases, which show extra activity along specific routes in otherwise remote areas. These are believed to be jogging routes and even patrol routes at military bases. An analyst at the Institute for United Conflict Analysts, Nathan Ruser, noticed the data last week and Twitter has since taken to posting now-confirmed locations of the military bases. The data exists because military personnel didn’t turn off their fitness trackers while on base, despite Strava’s customizable privacy settings.
  • Google Cloud has teamed up with enterprise mobility management company MobileIron to build a new cloud service. The companies announced that they will combine Google Cloud’s Orbitera commerce platform and MobileIron’s enterprise mobility management and app distribution platform. The enterprise applications and services portal is expected to be released later in 2018 and will mostly be built on top of the security assertion markup language standard. The service will enable resellers, enterprises and others to buy cloud services and distribute them to customers and employees. It will include customized service bundles, customized branding, unified billing, secure cloud access, and usage analytics, according to Google. “We hope this collaboration simplifies and streamlines enterprise application management for businesses, and helps them unlock additional value for their employees and customers,” the companies said in a blog post announcing the joint effort.
  • Researchers discovered that Oracle Micros point-of-sale (POS) systems have been breached. ERPScan researchers published details of the vulnerability, which affects its Micros POS terminals and enables an attacker to read any file and receive information without authentication from the devices. The vulnerability was discovered in September 2017 by Dmitry Chastuhin, security researcher at ERPScan, and was fixed and disclosed this month. “[The flaw is] a directory traversal vulnerability in Oracle MICROS EGateway Application Service,” ERPScan explains in its blog post. “In case an insider has access to the vulnerable URL, he or she can pilfer numerous files from the MICROS workstation including services logs and read files like SimphonyInstall.xml or Dbconfix.xml that contain usernames and encrypted passwords to connect to DB, get information about ServiceHost, etc.” This means the attacker can run a brute force login attack against the POS devices to gain full access. Micros is used on more than 330,000 cash registers across 180 countries.

What is happening with AI in cybersecurity?

Jon Oltsik, an analyst with Enterprise Strategy Group in Milford, Mass., wrote about the growing role of AI in cybersecurity. Two recent announcements sparked his interest.

The first was by Palo Alto Networks, which rolled out Magnifier, a behavioral analytics system. Second, Alphabet deployed Chronicle, a cybersecurity intelligence platform. Both rely on AI in cybersecurity and machine learning to sort through massive amounts of data. Vendors are innovating to bring AI in cybersecurity to the market, and ESG sees growing demand for these forms of advanced analytics.

Twelve percent of enterprises have already deployed AI in cybersecurity. ESG research found 29% of respondents want to accelerate incident detection, while similar numbers demand faster incident response or the ability to better identify and communicate risk to the business. An additional 22% want AI cybersecurity systems to improve situational awareness.

Some AI applications work on a stand-alone basis, often tightly coupled with security information and event management or endpoint detection and response; in other cases, machine learning is applied as a helper app. This is true of Bay Dynamics’ partnership with Symantec, applying Bay’s AI engine to Symantec data loss prevention.

Oltsik cautioned that most chief information security officers (CISO) don’t understand AI algorithms and data science, so vendors will need to focus on what they can offer to enhance security. “In the future, AI could be a cybersecurity game-changer, and CISOs should be open to this possibility. In the meantime, don’t expect many organizations to throw the cybersecurity baby out with the AI bath water,” Oltsik said.

Read more of Oltsik’s ideas about AI in cybersecurity.

Simplify networks for improved security and performance

Russ White, blogging in Rule 11 Tech, borrowed a quote from a fellow blogger. “The problem is that once you give a monkey a club, he is going to hit you with it if you try to take it away from him.”

In this analogy, the club is software intended to simplify the work of a network engineer. But in reality, White said, making things easier can also create a new attack surface that cybercriminals can exploit.

To that end, White recommended removing unnecessary components and code to reduce the attack surface of a network. Routing protocols, quality-of-service controls and transport protocols can all be trimmed back, along with some virtual networks and overlays.

In addition to beefing up security, resilience is another key consideration, White said. When engineers think of network failure, their first thoughts include bugs in the code, failed connectors and faulty hardware. In reality, however, White said most failures stem from misconfiguration and user error.

“Giving the operator too many knobs to solve a single problem is the equivalent of giving the monkey a club. Simplicity in network design has many advantages — including giving the monkey a smaller club,” he said.

Explore more from White about network simplicity.

BGP in data centers using EVPN

Ivan Pepelnjak, writing in ipSpace, focused on running Ethernet VPN, or EVPN, in a single data center fabric with either EVPN or MPLS encapsulation. He contrasts this model with running EVPN between data center fabrics, where most implementations require domain isolation at the fabric edge.

EVPN is used as a Border Gateway Protocol address family that can be run on external BGP or internal BGP connections. For single data center fabrics, engineers can use either IBGP or EBGP to build EVPN infrastructure within a single data center fabric, Pepelnjak said.

He cautioned, however, that spine switches shouldn’t be involved in intra-fabric customer traffic forwarding. The BGP next-hop in an EVPN update can’t be changed on the path between ingress and egress switch, he said. Instead, the BGP next-hop must always point to the egress fabric edge switch.

To exchange EVPN updates across EBGP sessions within a data center fabric, the implementation needs to support functionality similar to MPLS VPN. Pepelnjak added many vendors have not boosted integration for EVPN, and users often run into issues that can result in  numerous configuration changes.

Pepelnjak recommended avoiding vendors that market EBGP between leaf-and-spine switches or IBGP switches on top of intra-fabric EBGP. If engineers are stuck with an inflexible vendor, it may be best to use Interior Gateway Protocol as the routing protocol.

Dig deeper into Pepelnjak’s ideas on EVPN.

Cybersecurity skills shortage continues to worsen

Jon Oltsik, an analyst at Enterprise Strategy Group in Milford, Mass., said the global cybersecurity skills shortage is bad and getting worse. According to Oltsik, skills shortages among various networking disciplines have not eased — and the cybersecurity shortage is particularly acute — citing ESG’s annual survey on the state of IT. For instance in 2014, 23% of respondents said that their organization faced a problematic shortage of cybersecurity skills. In the most current survey, which polled more than 620 IT and cybersecurity professionals, 51% said they faced a cybersecurity skills shortage. The data aligns with the results of an ESG-ISSA survey in 2017 that found 70% of cybersecurity professionals reporting their organizations were affected by the skills shortage — resulting in increased workloads and little time for planning. 

“I can only conclude that the cybersecurity skills shortage is getting worse,” Oltsik said. “Given the dangerous threat landscape and a relentless push toward digital transformation, this means that the cybersecurity skills shortage represents an existential threat to developed nations that rely on technology as the backbone of their economy.”

Chief information security officers (CISOs), Oltsik said, need to consider the implications of the cybersecurity skills shortage. Smart leaders are doing their best to cope by consolidating systems, such as integrated security operations and analytics platform architecture, and adopting artificial intelligence and machine learning. In other cases, CISOs automate processes, adopt a portfolio management approach and increase staff compensation, training and mentorship to improve retention.

Dig deeper into Oltsik’s ideas on the cybersecurity skills shortage.

Building up edge computing power

Erik Heidt, an analyst at Gartner, spent part of 2017 discussing edge computing challenges with clients as they worked to improve computational power for IoT projects. Heidt said a variety of factors drive compute to the edge (and in some cases, away), including availability, data protection, cycle times and data stream filtering. In some cases, computing capability is added directly to an IoT endpoint. But in many situations, such as data protection, it may make more sense to host an IoT platform in an on-premises location or private data center.

Yet the private approach poses challenges, Heidt said, including licensing costs, capacity issues and hidden costs from IoT platform providers that limit users to certified hardware. Heidt recommends purchasing teams look carefully at what functions are being offered by vendors, as well as considering data sanitization strategies to enable more use of the cloud. “There are problems that can only be solved by moving compute, storage and analytical capabilities close to or into the IoT endpoint,” Heidt said.

Read more of Heidt’s thoughts on the shift to the edge.

Meltdown has parallels in networking

Ivan Pepelnjak, writing in IPSpace, responded to a reader’s question about how hardware issues become software vulnerabilities in the wake of the Meltdown vulnerability. According to Pepelnjak, there has always been privilege-level separation between kernels and user space. Kernels have always been mapped to high-end addresses in user space, but in more recent CPUs, operations needed to execute just a single instruction often following a pipeline with dozens of different instructions — thus exposing the vulnerability an attack like Meltdown can exploit.

In these situations, the kernel space location test fails once the command is checked against the access control list (ACL), but by then other parts of the CPU have already carried out instructions designed to call up the memory location.

Parallelized execution isn’t unique to CPU vendors. Pepelnjak said at least one hardware vendor created a version of IPv6 neighbor discovery that suffers from the same vulnerability. In response, vendors are rolling out operating system patches removing the kernel from user space. This approach prevents exploits but no longer gives the kernel direct access to the user space when it is needed. As a result, in many cases the kernel needs to change virtual-to-physical page tables, mapping user space into kernel page tables. Every single system call, even reading a byte from one file, means the kernel page tables need to be unmapped.

Explore more of Pepelnjak’s thoughts on network hardware vulnerabilities.

Campus network architecture strategies to blossom in 2018

Bob Laliberte, an analyst with Enterprise Strategy Group in Milford, Mass., said even though data center networking is slowing down in the face of cloud and edge computing, local and campus network architecture strategies are growing in importance as the new year unfolds.

After a long period of data center consolidation, demand for reduced latency — spurred by the growth of the internet of things (IoT) — and the evolution of such concepts as autonomous vehicles are driving a need for robust local networks.

At the same time, organizations have moved to full adoption of the cloud for roles beyond customer relationship management, and many have a cloud-first policy. As a result, campus network architecture strategies need to allow companies to use multiple clouds to control costs. In addition, good network connectivity is essential to permit access to the cloud on a continuous basis.

Campus network architecture plans must also accommodate Wi-Fi to guarantee user experience and to enable IoT support. The emergence of 5G will also continue to expand wireless capabilities.

Intent-based networks, meanwhile, will become a tool for abstraction and the introduction of automated tasks. “The network is going to have to be an enabler, not an anchor,” with greater abstraction, automation and awareness, Laliberte said.

Laliberte said he expects intent-based networks to be deployed in phases, in specific domains of the network, or to improve verification and insights. “Don’t expect your network admins to have Alexa architecting and building out your network,” he said. Although, he said, systems modeled after Alexa will become interfaces for network systems.

Explore more of Laliberte’s thoughts on networking.

BGP route selection and intent-based networking

Ivan Pepelnjak, writing in ipSpace, said pundits who favor the demise of Border Gateway Protocol (BGP) through new SDN approaches often praise the concept of intent-based networking.

Yet, the methodologies behind intent-based networks fail when it comes to BGP route selection, he said. Routing protocols were, in fact, an early approach to the intent-based idea, although many marketers now selling intent-based systems are criticizing those very same protocols, Pepelnjak said. Without changing the route algorithm, the only option is for users to tweak the intent and hope for better results.

To deal with the challenges of BGP route selection, one option might involve a centralized controller with decentralized local versions of the software for fallback in case the controller fails. Yet, few would want to adopt that approach, Pepelnjak said, calling such a strategy “messy” and difficult to get right. Route selection is now being burdened with intent-driven considerations, such as weights, preferences and communities.

“In my biased view (because I don’t believe in fairy tales and magic), BGP is a pretty obvious lesson in what happens when you try to solve vague business rules with [an] intent-driven approach instead of writing your own code that does what you want to be done,” Pepelnjak wrote. “It will be great fun to watch how the next generation of intent-based solutions will fare. I haven’t seen anyone beating laws of physics or RFC 1925 Rule 11 yet,” he added.  

Dig deeper into Pepelnjak’s ideas about BGP route selection and intent-based networking.

Greater hybridization of data centers on the horizon

Chris Drake, an analyst with Current Analysis in Sterling, Va., said rising enterprise demand for hybrid cloud systems will fuel partnerships between hyperscale public providers and traditional vendors. New alliances — such as the one between Google and Cisco — joined existing cloud-vendor partnerships like those between Amazon and VMware and Microsoft and NetApp, Drake said. New alliances are in the offing.

Moving and managing workloads across hybrid IT environments will be a key point of competition between providers, Drake said, perhaps including greater management capabilities to oversee diverse cloud systems.

Drake said he also expects a proliferation of strategies aimed at edge computing. The appearance of micro data centers and converged edge systems may decentralize large data centers. He said he also anticipates greater integration with machine learning and artificial intelligence. However, as a result of legacy technologies, actual deployments of these technologies will remain gradual.

Read more of Drake’s assessment of 2018 data center trends.