The Cybersecurity Executive Order – What It Means and What You Can Do

Cybercrime continues to be on the rise and is expected to cost businesses worldwide $10.5 trillion annually by 2025. High-profile attacks, including the recent DarkSide ransomware attack on the Colonial Pipeline, the SolarWinds attack, and the recent Hafnium 0-day Exchange vulnerability that led to cyber-attacks on thousands of public sector and private sector organizations, are just a few recent examples.

On May 12, 2021, United States President Biden signed the Executive Order (EO) on Improving the Nation’s Cybersecurity. The EO comes in the wake of an unprecedented year of major cyber events which have greatly impacted Government agencies and the private sector alike.

The intent of the EO is to initiate bold change to improve the Nation’s overall cybersecurity posture. The EO is focused largely on how government agencies protect their networks and extends to federal government vendors and contractors in an effort to improve the security posture of the Federal Government.

The Cybersecurity EO has been developed over the course of several months, but it has been thrust front and center in light of the Colonial Pipeline and Sunburst/Solarwinds attacks, which have disrupted gas distribution and left over 100k systems and their data easily accessible to hackers.

Through this EO, the Biden Administration is introducing several actions for the Federal Government, including:

  • Development of a cloud-service governance framework
  • Requirement to adopt best practices such as a zero-trust network (ZTX) architecture
  • Technological investments such as Endpoint Detection Response (EDR) and Multi-Factor Authentication (MFA)
  • Process improvements for the incident response lifecycle.

Ultimately, this EO aims to ensure that the Federal Government can protect, detect, and respond against the increased cyber-attacks and sophistication.

Most of the rules and requirements defined in the EO control how federal agencies handle security incidents but some also extend to procurement of hardware and software from the private sector. As the government is the largest purchaser of IT products, the goal is that vendors will place a greater focus on security and improve the security posture for the entire country.

The EO addresses 11 sections, with each detailing direct actions and timelines for organizing and implementing new administrative and technical resources and consolidating them under the Department of Defense and the Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA).

In this post, we’ll discuss what these sections mean in practice and explain how your organization can implement practical changes to comply with the requirements of the EO.

Removing Barriers to Sharing Threat Information

Section 1 (Policy) outlines the current landscape and high-level policy goals to “identify, deter, protect against, detect, and respond to” malicious actors and organizations. While the Government is leading this initiative, it is necessary to partner with private industry to implement security practices to better ensure the security of their products, networks and organizations lest they become a threat vector for the Government.

Section 2 (Removing Barriers to Sharing Threat Information) directs that the Federal Acquisition Regulation (FAR), which defines the contractual rules to conduct business with the Federal Government, be updated to require the sharing of threat and incident information with CISA. This contractually obligates private sector contractors to provide full cyber visibility to the Government.

SentinelOne autonomously prevents, detects and mitigates any known and unknown threats in real-time, effectively  and seamlessly with maximal visibility to the SOC Analyst in organizations around the world.

Organizations looking to address the requirements of Section 2 can leverage Deep Visibility and STAR to meet their regulatory needs and better protect their business.

  • SentinelOne’s Deep Visibility allows customers to obtain real-time and historic retrospective search capabilities, even for offline endpoints, to improve proactive security.
  • With Storyline Auto-Response (STAR) custom detection rules, you can turn Deep Visibility queries into automated hunting rules that trigger alerts and responses when rules detect matches. STAR gives customers the flexibility to create custom alerts specific to their environment that can enhance alerting and triaging of events.
Rapid Threat Hunting with Storylines
Time always seems to be on the attacker’s side, but security analysts can get ahead by hunting threats faster than ever before.

Modernization and Zero-Trust Architecture (ZTA)

Section 3 (Modernizing Federal Government Cybersecurity) of the EO pushes the Government to advance towards adopting zero-trust architectures (ZTA), accelerate migration to secure cloud services and to adopt multi-factor authentication. The Government is to lean away from outdated security models and towards secure cloud services.

Many of these initiatives are in place or underway in many agencies, but this sets definitive timelines for implementation and reporting on the status of their progress for added accountability.

SentinelOne provides capabilities that allow agencies to follow the principle of least privilege (PoLP). This is achieved by supporting multi-tenancy with Role-Based-Access-Control (RBAC). This allows customers to define who sees what and what actions individuals can take based on their own respective scope.

Beyond that, SentinelOne welcomes the decision to adopt zero-trust architecture (ZTA) for agencies and organizations. Endpoints represent a large attack surface, with over 70% of breaches originating on the endpoint.

Organizations have a heterogeneous mix of endpoints connected to their network – whether they be laptops, mobile devices, servers, or IoT devices. These machines often have different configurations, patch statuses, and operating systems, leading to inconsistent approaches to applying security policy.

This problem is compounded by the rise of bring your own device (BYOD) and remote working practices accelerated by the COVID-19 pandemic. While security teams deploy controls to endpoints they can manage, there are a significant number of devices that remain unmanaged or unable to take a management agent.

Adopting Zero Trust for endpoints can assist organizations in reducing this risk by providing the means to monitor, isolate, secure, control, and remove any device from the network at any time. When integrated into a Zero Trust ecosystem, endpoints can provide valuable information when determining whether to grant access, including the device’s identity, health, and compliance status. SentinelOne’s approach to endpoint-centric zero trust provides cooperative capabilities for managing the hygiene, risk, and hardening of endpoints.

Ranger® IoT
Network Visibility & Control. A cloud
delivered, software-defined network discovery solution designed to add global network visibility and control with minimal friction.

Enhancing Software Supply Chain Security

Section 4 (Enhancing Software Supply Chain Security) requires greater Government visibility into their software supply chain. In the wake of SUNBURST, where the adversary leveraged SolarWinds to provide signed and trusted updates that were embedded with malware, it is a top priority to prevent something like that from happening again.

To assist in that effort, NIST is directed to publish guidelines that cover core security practices that vendors must implement and, when asked, provide evidence of the implemented best practices. The guidelines include:

  • Separate build environments
  • Audit trust relationships
  • Multi-factor authentication
  • Encrypting all data
  • Monitoring and reporting any cyber incidents
  • Use tools to maintain trusted source code chains
  • Check for any vulnerabilities before releasing code
  • Publish a Software Build of Materials (SBOM) that lists all components embedded in the software

This will eventually lead to a software rating system for vendors that can be used to demonstrate best security practices are being used.

Recent incidents like the SolarWinds attack demonstrate the growth of adversaries focusing on the supply-chain. In that particular instance, SUNBURST was unable to disable or bypass SentinelOne in any customer environments. We acknowledge the importance of this field and welcome the modernizing efforts in supply chain security.

Today, SentinelOne is protecting thousands of the world’s leading enterprises with the Singularity Platform. Protecting endpoints, cloud, and IoT attack surfaces with patented Artificial Intelligence tracking, SentinelOne replaces legacy and next-generation products with an autonomous platform to further support the U.S. public sector.

SentinelOne has achieved the coveted FedRAMP designation, which enables U.S. federal government customers to leverage the most innovative endpoint security solution from the fastest-growing cybersecurity company in the market.

2020 MITRE Engenuity ATT&CK Evaluations
Watch the webinar to learn about SentinelOne’s record-breaking results.

Responding To Cyber Incidents and Vulnerabilities

Section 5 (Establishing a Cyber Safety Review Board) establishes a Cyber Safety Review Board to act as a strike team to respond to significant cyber incidents in the same manner the National Transportation Safety Board (NTSB) investigates and reports on civil transport accidents. This board will include stakeholders from across the Government including DOJ, DOD, CISA and NSA along with representatives from private sector entities and lead by a board appointed by DHS.

Section 6 (Standardizing the Federal Government’s Playbook for Responding to Cybersecurity’s Vulnerabilities and Incidents) creates a standard playbook for responding to cybersecurity vulnerabilities and incidents to be used across the Federal Government. This will document procedures used to identify, remediate, and recover from vulnerabilities and incidents affecting their systems.

SentinelOne provides various security automation and response (SOAR) capabilities that aid security professionals during Digital Forensics Incident Response (DFIR) type activities. Through SentinelOne’s ActiveEDR capability, customers can automatically respond to most alerts. When manual intervention is required the Singularity Platform offers various remediation and recovery options. All of the capabilities that are provided can also be orchestrated by leveraging the rich API ecosystem around the SentinelOne solution.

Section 7 (Improving Detection of Cybersecurity Vulnerabilities and Incidents on Federal Government Networks) focuses on improving detection of vulnerabilities and incidents on Federal Government networks. Here the Government acknowledges that traditional antivirus is not enough, and that Endpoint Detection and Response (EDR) capabilities are required to be able to perform “active cyber hunting, containment and remediation, and incident response”.

ActiveEDR, powered by SentinelOne’s patented Storyline technology, provides analysts with real-time, actionable correlation and context and lets security analysts understand the full story of what happened in their environment.

Storyline automatically links all related events and activities together with an attack chain and a unique identifier. This allows security teams to see the full context of what occurred within seconds rather than needing to spend hours, days, or weeks correlating logs and linking events manually.

SentinelOne’s behavioral engine tracks all activities on the system, including file/registry changes, service start/stop, inter-process communication, and network activity. It detects techniques and tactics that are indicators of malicious behavior to monitor stealthy behavior and effectively identify fileless attacks, lateral movement, and actively executing rootkits.

SentinelOne automatically correlates related activity into unified alerts that provide campaign-level insight. This reduces the amount of manual effort needed, helps with alert fatigue, and significantly lowers the skillset barrier of responding to alerts.

Improving Investigative and Remediation Capabilities

Section 8 (Improving the Federal Government’s Investigative and Remediation Capabilities) focuses on the importance of accurate and complete data logging to be able to properly investigate cyber incidents.

The EO requires recommendations on the types of logs to be maintained, the time periods to retain the logs (i.e., retention) and other relevant data, the time periods for agencies to enable recommended logging and security requirements, and how to protect logs.

SentinelOne provides access and visibility into your environment for 365 days and beyond to let you analyze incident activities and conduct historical analysis.

The ability to look back into any point in time allows analysts to see if the threat has targeted the organization in the past and view the full stream of information on how that attack occurred, including the entire process tree, timeline, and related activities.

SentinelOne data retention capability also provides the answer to your compliance needs across different data retention and audit requirements. Allowing customers to be ready for audits including PCI DSS, HIPAA, NIST, and more, by leveraging connected data insights across multiple endpoints.

SentinelOne Singularity XDR
See how SentinelOne XDR provides end-to-end enterprise visibility, powerful analytics, and automated response across your complete technology stack.

Conclusion

While much more remains to be done to fully address the worsening cyber threat environment, this Executive Order takes a number of necessary steps to strengthen American cybersecurity. SentinelOne’s suite of autonomous endpoint protection products is ideally suited to help federal agencies meet the requirements and goals laid out in the Order, and we look forward to engaging with federal decision makers and being a part of these critical efforts to secure federal networks.

If you would like to learn more about how SentinelOne can help your organization meet its security goals, contact us for more information or request a free demonstration.


Like this article? Follow us on LinkedIn, Twitter, YouTube or Facebook to see the content we post.

Read more about Cyber Security

Invoca acquires DialogTech for $100M to expand its conversational intelligence tools

On the heels of expanding its marketing call analytics platform last year to provide more insights to help those in sales, e-commerce and customer experience, Invoca is making its first acquisition to widen the net of companies that it targets. The company has acquired DialogTech, a startup that builds tools for marketers to analyze inbound phone calls and other contacts, in what TechCrunch understands to be a $100 million deal.

As part of the transaction, Santa Barbara-based Invoca will be divesting Swydo, a company that Chicago-based DialogTech acquired in 2018. Swydo — originally from The Netherlands — will remain a partner of Invoca’s, the company said.

Invoca has up to now focused on larger consumer-facing enterprises — its customers include the likes of ADT, AutoNation, DISH, TELUS and The Home Depot — providing them with an AI-based platform that lets their marketing, sales and other teams analyze calls from consumer customers and provide call tracking, coaching and other insights in real time and in the form of post-call reports to help those teams do their jobs more easily.

Gregg Johnson, Invoca’s CEO and one of a growing pool of Salesforce veterans who are reinventing the marketing and sales technology landscape, described DialogTech as “complementary” to what Invoca does, but will specifically help Invoca better target mid-market companies.

The opportunity that both Invoca and DialogTech have identified is that, despite the growth of digital media advertising, social media and other channels for brands to connect to would-be customers, inbound calls remain a very key part of how companies sell goods and services, especially when the sale is of a complex item.

“About 40% to 80% of revenues come through contact centers,” Johnson said. “Brands can do all the retargeting they want but the same strategies in digital don’t work there.”

For those working at the other end of the line, the need for tools to do their jobs better became even more pressing in the last year, a time when customers stayed home and away from physical stores, shifting all of their interactions to virtual and remote channels. Subsequently, they demanded and expected better levels of service there.

“This move enables us to be an even better partner to enterprises and agencies looking to optimize their marketing and drive sales,” said DialogTech CEO Doug Kofoid, in a statement. “Together as Invoca, our combined company will deliver an unrivaled solution for conversation intelligence, with the most innovative technology, expertise, experience, and resources in our industry.”

The combined business will become one of the bigger “martech” startups focusing on conversational insights, with 2,000 customers, more than 300 employees and on track to make more than $100 million this year in revenue. This is, however, just the tip of the iceberg: The conversational intelligence market was estimated to be worth some $4.8 billion in 2020 and is expected to balloon to nearly $14 billion by 2025.

Given how many startups we’ve seen launch in the name of better sales intelligence, it’s likely that this will not be the last piece of consolidation in the area. Combining to expand the functionality of a platform, or to expand the scale and reach of a business, or simply to bring on interesting tech that is easier to acquire than build from scratch, are three areas that will likely drive more M&A.

Invoca last raised funding in October 2019, a $56 million round just ahead of the world shifting into COVID-19 pandemic mode. Johnson confirmed that Invoca — which has to date raised $116 million from Accel, Upfront Ventures, H.I.G. Growth Partners, Morgan Stanley, Salesforce Ventures and others — is in a strong enough position as a business not to need to raise more for this acquisition.

However, I suspect that scaling up like this will help it bid for bigger money and a bigger valuation when it does, as will the fact that peers in the market like Gong (which Johnson described to me as the “B2B version of Invoca”) have seen their valuations catapult in the last year, spurred by the changes in how customers interact with businesses, and sales and marketing can work to better serve them.

The Good, the Bad and the Ugly in Cybersecurity – Week 21

Everybody hates doing their taxes, except it seems a group of Russian cybercriminals, who were quite happy to “volunteer” to submit taxes on behalf of their victims. The gang utilized vulnerabilities in accounting software, obtained PIIs of American citizens, filed tax returns and redirected the IRS refunds into their own accounts, earning as much as $1.5 million meant for American taxpayers. But the good news is that this crime did not go unnoticed or unpunished. A joint task force led by the FBI and the Internal Revenue Service (IRS) has managed to arrest a Russian national, Anton Bogdanov (aka “Kusok”), extradite him and sentence him to 5 years imprisonment for Cyber Tax Fraud. Bogdanov will also pay $476,713 in forfeiture.

US Law enforcement agencies showed the same tenacity even when pursuing minor crimes associated with Hot Dogs. Salvatore A. La Rosa from San Jose pleaded guilty to hacking into concession stands at Paypal Park, home of Major League Soccer team the San Jose Earthquakes. La Rosa was fired from Spectra, the concessions contractor for the stadium. Seeking revenge, he hacked into Spectra’s mobile menu Point-of-Sale tablets before the first home game of the season, disabling the menu selections and the ability to accept credit cards, resulting in numerous hungry (and angry) customers and a total loss of $268,000. He’s facing up to 10 years in prison.

The Bad

But let’s not let the success of law enforcement and the courts in putting cyber criminals behind bars confuse us. The battle between cyber criminals and the rest of the world rages and they are all too often on the winning side. One very recent concern is ransomware payouts, which are ballooning. According to one study, these increased 171% from $115,123 in 2019 to $312,493 in 2020, and other research states that the total amount paid by ransomware victims increased by 336% in 2020, totaling $370 million. The figures for 2021 already look like they’re going to bust that amount and then some.

Last week’s Colonial Pipeline payout of $4.4 million to the DarkSide gang was just the tip of the iceberg. According to some sources, DarkSide has netted over $90 million in Bitcoin during their 8 months of operation. Analyzing the amounts received from their victims suggest that this group’s average payout is around $1.9 million.

But even these sums pale by comparison when considering the recent revelation that earlier this year, CNA Financial paid $40 million to free itself from ransomware. There have been even higher ransomware demands reaching $50 million (Apple, Acer), but it is unknown at the moment if these were met.

The Ugly

But the ugliest side of ransomware isn’t the financial damage to victims. It is the devastating effect it has on the ordinary people who are hurt as a consequence of critical infrastructure being crippled by these attacks. And the worst case is when it hits the healthcare sector. This week it was Ireland’s turn to feel that pain.

Health Service Executive (HSE), Ireland’s national healthcare system, responsible for the provision of health and personal social services, has suffered a devastating ransomware attack. Starting last Friday, the Department of Health network has been suffering disruptions to healthcare operations across the country, including delayed surgeries, delays in getting COVID-19 test results and emergency staff resorting to using pen and paper.

The Irish National Cyber Security Centre released an initial report stating that Conti ransomware was the cause of the disruptions. Later, the ransom note surfaced stating that the attacks had encrypted file servers and SQL servers.

Prior to encryption, the attackers exfiltrated more than 700GB of personally identifiable information (PII) including addresses and phone numbers of patients, doctors and nurses, payroll information and employment contracts. Some of this information has already found its way to the Darknet, according to reports. Although HSE is now said to be in possession of a decryptor that may have been provided for free by the gang itself, the cyber criminals are still demanding around $20 million not to leak further data, a sum the Irish Prime Minister refuses to pay.


Like this article? Follow us on LinkedIn, Twitter, YouTube or Facebook to see the content we post.

Read more about Cyber Security

Dooly raises $80M more for its AI tools to help salespeople manage their busywork

Salespeople have more tools than ever these days to help them with their work, whether they are tools to source new leads, keep those leads interested or informed about what’s being sold, track how the sales process is going, manage those relationships once they are secured, or accounting tools to manage how and where sales are actually coming in. Today, a startup that’s built a platform to help manage the data entry that powers all of that is announcing a swift round of funding to build on momentum and interest in its technology.

Dooly — which has built a set of AI-based tools to automate the busywork that goes into updating data in sales software, specifically apps like Salesforce, in order to get the most out of that software — has closed $80 million in funding. Sources tell us that the money values the Vancouver-based startup at over $300 million.

This is a “swift” round in that efforts to raise and close the funding happened quickly, and come not two months after the company had announced a Series A and seed round totaling $20 million. (In fact, we got wind of this round a couple of weeks ago, so arguably it was less than two months since the previous announcement.)

This latest Series B is being led by Spark Capital, with Greenspring, Tiger Global, Lachy Groom, boldstart ventures, BoxGroup and Addition also participating. Several of these are repeat investors.

Investor interest in the company is coming in part because of what Dooly is adding to the bigger mix of sales tools; and in part because of the traction it has already picked up for that.

While there are indeed a number of apps that salespeople can use these days, that has presented something of a predicament for many salespeople: tending to the data in each of these, updating records and helping them tick along, can be a very time-consuming task that takes people away from doing what they do best.

That predicament has perhaps been heightened in the last year, as organizations push for “digital transformation” — investing in newer IT — to better adapt to workforces that are not in the office all the time, and in many cases haven’t been in an office together for a year and with some perhaps never to return again. That’s in many cases translated to using a ton more software to manage those people, what they do and how they engage with each other when in-person is not an option.

Dooly’s proposition is that it uses AI tools like natural language processing to let people take notes on meetings and other work, which it then intelligently can feed into other applications to let them work as they should.

Kris Hartvigsen, Dooly’s CEO himself, experienced these pain points firsthand as a top salesperson for a number of other companies, and this served as his motivation for building Dooly.

“This was born out of pain,” he said. “When I was in a previous role as a top sales performer, I was constantly in this mode that eroded my time. The headwinds now are for remote working, but not everyone is benefitting from this remote world as much as Zoom is. Some are finding it harder to hit their numbers so you want to spend more time, not less, speaking to customers.”

He describes his business as “the table cloth that goes over the table that no one wants to sit at” and more seriously, “a clean overlay to systems” that is very aware of the challenges salespeople face on a practical, operational level. “We are always mindful of thinking of workflows that hinder users from peak value mode.”

The the app, in his words, “plays nice” with a number of services to ingest information — these, for example, include tools like Gong that among other things monitor voice-based sales calls to provide real-time feedback and transcripts) — as well as those that are used to record what is going on, like Salesforce. It also integrates with Slack and G-Suite and other popular apps.

Then, in addition to being able to use and populate relevant data easily across multiple apps, Dooly also provides some guidance, based on the data it is seeing, to give suggestions on closing deals.

This is music to many salespeople’s ears, it seems. It now has some 500 businesses as customers, and says the list includes revenue teams at Asana, BigCommerce, Contentful, Figma, Intercom, Lessonly, Procore and more.

Up to now, the company has been growing organically, through word-of-mouth — which is perhaps the best kind of sales pitch and success that any company can hope for. Ironically, now that its model has been well proven out, it will quite possibly be using its own tools to expand its reach even more.

Dooly is building one of the most consequential enterprise companies of the next decade,” said Will Reed, a general partner at Spark Capital. “We are thrilled to support Dooly as it continues to power the most forward-thinking revenue teams, and believe it will ultimately define the connected workspace category via its relentless focus on customers and product-led growth.” Reed is joining the board with this round.

Pitch, a platform for making and sharing presentations, raises $85M on a $600M valuation

PowerPoint may still dominate the landscape for presentations in many people’s minds, but some might say that legacy status also makes Microsoft’s software ripe for disruption. Now, a startup out of Berlin called Pitch has just picked up a substantial Series B of $85 million to take it on with what it believes is a more dynamic approach.

The round is being led by Lakestar and Tiger Global, with previous backers Index Ventures and Thrive Capital also participating. We understand from sources close to the company that the valuation is now at $600 million for the Berlin-based startup.

In the words of CEO and co-founder Christian Reber, the ambition is to create the “YouTube for presentations,” with the ability for people to create, collaborate on and share presentations with each other through an online-based interface.

His interest, meanwhile, in taking on Microsoft has a deeper story to it. As we have covered before, Reber’s previous startup, the planning startup Wunderlist, was acquired by Microsoft and folded into its productivity suite, only to eventually be killed off, much to Reber’s disbelief and disappointment.

Not to dwell too much in the past, the funding Pitch has now raised will be used in several areas, including hiring more people and reach. The startup has already seen good progress on the latter front. Pitch is already being used by tens of thousands of teams, it says, who have created some 125,000 workspaces on the platform. Customers include (ironically) a number of other trailblazers in the world of business productivity: Intercom, Superhuman and Notion are among the list.

The plan will be to work on bringing on more users into its freemium universe, while converting more to its Pitch Pro $10/user/month paid tier, which includes more extensions like unlimited storage, video uploads, version history and advanced permissioning. Pro already has a “couple of thousand” subscribers, Reber said, enough to prove out that “we definitely see our business model working.” Pitch is also working on rolling out an enterprise version so that it can sell Pitch into the bigger businesses and deployments that dominate usage of PowerPoint.

And the other way that Pitch plans to bring more people into the fold will be with more functionality. Along with the funding, Pitch is rolling out some new features that will include the beginnings of an ecosystem, where presentation designers and creators will be able to upload presentation templates, as well as presentations themselves, to help other people get started in creating their own presentations.

The idea here is to celebrate creators, Reber said, but it’s (at least for now) stopping short of paying them, seeing this more as a way of sharing designs and ideas in a more collaborative exchange with each other. Both, however, seem to me to be ripe opportunities down the line for building a marketplace. Creating a great pitch deck for a startup is great to share as a resource, but if you are also, say, a leadership coach who makes a living out of giving people inspiring direction on how to handle something, a pitch deck with that IP in it perhaps might not be something you’d always be willing to part with for free. (Reber says his inspiration here was the world of design forums like Dribble, where an exchange of ideas has thrived.)

Initially, the user-generated content will be selected by Pitch itself, although the plan over time will be to make it something that will be open to everyone, Reber said.

Another new feature will be presentation analytics. This will not be unlike the kind of data that people currently can apply to, say, email or web traffic to measure what people are clicking on, how long they are spending looking at content and where they are dropping off. Pitch will apply the same to its presentations — which are HTML-coded — so that those who are making them and sending them around can get a better idea of how they are performing, and even begin the process of A-B testing to try out different approaches.

Reber points out that analytics will be opt-in only: If users choose not to share that tracking, it won’t be shared, he said.

“As a German business, we have a special relationship with data privacy in the greatest sense,” he said. “We care deeply about making sure we approach features in a privacy-first way.” The idea is to make it less like spyware, and more like the kind of analytics one might have on YouTube for videos there.

Finally, it’s adding in more video features to bring in narrative recording and playback. These first will be “recorded” around the presentations themselves, but longer term, it’s likely that the feature will also have a live element, which makes a lot of sense since a lot of presentations have had their most highly trafficked exposure by way of webinars or live presentations (say, around an earnings call), where you might not only have multiple presenters talking along a slide deck, but also people feeding back, asking questions in relation to the presentation and so on.

If this all sounds a little WordPress-like, that’s not a coincidence. Reber noted that website building is something else that Pitch wants to bring into the platform. “We are experimenting with that,” he said. “In my opinion, presentations are collections of information and we want to publish them in various ways. Slides just happens to be one format. But if it’s all already written in HTML, why not build it also into a site? That will be another feature coming, and something that we will be also using the funding for.”

Indeed, that may not work for deeper content efforts (such as publications like the one you are reading right now), but would be perfectly adequate for, say, basic sites along the kind that are built on sites like Squarespace to lay out some online real estate for a small business. The scope of what you can already do, and what Pitch wants you to do, is precisely what makes this all so interesting to investors, they say.

“The exciting vision that Christian and the team at Pitch have is beyond just being a superior alternative to legacy presentation software,” said Stephen Nundy, partner at Lakestar, in a statement. “A reimagining of the entire workflow surrounding presentations is very much overdue, and when coupled with the ability to harness new data and media integrations, Pitch will lead the way in changing how stories are told. I’m very proud to be joining the board of a European company with its sights set on a truly global opportunity.”

“We are incredibly impressed by the quality of Pitch’s offering today and Christian’s vision for the future. Pitch will be a true productivity platform, and we are excited to become investors in this special company,” John Curtius, partner at Tiger Global, added.

Reber’s take on the new tools are also here:

Kleiner spots Spot Meetings $5M to modernize walk-and-talks for the Zoom generation

Trees, those deciduous entities you can occasionally see outdoors when not locked down or strapped down at a desktop ruminating on a video call, have long been the inspiration for fresh new ideas. Stories abound of how founders built companies while walking the foothills in Silicon Valley or around parks in San Francisco, and yet, we’ve managed over the past year to take movement mostly out of our remote work lives.

Chicago-based Spot Meetings wants to reinvigorate our meetings — and displace Zoom as the default meeting medium at the same time.

The product and company are just a few months old and remain in closed beta (albeit opening up a bit shortly here), and today the company is announcing $5 million in seed funding led by Ilya Fushman at Kleiner Perkins. That follows a $1.9 million pre-seed round led by Chapter One earlier this year.

CEO and co-founder Greg Caplan said that the team is looking to rebuild the meeting from the ground up for an audio-only environment. “On mobile, it needs to be abundantly simple to be very functional and understood for users so that they can actually use it on the go,” he described. In practice, that requires product development across a wide range of layers.

The product’s most notable feature today is that it has an assistant, aptly named Spot, which listens in on the call and which participants can direct commands to while speaking. For instance, saying “Spot Fetch” will pull the last 40 seconds of conversation, transcribe it, create a note in the meeting and save it for follow-up. That prevents the multi-hand tapping required to save a note or to-do list for follow-up with our current meeting products. You “don’t even need to take your phone out,” Caplan points out.

What gets more interesting is the collaboration layer the company has built into the product. Every audio meeting has a text-based scratch pad shared with all participants, allowing users to copy and paste snippets into the meeting as needed. Those notes and any information that Spot pulls in are saved into workspaces that can be referenced later. Spot also sends out emails to participants with follow-ups from these notes. If the same participants join another audio meeting later, Spot will pull in the notes from their last meeting so there is a running timeline of what’s been happening.

Spot’s product design emphasizes collaboration within an audio-focused experience. Image Credits: Spot Meetings

Obviously, transcription features are built-in, but Spot sees opportunities in offering edited transcripts of long calls where only a few minutes of snippets might be worth specifically following up on. So the product is a bit more deliberate in encouraging users to select the parts of a conversation that are relevant for their needs, rather than delivering a whole bolus of text that no one is ever actually going to read.

“Collaboration from now and the future is going to be primarily digital … in-person is forever going to be the exception and not the rule,” Caplan explained. Longer term, the company wants to add additional voice commands to the product and continue building an audio-first (and really, an audio-only) environment. Audio “very uniquely helps people focus on the conversation at hand,” he said, noting that video fatigue is a very real phenomenon today for workers. To that end, more audio features like smarter muting are coming. When a participant isn’t talking, their background noise will automatically melt away.

Before Spot Meetings, Caplan was the CEO and co-founder of Remote Year, a startup that was designing a service for company employees to take working trips overseas. I first covered it back in 2015, and it went on to raise some serious venture dollars before the pandemic hit last year and the company laid off 50% of its workforce. Caplan left as CEO in April last year, and the company was ultimately sold to Selina, which offers co-working spaces to travelers, in October.

Caplan’s co-founder who leads product and engineering at Spot Meetings is Hans Petter “HP” Eikemo. The duo met during the very first Remote Year cohort. “He has been a software engineer for two decades [and was] literally the first person I called,” Caplan said. The team will grow further with the new funding, and the company hopes to start opening its beta to its 6,000 waitlist users over the next 3-4 weeks.

How to ensure data quality in the era of Big Data

A little over a decade has passed since The Economist warned us that we would soon be drowning in data. The modern data stack has emerged as a proposed life-jacket for this data flood — spearheaded by Silicon Valley startups such as Snowflake, Databricks and Confluent.

Today, any entrepreneur can sign up for BigQuery or Snowflake and have a data solution that can scale with their business in a matter of hours. The emergence of cheap, flexible and scalable data storage solutions was largely a response to changing needs spurred by the massive explosion of data.

Currently, the world produces 2.5 quintillion bytes of data daily (there are 18 zeros in a quintillion). The explosion of data continues in the roaring ‘20s, both in terms of generation and storage — the amount of stored data is expected to continue to double at least every four years. However, one integral part of modern data infrastructure still lacks solutions suitable for the Big Data era and its challenges: Monitoring of data quality and data validation.

Let me go through how we got here and the challenges ahead for data quality.

The value vs. volume dilemma of Big Data

In 2005, Tim O’Reilly published his groundbreaking article “What is Web 2.0?”, truly setting off the Big Data race. The same year, Roger Mougalas from O’Reilly introduced the term “Big Data” in its modern context  —  referring to a large set of data that is virtually impossible to manage and process using traditional BI tools.

Back in 2005, one of the biggest challenges with data was managing large volumes of it, as data infrastructure tooling was expensive and inflexible, and the cloud market was still in its infancy (AWS didn’t publicly launch until 2006). The other was speed: As Tristan Handy from Fishtown Analytics (the company behind dbt) notes, before Redshift launched in 2012, performing relatively straightforward analyses could be incredibly time-consuming even with medium-sized data sets. An entire data tooling ecosystem has since been created to mitigate these two problems.

The emergence of the modern data stack (example logos & categories)

The emergence of the modern data stack (example logos and categories). Image Credits: Validio

Scaling relational databases and data warehouse appliances used to be a real challenge. Only 10 years ago, a company that wanted to understand customer behavior had to buy and rack servers before its engineers and data scientists could work on generating insights. Data and its surrounding infrastructure was expensive, so only the biggest companies could afford large-scale data ingestion and storage.

The challenge before us is to ensure that the large volumes of Big Data are of sufficiently high quality before they’re used.

Then came a (Red)shift. In October 2012, AWS presented the first viable solution to the scale challenge with Redshift — a cloud-native, massively parallel processing (MPP) database that anyone could use for a monthly price of a pair of sneakers ($100) — about 1,000x cheaper than the previous “local-server” setup. With a price drop of this magnitude, the floodgates opened and every company, big or small, could now store and process massive amounts of data and unlock new opportunities.

As Jamin Ball from Altimeter Capital summarizes, Redshift was a big deal because it was the first cloud-native OLAP warehouse and reduced the cost of owning an OLAP database by orders of magnitude. The speed of processing analytical queries also increased dramatically. And later on (Snowflake pioneered this), they separated computing and storage, which, in overly simplified terms, meant customers could scale their storage and computing resources independently.

What did this all mean? An explosion of data collection and storage.

How to Tell a Job Offer from an ID Theft Trap

One of the oldest scams around — the fake job interview that seeks only to harvest your personal and financial data — is on the rise, the FBI warns. Here’s the story of a recent LinkedIn impersonation scam that led to more than 100 people getting duped, and one almost-victim who decided the job offer was too-good-to-be-true.

Last week, someone began began posting classified notices on LinkedIn for different design consulting jobs at Geosyntec Consultants, an environmental engineering firm based in the Washington, D.C. area. Those who responded were told their application for employment was being reviewed and that they should email Troy Gwin — Geosyntec’s senior recruiter — immediately to arrange a screening interview.

Gwin contacted KrebsOnSecurity after hearing from job seekers trying to verify the ad, which urged respondents to email Gwin at a Gmail address that was not his. Gwin said LinkedIn told him roughly 100 people applied before the phony ads were removed for abusing the company’s terms of service.

“The endgame was to offer a job based on successful completion of background check which obviously requires entering personal information,” Gwin said. “Almost 100 people applied. I feel horrible about this. These people were really excited about this ‘opportunity’.”

Erica Siegel was particularly excited about the possibility of working in a creative director role she interviewed for at the fake Geosyntec. Siegel said her specialty — helping wealthy people develop their own personal brands — has been in low demand throughout the pandemic, so she’s applied to dozens of jobs and freelance gigs over the past few months.

On Monday, someone claiming to work with Gwin contacted Siegel and asked her to set up an online interview with Geosyntec. Siegel said the “recruiter” sent her a list of screening questions that all seemed relevant to the position being advertised.

Siegel said that within about an hour of submitting her answers, she received a reply saying the company’s board had unanimously approved her as a new hire, with an incredibly generous salary considering she had to do next to no work to get a job she could do from home.

Worried that her potential new dream job might be too-good-to-be-true, she sent the recruiter a list of her own questions that she had about the role and its position within the company.

But the recruiter completely ignored Siegel’s follow-up questions, instead sending a reply that urged her to get in touch with a contact in human resources to immediately begin the process of formalizing her employment. Which of course involves handing over one’s personal (driver’s license info) and financial details for direct deposit.

Multiple things about this job offer didn’t smell right to Siegel.

“I usually have six or seven interviews before getting a job,” Siegel said. “Hardly ever in my lifetime have I seen a role that flexible, completely remote and paid the kind of money I would ask for. You never get all three of those things.”

So she called her dad, an environmental attorney who happens to know and have worked with people at the real Geosyntec Consultants. Then she got in touch with the real Troy Gwin, who confirmed her suspicions that the whole thing was a scam.

“Even after the real Troy said they’d gotten these [LinkedIn] ads shut down, this guy was still emailing me asking for my HR information,” Siegel said. “So my dad said, ‘Troll him back, and tell him you want a signing bonus via money order.’ I was like, okay, what’s the worst that could happen? I never heard from him again.”

HOW TO SPOT A JOB SCAM

In late April, the FBI warned that technology is making these scams easier and more lucrative for fraudsters, who are particularly fond of impersonating recruiters.

“Fake Job or Employment Scams occur when criminal actors deceive victims into believing they have a job or a potential job,” the FBI warned. “Criminals leverage their position as “employers” to persuade victims to provide them with personally identifiable information (PII), become unwitting money mules, or to send them money.”

Last year, some 16,012 people reported being victims of employment scams with losses totaling more than $59 million, according to the FBI’s Internet Crime Complaint Center (IC3). But the real losses each year from employment scams are likely far higher; as the Justice Department often points out, relatively few victims of these crimes report the matter to the IC3.

LinkedIn said its platform uses automated and manual defenses to detect and address fake accounts or fraudulent payments.

“Any accounts or job posts that violate our policies are blocked from the site,” LinkedIn said in response to a request for comment. “The majority of fake job postings are stopped before going live on our site, and for those job postings that aren’t, whenever we find fake posts, we work to remove it quickly.”

LinkedIn’s most recent transparency report says these automated defenses block or automatically remove 98.4% of the fake accounts. But the scam that ensnared Gwin and Siegel is more of a hybrid, in that the majority of it operates outside of LinkedIn’s control via email services like Gmail and Yahoo.

This, by the way, should be a major red flag for anyone searching for a job, says the FBI: “Potential employers contact victims through non-company email domains and teleconference applications.”

Here are some other telltale signs of a job scam, as per the FBI:

-Interviews are not conducted in-person or through a secure video call.
-Potential employers contact victims through non-company email domains and teleconference applications.
-Potential employers require employees to purchase start-up equipment from the company.
-Potential employers require employees to pay upfront for background investigations or screenings.
-Potential employers request credit card information.
-Potential employers send an employment contract to physically sign asking for PII.
-Job postings appear on job boards, but not on the companies’ websites.
-Recruiters or managers do not have profiles on the job board, or the profiles do not seem to fit their roles.

Esper raises $30M Series B for its IoT DevOps platform

There may be billions of IoT devices in use today, but the tooling around building (and updating) the software for them still leaves a lot to be desired. Esper, which today announced that it has raised a $30 million Series B round, builds the tools to enable developers and engineers to deploy and manage fleets of Android-based edge devices. The round was led by Scale Venture Partners, with participation from Madrona Venture Group, Root Ventures, Ubiquity Ventures and Haystack.

The company argues that there are thousands of device manufacturers who are building these kinds of devices on Android alone, but that scaling and managing these deployments comes with a lot of challenges. The core idea here is that Esper brings to device development the DevOps experience that software developers now expect. The company argues that its tools allow companies to forgo building their own internal DevOps teams and instead use its tooling to scale their Android-based IoT fleets for use cases that range from digital signage and kiosks to custom solutions in healthcare, retail, logistics and more.

“The pandemic has transformed industries like connected fitness, digital health, hospitality, and food delivery, further accelerating the adoption of intelligent edge devices. But with each new use case, better software automation is required,” said Yadhu Gopalan, CEO and co-founder at Esper. “Esper’s mature cloud infrastructure incorporates the functionality cloud developers have come to expect, re-imagined for devices.”

Image Credits: Esper

Mobile device management (MDM) isn’t exactly a new thing, but the Esper team argues that these tools weren’t created for this kind of use case. “MDMs are the solution now in the market. They are made for devices being brought into an environment,” Gopalan said. “The DNA of these solutions is rooted in protecting the enterprise and to deploy applications to them in the network. Our customers are sending devices out into the wild. It’s an entirely different use case and model.”

To address these challenges, Esper offers a range of tools and services that includes a full development stack for developers, cloud-based services for device management and hardware emulators to get started with building custom devices.

“Esper helped us launch our Fusion-connected fitness offering on three different types of hardware in less than six months,” said Chris Merli, founder at Inspire Fitness. “Their full stack connected fitness Android platform helped us test our application on different hardware platforms, configure all our devices over the cloud, and manage our fleet exactly to our specifications. They gave us speed, Android expertise, and trust that our application would provide a delightful experience for our customers.”

The company also offers solutions for running Android on older x86 Windows devices to extend the life of this hardware, too.

“We spent about a year and a half on building out the infrastructure,” said Gopalan. “Definitely. That’s the hard part and that’s really creating a reliable, robust mechanism where customers can trust that the bits will flow to the devices. And you can also roll back if you need to.”

Esper is working with hardware partners to launch devices that come with built-in Esper-support from the get-go.

Esper says it saw 70x revenue growth in the last year, an 8x growth in paying customers and a 15x growth in devices running Esper. Since we don’t know the baseline, those numbers are meaningless, but the investors clearly believe that Esper is on to something. Current customers include the likes of CloudKitchens, Spire Health, Intelity, Ordermark, Inspire Fitness, RomTech and Uber.

Forecast nabs $19M for its AI-based approach to project management and resource planning

Project management has long been a people-led aspect of the workplace, but that has slowly been changing. Trends in automation, big data and AI have not only ushered in a new wave of project management applications, but they have led to a stronger culture of people willing to use them. Today, one of the startups building a platform for the next generation of project management is announcing some funding — a sign of the traction it’s getting in the market.

Forecast, a platform and startup of the same name that uses AI to help with project management and resource planning — put simply, it uses artificial intelligence to both “read” and integrate data from different enterprise applications in order to build a bigger picture of the project and potential outcomes — has raised $19 million to continue building out its business.

The company plans to use some of the funding to expand to the U.S., and some to continue building out its platform and business, headquartered in London with a development office also in Copenhagen.

This funding, a Series A, comes less than a year after the startup’s commercial launch, and it was led by Balderton Capital, with previous investors Crane Ventures Partners, SEED Capital and Heartcore also participating.

Forecast closed a seed round in November 2019 and then launched just as the pandemic was kicking off. It was a time when some projects were indeed put on ice, but others that went ahead did so with more caution on all sorts of fronts — financial, organizational and technical. It turned out to be a “right place, right time” moment for Forecast, a tool that plays directly into providing a technical platform to manage all of that in a better way, and it tripled revenues during the year. Its customers include the likes of the NHS, the Red Cross, Etain and more. It says over 150,000 projects have been created and run through its platform to date.

Project management — the process of planning what you need to do, assigning resources to the task and tracking how well all of that actually goes to plan — has long been stuck between a rock and a hard place in the world of work.

It can be essential to getting things done, especially when there are multiple departments or stakeholders involved; yet it’s forever an inexact science that often does not reflect all the complexities of an actual project, and therefore may not be as useful as it could or should be.

This was a predicament that founder and CEO Dennis Kayser knew all too well, having been an engineer and technical lead on a number of big projects himself. His pedigree is an interesting one: One of his early jobs was as a developer at Varien, where he built the first version of Magento. (The company was eventually rebranded as Magento and then acquired by eBay, then spun out, then acquired again, this time by Adobe for nearly $1.7 billion, and is now a huge player in the world of e-commerce tools.) He also spent years as a consultant at IBM, where among other things he helped build and formulate the first versions of ikea.com.

In those and other projects, he saw the pitfalls of project management not done right — not just in terms of having the right people on a project at the right time, but the resource planning needed, better calculations of financial outcomes in the event of a decision going one way or the other, and so on.

He didn’t say this outright, but I’m sure one of the points of contention was the fact that the first ikea.com site didn’t actually have any e-commerce in it, just a virtual window display of sorts. That was because Ikea wanted to keep people shopping in its stores, away from the efficiency of just buying the one thing you actually need and not the 10 you do not. Yes, there are plenty of ways now of recirculating people to buy more when you select one item for a shopping cart — something the likes of Amazon has totally mastered — but this was years ago when there was still even more opportunities for innovation than there are now. All of this is to say that you might very reasonably argue that had there been better project managing and resource planning tools to give forecasts of potential outcomes of one or another route taken, people advocating for a different approach could have made their case better. And maybe Ikea would have jumped on board with digital commerce far sooner than it did.

“Typically you get a lot of spreadsheets, people scattered across different tools that include accounting, CRM, Gitlab and more,” Kayser said.

That became the impetus for trying to build something that can take all of that into account and make a project management tool that — rather than just being a way of accounting to a higher-up, or reflecting only what someone can be bothered to update in the system — something that can help a team.

“Connecting everything into our engine, we leverage data to understand what they are working on and what is the right thing to be working on, what the finances are looking like,” he continued. “So if you work in product, you can plan out who is where, and what resourcing you need, what kind of people and skills you require.” This is a more dynamic progression of some of the other newer tools that are being used for project management today, targeting, in his words, “people who graduate from Monday and Asana who need something more robust, either because they have too many people working on a project or because it’s too complicated, there is just too much stuff to handle.”

More legacy tools he said that are used include Oracle “to some degree” and Mavenlink, which he describes as possibly Forecast’s closest competitor, “but its platform is aging.”

Currently the Forecast platform has some 26 integrations of popular tools used for projects to produce its insights and intelligence, including Salesforce, Gitlab, Google Calendar, and, as it happens, Asana. But given how fragmented the market is, and the signals one might gain from any number of other resources and apps, I suspect that this list will grow as and when its customers need more supported, or Forecast works out what can be gleaned from different places to paint an even more accurate picture.

The result may not ever replace an actual human project manager, but certainly starts to then look like a “digital twin” (a phrase I have been hearing more and more these days) that will definitely help that person, and the rest of the team, work in a smarter way.

“We are really excited to be an early investor in Forecast,” said James Wise, a partner at Balderton Capital, in a statement. “We share their belief that the next generation of SaaS products will be more than just collaboration tools, but use machine learning to actively solve problems for their users. The feedback we got from Forecast’s customers was quite incredible, both in their praise for the platform and in how much of a difference it had already made to their operations. We look forward to supporting the company to scale this impact going forward.”