Innovating AI for Cyber Threat Intelligence
“IBM Hyper Protect provides us with industry-leading security and data privacy. It means that we can feel comfortable going out to our customers and saying, ‘Hey, you can trust us with your data.’ It’s as close to the Fort Knox of industry standards that you can get right now.”
In the world of cybersecurity, there are risks that you know, risks that you don’t know, and even risks that “you don’t know that you don’t know,” or the “unknown unknown.” It’s that last category where Syra Marshall thinks she can help Chief Information Security Officers (CISOs) the most. Syra is the Chief Technology Officer (CTO) and Co-founder of the UK-based cybersecurity start-up Elemendar, where her mission is to bring Artificial Intelligence (AI) to bear on Cyber Management and Strategy, with a threat-focused approach, so that CISOs can make more informed security decisions. Specifically, Elemendar’s groundbreaking technology is designed to help CISOs understand what’s really behind their security risks to identify which security controls will mitigate relevant threats.
Syra has always been fascinated by technology, both for its own sake and for the good it can do when used responsibly. She graduated from Cambridge University in Mathematics, finding herself navigating the choppy waters of the job market at a difficult time for graduates. The eventual answer was the world of startups, beginning with an events search engine.
Read moreShe feels lucky that each startup she co-founded, or was involved in, did well enough and provided her with enough learning to keep trying new things, leading as CTO in each case. Her startup journey spanned crypto, to crowdsourced strategic insight, to search, and eventually to Elemendar, which she co-founded with Giorgos Georgopoulos at the first NCSC (National Cyber Security Centre, UK) for Startups Accelerator in the UK in 2017.
One of the frustrations Syra finds within the technology industry is the shortage of female executive role models in engineering, particularly at the CTO level. As a result, Syra aspires to be a high-visibility female CTO role model for other women in technology who are seeking to advance their careers in a largely male-dominated industry. She mentors other women in technology to help them along their career journeys and encourages them to seek out organizations that demonstrate diversity within their engineering workforce.
The inspiration for Elemendar came from meetings at the first NCSC for Startups Accelerator in Cheltenham, UK. Syra recalls attending a meeting with her co-founder, Giorgos Georgopoulos, and sharing an aha moment with him as they heard others describe their security problems. “We’ve got far too many reports that no one has time to read,” she remembers hearing. “We need to be able to bring these things together and actually know what we know.” That conversation was the catalyst for the work that Syra and Giorgos set into motion with Elemendar.
The golden thread from threat to riskThe use of threat intelligence to identify and stop threat actors is well established in the security industry, yet the existence of this intelligence doesn’t necessarily lead to CISOs making smarter decisions. One of the big challenges security teams face is operationalizing threat intelligence to make it broadly actionable. For example, a CISO may know that they have a risk score of eighty-five percent, but not fully understand how they arrived at that score. “We make it so that you know why it’s that,” Syra says of Elemendar’s solution. “You can dig down if you need to, as well as elevate to report upwards. You can actually understand why and pass that information down to the people who work for you who need to be making those decisions.”
Syra compares her company’s AI-based technology to the pulling through of a golden thread. “We’ve got certain individual components which are incredibly complex,” she explains, “but what matters when it comes to data engineering and architecture is pulling all of those things together—what we like to call the golden thread.” By pulling this thread through various data sources, Elemendar’s technology can bring everything together and then feed it through industry-standard security controls (e.g. NIST, MITRE ATT&CK®) to create a picture of threat intelligence which can be both easily understood and explained to stakeholders.
IBM’s security reputation opens doorsSecurity solution providers are naturally held to high standards of security themselves—even more so when the company in question is new to the market. For Elemendar, leveraging their relationship with IBM has opened doors that might otherwise have been closed to a startup. As part of the IBM Hyper Protect Accelerator, Elemendar has made extensive use of IBM Hyper Protect, which is used to protect workloads and provide cryptographic services. IBM Hyper Protect Virtual Servers isolate applications to ensure Elemendar’s “golden thread” is not vulnerable while the data is in use. “IBM Hyper Protect provides us with industry-leading security and data privacy,” Syra says. “It means that we can feel comfortable going out to our customers and saying, ‘Hey, you can trust us with your data.’ It’s as close to the Fort Knox of industry standards that you can get right now.”
IBM Hyper Protect plays a critical role in protecting the data that Elemendar’s technology collects and processes, and that role extends to the encryption keys that protect that data, even when those keys are distributed across multiple cloud instances. IBM Hyper Protect Crypto Services act as a unified view of the company’s entire cryptographic operations; its Keep-Your-Own-Key capability ensures that no one, not even IBM’s own cloud engineers, can access the keys stored in Elemendar’s secure vaults. With IBM Hyper Protect, “we know that our customer’s data is as safe as it can be,” Syra says. “And, most importantly, our customers know it.”
Daring to dream with IBMMore than simply a security partner, Syra Marshall views IBM as a critical business partner, now and in the future. Through the IBM Hyper Protect Accelerator program, Syra and the Elemendar leadership team are building valuable relationships from their interactions with IBM and its customers. “The level of support and warmth that I’ve experienced from IBM wasn’t something I was expecting from such a large company,” Syra says. “The people at IBM are actually really interested in what we’re doing. They can see that this could be something which provides customers with a richer and better cybersecurity experience.”
For Elemendar, the next steps will determine their future. Recently, they appointed a new CEO, Lior Arbel, who brings a wealth of experience in cybersecurity, a proven track record of fostering innovation, and a deep commitment to driving growth. Elemendar is launching its new product with beta customers ready to engage. From there, the focus will be on leveraging large-language models to accelerate insights (an area where IBM’s watsonx excels), growing Elemendar’s customer base and ensuring that their solution can scale to meet the demands of that growth. Syra is excited about her plans working closely with IBM. “IBM has a huge suite of cybersecurity and AI tools that they offer to help their clients,” she points out. “It is an absolute dream for us to be able to work closely with IBM.”
What will you design and build with IBM Z?