It’s well understood that many network breaches begin with phishing emails designed to trick users into giving hackers their credentials. They don’t even have to work to find a vulnerability, they can just waltz in the front door. Elevate Security, a San Francisco startup, wants to change that by helping employees understand phishing attacks better using behavioral techniques. Today, the company announced an $8 million Series A round to build on this idea.
The investment was led by Defy Partners. Existing investor Costanoa Ventures also participated. Today’s round brings the total raised to $10 million, according to the company.
What has the company created to warrant this investment? “We have a solution that motivates, measures and rewards employees to change their security habits, while at the same time giving security teams unprecedented visibility into the security habits and actions of their employees,” co-founder Masha Sedova told TechCrunch.
Specifically, the company has built a Security Behavior platform. “Our platform pulls in data sets that allow employees or security teams to see where the strengths and weaknesses of their organization lie, and then apply a suite of solutions that are rooted in behavioral science that helps them change behavior,” she explained.
Sedova and co-founder Robert Fly started working on this problem when both were part of the Salesforce security team. They began working with the idea of gamifying security to teach employees and customers how to be more security aware.
When Fly’s team at Salesforce dug into the root of security problems, it found that it was often simply human error. He said it wasn’t malicious on the employee’s part, but they had jobs to do, and expected the security team to handle these issues. He realized that shifting employees to become more security aware was as much a behavioral psychology problem as a technology one and the roots of Elevate began to take shape.
The first product they built on top of the platform is called Hacker’s Mind, a tool designed to help employees understand how hackers think and operate.
The company launched in 2017 and currently has 15 employees, half of which are women. It also boasts an entirely female board of directors, and the startup plans to continue this trend as it staffs up with the new funding. Its headquarters are in San Francisco, but it just opened an engineering office in Montreal. Current customers include AutoDesk, Exxon and Illumio.