Berlin’s Trifense, an EIT Entrepreneurship Award winner, takes a new approach to Internet security – and starts to gain traction in the market.
In the global battle against cybercrime, the smartest minds have not figured out how to prevent new attacks– yet. Professional hackers and criminals with economic or political motives routinely outmanoeuvre cutting-edge computer security systems, plundering the data of multinational companies and government offices, and wreaking havoc with everything from bank accounts to nuclear power plants. These attacks, plus employee negligence and hardware failures, cost companies and organisations an average €2.6 million a year, according to a 2010 study by the Ponemon Institute. But what if computers could learn to detect anomalous activity instantly and block an attack? Three computer scientists from Germany have developed network security software that aims to do just that. The two-year-old company, Trifense, is bringing its first set of software tools to market after a combined 15 man-years of research.
Co-founders Patrick Düssel, Christian Gehl and René Gerstenberger all studied computer science at the University of Potsdam, then worked together on a government-funded research project in machine learning at the Fraunhofer Institute in Berlin. In 2010, eager to build a start-up based on their research, they moved to the Technical University of Berlin. Initially, the three had hoped to build their own hardware and sell directly to end users. Talks with investors, however, highlighted the difficulty of raising enough money to bring their products to market directly, so they shifted their strategy to partnering with other cyber-security companies.
Above: Team Trifense (from left): Klaus-Robert Müller, mentor,
Christian Gehl, Konrad Rieck, Patrick Düssel and René Gerstenberger
Trifense’s self-learning technology focuses on monitoring incoming data known as “network packet payloads”. Its software enables computers to “learn” to distinguish normal network functioning from unusual activity that would signal an attack. By detecting deviations from the learned models, the software can recognise unknown cyber-threats entangled with the payloads.
“This is a significant advantage over traditional network security solutions such as firewalls or signature-based systems,” says Düssel, Trifense managing director. The main difference between Trifense’s technology and existing security systems is that it does not rely on any kind of pre-written description of the attack to spot the trouble coming.
A spin-off from the Technical University of Berlin, Trifense has patents pending and this year won the European Institute of Innovation and Technology (EIT) Entrepreneurship Award in the field of information and communications technology (ICT). It also won a German government award for innovative ICT companies in 2010. Düssel and his co-founders aim to stake out a globally dominant position in self-learning network security software that protects companies against new and unknown threats before they do damage.
It’s a growth industry: Frost & Sullivan’s 2010 report, World Unified Threat Management (UTM) Products Market, estimates the global market for network security software in 2012 at €2.9 billion and the sector is forecast to grow 20 per cent a year, reaching €5.3 billion by 2016. According to a recent cybercrime study by McAfee, Intel’s security technology subsidiary, the annual financial losses from data breaches and intellectual property theft recently reached a trillion dollars globally.
In May 2011, the Berlin spin-out secured its first technology partner, Astaro, an international network-security supplier based in Germany, which is now integrating Trifense technology into its own products. “This cooperation is a big opportunity for us right now. It gives us hope that we’ll make it,” says Düssel. Thanks to a German government-funded accelerator programme which provides start-ups mentoring and advisory services, Trifense has benefited from office space in Silicon Valley as well as introductions to American companies, the world’s largest customers for IT security. “All the main players [in security software] are in Silicon Valley,” says Trifense Chief Technology Officer Gehl, who has extended his stay to six months this year. “Large German companies are not used to talking to start-ups. US companies are more open to adopting new technologies. They have a different mentality. It’s very important to be in Silicon Valley at this stage in the company’s growth.”
Trifense is already exploring the possibility of setting up US operations by talking with strategic partners, prospective customers and venture investors. The company, which received €200,000 in German start-up funding, is seeking to raise up to €750,000 in seed capital by the end of 2012. American customers can give an unknown European tech company instant global credibility. Trifense has gotten a start: it is discussing a pilot project of its technology with a US financial services giant. The challenge ahead is building up a portfolio of products and testing them with customers in the market. “We want to develop a set of innovative security products with self-learning at their core,” Düssel says. “You need to invest a lot of money to implement. This is hardcore mathematical work.” But if he and his team can create new ways to fight cyberattacks, they can do the hardcore financing too.
This article was originally published in Issue 10 of the Futures Magazine.