Just as hackers keep coming up with new methods, companies that fight breaches continue to devise new ways of fighting back, with one of the latest coming from CEO Ellison Anne Williams’ Enveil.
Enveil’s core technology was developed at the National Security Agency (NSA) and then built out in the private sector by a team with backgrounds in mathematics, algorithmics, and machine learning.
The company is unlike any other cybersecurity firm, Williams told FierceCEO. “We ensure data remains encrypted throughout the entire processing lifecycle, allowing organizations to achieve previously impossible levels of data security.”
Enveil does this by focusing completely on the use of data, while others focus on at-rest or in-transit data, Williams said. Enveil’s is a better approach because the latter two are exposed to being unencrypted during processing, Williams said.
The one-and-a-half-year-old company works with financial and healthcare companies as well as those in the data aggregator space. Enveil is venture capital-backed and mixes Williams’ love of mathematics with her family background. “I come from a long line of entrepreneurs and was the first technical person in my family,” she said. “I went and got a Ph.D. in mathematics because I felt it was a fun thing to do.”
Williams went on to work at the NSA for 12 years as an applied research mathematician before starting Enveil. She says the biggest cyber challenge today “is the unknown; with so many unique attack surfaces, it’s impossible to know what the next vulnerability will be. Instead of taking proactive measures, much of the industry revolves around patching and playing catch-up.”
There was “a great example of a new attack surface exposure last month with the announcements surrounding the chip flaws,” Williams said. “Who would have thought, in the commercial world, that we had such a broad and serious memory vulnerability across the Intel chipset, which is everywhere? And if that’s the case, what’s coming down the pike next?”
As for the prevalence of breaches, “It’s challenging to know,” Williams said. “State laws vary in terms of what constitutes a breach, requirements for notice, and exemptions. Many groups that compile such statistics reported that 2017, which included massive breaches reported by Equifax, Yahoo, and Uber among others, represented a significant increase over 2016. So, it’s fair to say that breaches are far more prevalent than we, as consumers, would like.”
Most of the large-scale reported breaches involve “exposure of personally identifiable information—credit card information, Social Security numbers and usernames—as it tends to have the largest potential impact on consumers,” Williams said.
As for ways companies can avoid breaches, “It is critical they protect against any attack surface in the processing of data,” Williams said. “There are a lot of security flaws—both known and unknown—that are very serious.”
Cyberattacks, Williams said, are becoming more routine. “It’s becoming easier for attackers to get into systems and infiltrate what they want to infiltrate.”
Fast Five with Ellison Anne Williams, Ph.D.
When did you know you wanted to be a CEO?
From the time I was a little girl, I dreamed about being the CEO of a company.
What is the single most important trait of a leader?
Integrity. It’s extremely important to do what you say you are going to do.
What is a key way to drive revenue?
Creativity. Listening to what people’s problems are and thinking very creatively about the solutions to those problems. Also, thinking of problems that haven’t come up yet.
What’s an effective way to motivate employees?
Empowering them to make their own decisions and have their voices heard.
How important is company culture?
Extremely, because it is the key to a company’s success.