How do organisations protect themselves against the cyber crime wave currently engulfing the world? Cyber incidents such as ransomware attacks, data breaches and IT outages collectively represent the risk that global business leaders now worry about more than any other, according to research conducted by the insurer Allianz Commercial.
“For many companies, cyber risk, exacerbated by the rapid development of artificial intelligence (AI) is the big risk over-riding everything else,” says Rishi Baviskar, global head of cyber risk consulting at Allianz Commercial. “Concern is widening worldwide: cyber is the top risk across North and South America, in Europe and Africa, and comes out on top in 20 countries in both developed and emerging economies.”
The only answer, argues Mahdi Abdulrazak, co-founder and CEO of the Dutch start-up Dawnguard, is to take a different approach to cyber security. “Our industry treats security as a checkbox; it’s broken,” he says. “Security needs to be part of the system’s DNA from the start, not an afterthought.”
In fact, the idea of “security by design” is a well-established concept – the theory is that developers plan new software and systems with security embedded from the start, rather than trying to retrofit protections. For example, the European Union’s recently passed Cyber Resilience Act requires manufacturers to implement security throughout the lifecycle of new products.
However, Dawnguard argues that its platform represents an advance on this principle. The company, which is today announcing a $3 million pre-seed financing round, has developed an AI-enabled automation platform to help developers turn the theory of security by design into practice. It incorporates a range of tools that enable developers to ensure new systems meet key security requirements before they’re deployed – and to continue monitoring and updating systems once they’re in the field to keep them secure.
Abdulrazak himself has an interesting background: a refugee who started out as a hacker – “to understand how things worked” – he has spent the last three decades in the cyber security sector, including as group information security and risk officer at SHV Energy. His co-founder at Dawnguard is Kim van Lavieren, a former Royal Netherlands Navy offensive security specialist who has also served in roles at organisations including Amazon.
“Cyber security is a source of huge frustration and delay for product development teams at many organisations,” argues van Lavieren. “They need a way to implement better quality security more cheaply as they scale.”
Chris Corbishley, managing partner of venture capital investor 9900 Capital, which is leading today’s seed round for Dawnguard, argues that in responding to that need, the business is opening a new category in the cyber security market.
“Hundreds of security tools overwhelm chief information security officers (CISOs) with promises of better detection, yet few tackle the root issue: design flaws in code that AI-driven threats exploit,” Corbishley says. “As attacks grow smarter, defences must shift left, embedding resilience at the codebase; Dawnguard builds protection by design, not patch by necessity.”
Dimitri van Zantvliet, CISO at Dutch Railways – and an angel investor in Dawnguard – is also a fan of the business. “They’re rewriting the DNA of cybersecurity – in a world addicted to patching symptoms, they’ve chosen to re-engineer the root,” he says of the founders.
It’s an interesting idea. Dawnguard is one of a growing number of companies – including rivals such as Clover and Prime Security – that see AI as providing the key to securing better protection from bad actors. It’s certainly protection that is very much needed in today’s enhanced threat landscape.
