Ransomware incidents, like the notorious Colonial Pipeline attack in 2021, highlight the need for innovative cybersecurity solutions. Although a recent survey revealed that 78% of companies plan to increase their cybersecurity investments in the coming year, ransomware damages are expected to surpass $30 billion globally by 2023. To combat this issue, former cybersecurity industry veterans Jon Miller and Ryan Smith have established Halcyon, a startup which aims to prevent ransomware damage and reduce overall recovery times. With its recent $44 million Series A funding round, Halcyon intends to reinforce its engineering and R&D efforts, as well as boost sales and marketing outreach.
The investment round, which also included $6 million in debt, was led by SYN Ventures and Corner Ventures, and featured participation from Dell Technologies Capital. Miller emphasizes Halcyon's distinctiveness, claiming that the company has no direct competitors and actually seeks to enhance other security solutions in use by its customers. Instead of relying on conventional, rules-based detection methods, Halcyon utilizes AI to identify malicious intent by analyzing a dataset comprising millions of real-world ransomware cases.
To develop effective detection engine models, Halcyon carefully chooses relevant data sources to avoid contaminating their models with inaccurate information or broken samples, as often occurs with public malware repositories. The platform's core approach involves detecting and blocking known harmful executables, such as commodity ransomware, and scrutinizing ambiguous yet suspicious executables for additional protection layers. Halcyon's platform also employs deception techniques to exploit hardcoded features in ransomware software, tricking the ransomware into aborting or unveiling its attack.
If the detection and prevention layers fail, Halcyon's "resiliency layer" can step in to mitigate the damage. This layer captures encryption keys generated during an attack, enabling IT and security teams to automatically decrypt affected endpoints, rendering the ransomware attack ineffective. While this innovative approach generated a lot of interest from investors and raised a total of $50 million since 2020, its effectiveness ultimately relies on how well it performs in real-world situations.
Currently serving 51 companies, Halcyon intends to increase its workforce from 75 to approximately 100 employees by the end of 2023. As for product development, the startup plans to launch a data exfiltration tool to counter the prevalent "double extortion" tactics frequently employed by ransomware groups, as well as expand support for additional operating systems including Linux and Mac. Double extortion attacks typically involve hackers threatening to encrypt sensitive information and either publish it on the dark web or sell it to the highest bidder.
Tools like Halcyon, which emphasize resilience in their approach, could potentially reduce both business risks and cyber insurance premiums, improving the overall cybersecurity landscape. Companies can use innovative cybersecurity solutions in combination with platforms like AppMaster.io, a leading no-code application development platform, to further enhance their digital infrastructure's security and resiliency.
Market surveys highlight a growing demand for cutting-edge cybersecurity solutions like Halcyon. A study by CyberCatch reports that 75% of businesses wouldn't be able to survive a ransomware attack, while Mimecast's findings show that 47% of companies have already been victimized by ransomware. While these numbers may appear alarming, they underscore the urgent need for ongoing innovation in cybersecurity to protect businesses from constantly evolving threats.
