Everything is going digital these days, from running your home to driving your car. We ask Google, command Siri, watch Netflix, order DoorDash and post the result on Instagram. It is only natural that cybersecurity has risen as a paramount concern. The prevalence of cyber attacks has surged. High-profile hacks continue to feature in the news almost daily with the alleged Chinese hack that compromised US government email accounts and the continual breach of various corporate systems.
Estée Lauder, a renowned global cosmetics company recently fell victim to a significant cybersecurity breach. On July 18th, the company revealed that unauthorized third parties had accessed some of their systems and obtained data. The exact scope of the compromised data remains uncertain as Estée Lauder continues to investigate the incident with assistance from external cybersecurity experts.
This event demonstrates the rapidly increasing prevalence of cybersecurity breaches. Notably, two prominent cybercrime groups, the Cl0p and BlackCat/Alphv ransomware gangs, have claimed responsibility for the attack. Cl0p alleges to have stolen over 130 gigabytes of information through the MOVEit hack, affecting more than 300 organizations globally.
BlackCat/Alphv, on the other hand, asserted they still had access to Estée Lauder’s systems even after cybersecurity giants Microsoft and Mandiant were engaged for incident response. The group threatened to disclose more stolen information if the company did not respond.
This incident underscores the severity of modern cyber threats, emphasizing the importance of robust cybersecurity measures for both corporations and governments as ransomware attacks have become far more sophisticated. Instead of merely locking information systems and demanding a ransom for control, many attackers are now focusing on data theft and exploitation, a trend that has put both corporations and governments on high alert and the problem is only getting worse.
In Canada, Sami Khoury, head of the Canadian Centre for Cyber Security, noted a sharp increase in ransomware attacks, marking cybercrime as the number one cybersecurity threat the country faces. Even big names such as Microsoft, Indigo, Sobeys, Suncor Energy Inc., and Toronto’s Hospital for Sick Children have fallen victim to such attacks in the past year. The threat is real, it’s growing, and we can’t afford to ignore it.
Amid these growing challenges, companies like Plurilock Security (PLUR.V) are stepping up to play an instrumental role in the battle against cybersecurity threats. Our recent conversation with Ian Paterson, CEO of Plurilock, provided valuable insights into how the company is navigating these waters.
The rapid advancement and widespread use of AI technologies like OpenAI’s ChatGPT present a new frontier for cybersecurity threats. By nature, AI-based systems like ChatGPT rely on vast amounts of data to operate effectively, often collected from numerous users interacting with the platform. This opens the door for misuse by malicious actors who may exploit these systems for unauthorized data access.
Recent research by Cyberhaven highlights an alarming statistic: over a single week in 2023, employees at an average 100,000-person company entered confidential business data into ChatGPT 199 times. This stems from a lack of proper security training, with many users not understanding that the data they input into ChatGPT, while helping the system learn and improve, may also inadvertently expose sensitive information. A hypothetical scenario paints a clear picture: an executive using ChatGPT to generate PowerPoint slides from an internal strategy document, unknowingly exposing proprietary information to potential queries from outside sources.
Cybersecurity threats have also arisen from threat actors manipulating ChatGPT and similar AI technologies to generate malicious code, bypassing the built-in safety checks. In a more direct assault, OpenAI confirmed a data breach in ChatGPT caused by a vulnerability in its open-source library, leading to visibility into users’ chat histories and even payment information for some.
In this rapidly evolving landscape of cybersecurity threats, companies like Plurilock Security are leading the charge in providing innovative solutions. Plurilock’s Prompt Guard is a unique tool that can be instrumental in mitigating the risks associated with AI-based systems like ChatGPT.
“Now, the challenge is basically all businesses have sensitive data in one form or another. Some of them have more than others. So in healthcare, you have regulated data, you have PHI personal health information. Most businesses will have PII, personally identifiable information. So name, credit card number, email address, phone number. It could just be your customers, but it also could be your employees. So we’re seeing a lot of use cases in HR departments where, hey, I’ve got three complaints against Joe. I need to write a reprimand letter, copy paste into Chat GPT. Great. Now, Chat GPT knows that Joe had some complaints, and so we want to still enable that use case. And we sit as a firewall in between Chat GPT and the company to say, pass the safe data, but put some guardrails in place to help customers, help end users be able to use it safely.” – Ian Paterson, CEO of Plurilock
PromptGuard’s operational mechanism is threefold:
1. Identification of sensitive data items present in the prompts.
2. Prior to sending the prompt to the AI platform, PromptGuard ensures these sensitive data items are anonymized or redacted.
3. Upon receipt of the AI response, the tool deciphers or unredacts these data items before they are made visible to the user.
This approach allows staff to maintain ongoing, productive interactions with generative AI systems while avoiding the leakage of sensitive data. It does this without impeding the user experience or obstructing workflows.
The unique capability of PromptGuard to shield confidential data from AI systems, while keeping it accessible for the user, provides the much-needed protective barrier for both businesses and government agencies in their interaction with AI systems.
As the use of AI technologies continues to expand, so too does the need for robust cybersecurity measures. By integrating solutions like Plurilock’s Prompt Guard, companies can provide their employees with powerful AI tools like ChatGPT while maintaining the highest level of data security and privacy.
Speaking of which, Plurilock is perfectly positioned for the AI revolution as the Canadian company was formed on artificial intelligence using white-paper-writing PhD data scientists to develop its tech. While countless others claim AI with the creation of a “lab” and PR campaigns, Plurilock has actually implemented its tech, brought on tier one clients in the military, government and Fortune 500 companies. It’s frictionless authentication is ground-breaking and the best solution for network authentication and safety in our post-password age.
Therefore it is no surprise that the AI cybersecurity firm has witnessed substantial growth since it went public in September 2020. Focusing on a mergers and acquisitions strategy rather than building distribution from scratch, the company has managed to grow their annual revenue from under half a million dollars in 2020 to an impressive $64 million CAD last year. This makes the company’s current market cap of $15.09 million seem outrageously out of whack with its performance.
Despite the economic hurdles and the market still out to lunch on the company’s true value, Plurilock has remained resilient, ensuring their commitment to providing robust cybersecurity solutions is unwavering. Paterson acknowledged the challenges they faced but emphasized them as opportunities for growth.
One of the challenges facing Plurilock, as revealed by CEO Ian Paterson, stems from its commitment to research and development (R&D). The company’s significant investment in R&D, while seen by some as a cost burden, is a key aspect of Plurilock’s strategy and capacity to deliver innovative solutions. This enables them to swiftly respond to emerging cybersecurity threats, providing their customers with the tools they need to stay safe in the rapidly-evolving digital world.
The ability to maintain this robust R&D team, staffed by the aforementioned credentialed PhD data scientists, comes at a financial cost, leading to criticism by some market observers who don’t understand the need. However, Paterson sees this not as a liability but an opportunity. The team’s ability to respond to customer concerns and develop new solutions based on direct interactions is a significant advantage in an industry where threats are constantly evolving.
Moreover, this proactive R&D approach aligns perfectly with their acquisition strategy – buying up cybersecurity solution providers with excellent customer relationships. The combination of strong customer relationships and an empowered R&D team enables Plurilock to remain agile, responsive, and continually ahead of the curve.
Paterson likens the current atmosphere in AI to a gold rush, filled with immense opportunity but also significant risks. In this landscape, Plurilock is not just providing the tools (picks and shovels) but also the necessary safety measures (safety dusts) that enable businesses to navigate this new terrain securely and confidently. Despite the presence of other players, such as Palantir, Paterson is confident that Plurilock holds a unique and strong position in addressing these cybersecurity challenges.
Going forward, Plurilock is set to introduce its early access program for their Prompt Guard product. Paterson encouraged businesses and executives struggling with AI integration to learn from Plurilock’s expertise and experience.
In a world where cyber threats are rampant, companies like Plurilock stand at the forefront of the battle. Their commitment to growth, innovation, and customer service make them a beacon of resilience in the cybersecurity landscape. As a key player in the tech industry, they are indeed a company to watch. For those interested in investing, Plurilock is listed under the ticker symbol ‘PLUR’. Stay tuned as we keep you updated on their developments in the exciting and ever-evolving world of cybersecurity.
*Full disclosure: Plurilock Security is an Equity.Guru marketing client.