New Startups Focus on Deepfakes, Data-in-Motion & Model Security

COMMENTARY

In 2024, early growth startups found capital hard to come by, yet venture capitalists couldn't help but invest in emerging data and AI security. Solutions tackling data-in-motion and application data flows were a heavy focus. And there was a mad scramble to solve deepfakes and disinformation.

It was the year of deepfake awareness. Global governments were on high alert during election time, and even Wiz was touched by a failed deepfake attack. Yet the most disturbing news involved a conference call of synthetic co-workers, including a deepfake chief financial officer (CFO) who tricked a Hong Kong financial analyst into wiring $25 million. 

Imperceptible impersonation attacks are not difficult to generate these days. Real-time face swapping tools have proliferated on GitHub, such as Deep-Live-Cam and DeepFaceLive. Synthetic voice tools, like Descript and ElevenLabs, are also readily available.

In years past, monitoring human audio and video has fallen under the purview of insider threat and physical security. Now SecOps will deploy tech to monitor conference calls using startups like Validia and RealityDefender. These identity assurance solutions put participants through models looking for indicators of liveness, and provide confidence scores.

Governmental threat intelligence spans state-sponsored disinformation and narrative attacks as part of their broader information warfare operations. In the corporate space, monitoring brand reputation and disinformation traditionally has fallen under the legal and PR comms departments. Yet in 2024 there were signs of a shift.

New disinformation and narrative attacks not only destroy brands but have attempted to frame executives for Securities and Exchange Commission (SEC) violations, as well as incite violence after the recent United Healthcare assassination. Ignoring them could mean executive jail time or worse.

There's a belief in the startup community that boards of directors will want a single unified view of these threats. Threat intelligence that spans cybersecurity exfil, insider threats, impersonation, and broader information warfare. In the future, the chief information security officer’s (CISO’s) threat intel teams may find  their scope expanded with startups like Blackbird.AI, Alethea, or Logically.

Data security was another notable focus within the early growth startup world in 2024.

Model Data Leakage Is the Problem of the Decade

Models can be thought of as databases that are conversationally queried in English, and that store what was learned from Internet-sized chunks of unstructured text, audio, and video. Their neural network format doesn't get enough credit for density, storing immense data, and intelligence in models that may even fit on devices. 

The impending rollout of agentic AI, which produces agents that click UIs and operate tools, will only expand on-device model deployment. Agentic AI may even deploy adaptive models that learn device data. 

It sounds too insecure to adopt. Yet how many organizations will pass up AI's productivity gains?

To add to the complexity, the AI arms race produces groundbreaking foundational models every week. This encourages designing AI native apps that lean toward flexible code architectures — architectures that allow app vendors to swap out models under an organization's nose.

How will companies protect data as it collapses into these knowledge-dense neural nets? It's a data leakage nightmare.

Time to Tackle Data in Motion

A 2024 trend was the startup world's belief that it's time to rebuild cybersecurity for data in motion. Data flows are tackled on two fronts. First, reinventing traditional user and device controls, and second, providing app security under the chief technology officer (CTO). 

Data loss prevention (DLP) has been a must-buy category for compliance purposes. It places controls on the egress channels of users and devices, as well as between data and installed applications, including AI apps. In 2024, investors see DLP as a big opportunity to reinvent. 

At RSA and BlackHat's 2024 startup competitions, DLP startups Harmonic and LeakSignal were named finalists. MIND also received an $11 million seed investment last year.

DLP has traditionally focused on users, devices, and their surrounding network traffic, though one startup is eyeing the non-human identities that today outnumber humans, and are often microservices or apps deployed within Kubernetes. The leaking of secrets by these entities in logfiles has become a growing concern, and LeakSignal is employing cyber mesh concepts to control this data loss channel.

This leads to the CISOs' second data battleground, a data security approach that could govern code and AI development under CTOs. 

Data Security Intersects Application Security

Every company is developing software, and many leverage private data to train proprietary models. In this application world, CISOs need a control plane.

Antimatter and Knostic both appeared as finalists in 2024 RSA and BlackHat startup competitions. They offer privacy vault APIs that, when fully adopted by an organization, enable cybersecurity teams to govern the data that engineers expose to models. 

Startups working on fully homomorphic encryption (FHE) appear in competitions annually, touting this Holy Grail of AI privacy. It's a tech that produces an intermediate but still AI-usable encryption state. FHE's ciphertext remains usable because it maintains entity relationships, and models can use it during both training and inference time to deliver insights without seeing secrets.

Unfortunately, FHE is too computationally expensive and bloated for broad usage. The lack of partial word searching is another notable limitation. That's why we're seeing a privacy trend that delivers FHE as only one approach within a wider blend of encryption and token replacement. 

Startup Skyflow deploys polymorphic technology using FHE when it makes sense, along with lighter forms of encryption and tokenization. This enables handling partial searches, examining the last four digits of IDs, and being performative on devices. It's a blended approach similar to Apple's end-to-end encryption across devices and the cloud.

It's not hyperbole to say these are times of unprecedented change. Here one should note the innovative mindset and attentiveness of startup culture. It makes for a community that all can leverage to understand the world and guard against its dangers.