|Sign up for my newsletter to see more interviews with the biggest names in cybersecurity.
This week I talked to Ang Cui, the cofounder and CEO of Red Balloon Security. Ang recently received his PhD from Columbia University in the Intrusion Detection Systems Laboratory. At Columbia, Ang’s research focused on the exploitation and defense of embedded devices, and Ang spun out this work to create Red Balloon Security. I’ve had several job interviews recently and Red Balloon Security is one of my go-to answers to the question “What’s a company that you think is interesting?” Ang is really technical but also very charismatic (see videos here, here, or here), and I’m really excited to see where Red Balloon goes.
Check out the interview below and thanks for reading!
How does your Symbiote technology compare to the security products for protecting embedded systems that are currently on the market?
There’s a few major differences. First of all, it’s host-based. This is important because security products need to to sit inside the host to effectively monitor it. Second, we’ve created the tech that allows you to install the technology into any devices without even knowing the operating system of the device or understanding the source code.No one has been able to do this with embedded devices. At Def Con we demonstrated Symbiote defending a legacy enterprise router. Symbiote gathers data and then reports it up to tools like Splunk. We’re currently working with the DoD for evaluation and eventual deployment of the technology.
Just to be clear, embedded devices are what most people consider the internet of things?
No. IoT is a dirty word–”embedded device” is much more accurate. The internet itself is full of embedded devices (think things like routers). IoT describes the commercial end which is just a small portion of the embedded devices that need to be protected.
Could you talk a little bit about taking a project from the research lab to the commercial world? What challenges have you come across?
There’s nothing easy about it. You need to get the idea to work, you need to patent it through the university and then create a licensing agreement. Paying royalties to the university for something that I created is tough, but on the other hand, being at the university allowed us to receive funding from Darpa and others who poured millions into the development of the technology.
You just finished your PhD at Columbia in the intrusion detection systems lab. How far behind the technology being developed in research labs like yours, are the intrusion prevention systems and related technologies, that are marketed by today’s big security companies?
I worked at a hedge fund before I worked at Columbia so I know a little bit about the commercial side and the industry is at least 12 years behind. Security for embedded devices is even further behind the research–probably about 15 years behind.
How do we decrease that lag?
We absolutely need to shorten that and there are many people who want to, however it’s very difficult to take funding from the government, develop technology at a university and then successfully take that into the real world. At every one of those steps there’s a big chance of failure. Part of the problem is that in the real world, it’s hard to try to do really crazy, forward-thinking technology, because you don’t know if it will work. It’s much easier to develop incrementally better solutions that you know will work. In research labs on the other hand, you have the luxury of working on the cutting edge.
What’s the plan for Red Balloon down the road? You’ve raised funding from DARPA, but are you looking to raise venture capital?
We’ve thought about it, but we’re very strong in terms of cashflow and we’ve been doubling our team every four months. That said, eventually it will take capital to meet our goals for growth, and we expect that we’ll be looking to raise a new round sometime in the next two years.