GOLDILOCK: UNBREACHABLE PHYSICAL DEFENCE AGAINST CYBER ATTACKS
THE CHALLENGE
The internet is a powerful enabler but any internet-connected device and network can be compromised. Nation states and organised criminal groups are taking advantage of the proliferation of connected devices – driven by digital transformation – to wage devastating cyber attacks. Threat actors that use ransomware for attacks on critical infrastructure are now more motivated and brazen than ever before.
THE SOLUTION
“Connected equals hackable. Devices and systems are constantly evolving, which leads to new vulnerabilities. This makes it a battle for the average company and even cyber experts to keep up. We wanted to invent a fast, bulletproof, easy-to-use technology that makes things less complicated.”
– Tony Hasek, Founder and CEO, Goldilock
Goldilock is on a mission to revolutionise the way sensitive data and critical infrastructure is protected. It challenges the idea that everything should be online all the time.
Its patented TruAirgap™ technology allows you to physically disconnect and connect critical infrastructure, networks, data and devices to the internet from anywhere. Authorised users can do this in seconds without using the internet. This narrows the window of opportunity for threat actors, reduces your overall attack surface and makes anything behind the physical network isolation invisible to adversaries.
Control is managed with an out-of-band, non-internet based trigger so controls are completely out of sight of threat actors. Assets are kept invisible and offline to prevent attack, but when under attack organisations can take digital assets – or entire networks – offline immediately. Organisations can act quickly, wherever they are physically when they get the alert.
To trigger this action, you have to successfully go through a multi-factor, non-internet based authentication process.
Goldilock’s vision is for the solution to be easy to use and affordable for organisations of all sizes, including SMEs. It wants to enable businesses to treat disconnecting their data and systems from the internet as a routine task, much like you would switch off the lights when you leave the office at the end of the day.
“Unlike all other airgaps, our appliance sits between untrusted (internet) and trusted (internal) networks as a truly physical airgap. It becomes a question of physics: data can’t cross a gap of air so you’re safe if you’re not physically connected to the internet. So we physically disconnect. It’s literally like unplugging a cable, just instant, remote and totally secure.”
– Richard Bate, Chief Technical Officer, Goldilock
WHY NCSC FOR STARTUPS
Having spent years on research and development, Goldilock has secured clients such as Etihad Airways and has now launched its next-generation, commercially-ready platform to a global audience. It believes that now is ideal time to get feedback from experts and clients.
Goldilock’s leadership team would also like to learn more about the security needs of the defence sector and how it might adapt or tailor its technology to that market. The startup can integrate with any network in any vertical but sees a vital opportunity to protect critical national infrastructure, which often relies on legacy software. Goldilock believes there is a critical role for TruAirgap™ in this context.
So far, Goldilock has focussed investment and grant funding towards research and development. It’s now preparing for a Series A to fund its global expansion and more product development.
Simplicity is often the hardest thing to achieve, but one challenge Goldilock has embraced is showing investors and clients that there is power in simplicity.
