Register for free to
view the full innovation profile.
Lupovis is a software-based innovation provisioning AI-driven deception environments that enable the definition and execution of pro-active cyber-attack mitigation strategies.
About
Lupovis is addressing a growing and pressing need exacerbated by the recent pandemic to enhance the protection of critical infrastructures from cyber attacks. In the UK alone, cyber-attacks account for a loss of £34bn each year to UK commerce with 90% of Critical Infrastructures experiencing a successful breach impacting operations. In 2019, the average time to identify and arrest a breach was 314 days stressing the urgency to detect and mitigate successful attacks as early as possible. Therefore, pro-active strategies are required to detect and mitigate successful attacks as early as possible. An example of the scope of damage and associated costs of a successful cyber-attack is the breach on the Ukrainian Power System which took 10 months from reconnaissance to execution. The costs can be segmented as ‘consequential’ and ‘reputational’; - resulted in 225k customers without power with an estimated £27M revenue loss; the average network downtime costs were £240k per hour. The intent was to cause physical damage to transmission station. - the estimated reputational damage was £1.2M and the investigation lasted for four years A recent report states that the GDP losses for the UK from a similar-sized attack range from £20.6m for a four-substation electricity event to £111m for a 14-substation incident. Lupovis provisions cyber-security deception solutions provider that use artificial intelligence to lure hackers away from assets within the network system. Lupovis creates a deception environment, mirroring the true operational system that comprises adaptive combinations of attacker engagement elements. Dynamic decoys are implemented by establishing a ‘narrative’ embedded with manipulation and gamification methodologies; - ‘Narrative’ feature keeps the attacker on dynamically-defined paths in the network by adjusting the faux vulnerabilities of the solution and difficulty in retaining authenticity. Maintaining the engagement of the hacker with a sequence of faux targets/decoys/honeypots is essential to guide the hacker along a network path away from valuable targets, hence reducing the impact of any cyber-attack. - ‘Gamification’ of the decoy element of the solution optimally aligns and adapts vulnerabilities to the skills of the attacker. Thus, the system automatically adjusts its capabilities depending on how sophisticated the hacker is. The solution addresses both insider threats and advanced attackers who may have already penetrated the network. The data acquired is used to accurately characterise the attacker and associated strategies which then informs on the most effective countermeasure to arrest the attack, reducing the overall cost of successful cyber-attacks whilst facilitating an investigation of the breach.
Key Benefits
The solution allows the following benefits to be realised: • Improved business continuity and reduction in damage as the attacker is dynamically engaged through paths of faux decoys that react to attack strategies • Reduction in time taken to resolve threats • Captures key information on attackers, such as their strategies and skills • Early detection of attackers/hackers • A reduction in the number of False Positives alerts and number of triggers requiring attention; Security Operation Centre (SOC) operators are only issued with alerts when a hacker engages with a decoy. The average cost of a breach within CIs in the UK has been estimated to be £3.2M. The time-to-arrest a breach varies between 197 days and 314 days. The critical window is between identifying that a breach has occurred and arresting the hacker, on average taking ~117 days. Lupovis solution invokes an offensive stance from the time the hacker is identified and through its deception environment dynamically engages the attacker until such time the breach is arrested. Lupovis is also able reduce the ‘time-to-arrest’, whilst preserving the operational integrity of the system during and post-attack, reducing the damage of the breach e.g. a reduction of 10 days is ~10% of the average ~117 days equating to a saving of £320k.
Applications
The initial target market is the Critical Infrastructure (CI) market in the UK only. However, the global critical infrastructure (CI) protection market was valued at ~$71bn in 2019 and is projected to be worth $108bn by 2025, registering a CAGR of 7.29%. Furthermore, as an example, the energy sector in isolation is projected to become the highest consumer of intelligent end-points, projected to total 1.37bn by the end of 2020. There are >230k critical infrastructure providers globally and each CI provider comprises an average of 7.5k end-points; an average pricing of £20 per end-point represents a total global market opportunity of £34bn. The Oil and Gas sector is also undergoing massive transformation through digital technologies to improve practices and increase levels of automation, necessitating upgrades to cyber security management. Investment in Smart Cities will also increase the need for critical infrastructure protection and has reached ~$34bn (from ~$15bn) in 2020. Technology is also a key driver of change across financial services (‘Fintech’) with the potential to increase efficiency and enhance access to products but also to create harm for consumers. The growth of Fintech is reshaping customers’ user experience with global investment by retail banks in technology more than doubled in 2018, reaching ~£86bn. The migration to Open Banking motivates new regulations to improve consumer rights and places severe demands which translate into new challenges for data security and sharing; the need for greater data sharing results in increased levels and introduces new vulnerabilities. The ever increasing reliance on mining traditional and alternative data sources through the use of artificial intelligence (AI) and machine learning across sectors leads to concerns about cyber breaches. Cyber-incidents are growing in number, scope and sophistication. Recent data reveal that firms reported a 7% increase in technology outages in the year 2018 to 2019. High-profile breaches of data has stimulated investment into innovative enhancements to existing cyber protection strategies are a necessity and deception is being increasingly accepted as one of the routes to protecting sensitive financial information.