It’s been over two years since Hack the Box completed a $55 million Series B funding round, but CEO Haris Pylarinos is keen to continue riding the wave of optimism at the company and make inroads into new markets.
Speaking to ITPro in the wake of the investment round in January 2023, Pylarinos said the company planned to triple its headcount and accelerate global expansion.
In a follow-up interview last month, the chief executive revealed these plans are continuing at a good pace. The company now boasts sites in the UK, Greece, and US, but has taken a cautious approach to increasing headcount rather than haphazardly expanding.
“Overall the Series B gave a great push to the company,” he told ITPro. “We have grown significantly since then, but sensibly at the same time. Our headcount, roughly speaking, is approaching the 300 mark.”
There are positive signs across the board for Hack the Box at present, according to Pylarinos. The company has expanded its enterprise customer base, now working with major brands such as Siemens, Google, and Lufthansa, and its community platform has surpassed the three million user mark.
Hack the Box provides gamified training programs to help organizations and individuals improve cybersecurity awareness and skills. These war game-style cybersecurity programs include real-world threat scenarios, all of which use techniques commonly used by threat actors.
When the company launched in 2017, this was a market ripe with opportunity – and with accelerating threats and skills gaps in the years following placing organizations at huge risk, the company capitalized.
Hack the Box infuses cyber training with AI
Notably, the Series B enabled the company to further expand its offerings, this time capitalizing on a new industry trend: generative AI. In December last year, the company launched a new AI-powered Crisis Control service aimed at taking its gamified training programs one step further.
This tests users’ cyber defense capabilities using real-time breach and crisis simulations, all powered by AI to throw the occasional spanner into the works and ensure they’re able to adapt and respond to a worst-case scenario.
As with the original training programs, Pylarinos told ITPro there was a gap in the market. Similarly, crisis simulations were – and still are – an area where security leaders have been keen to sharpen up and increase budgets to prepare for the worst.
Research from Hack the Box found 74% of CISOs plan to increase budgets for crisis simulation exercises in the year ahead, underlining the enthusiasm for these offerings.
“Crisis control is an important product, a product that reaches the boardroom where the decisions are made in cybersecurity incidents,” he said. “The fact that we use AI helps keep each and every exercise relevant.”
Hack the Box is growing at a solid pace, according to CEO Haris Pylarinos
(Image credit: Hack the Box)
Crisis simulation programs are by no means new, nor is the use of AI in curating these, Pylarinos admitted. However, what he believes separates Hack the Box from other offerings is the fact that the AI model underpinning the scheme was built in-house and isn’t a rehashed product simply infused with AI.
Indeed, each training program is catered specifically to the organization, their unique needs, and based on the industry they operate in.
“A common theme you see on the market is that ‘we used ChatGPT to create the narrative’ – this isn’t the case,” he said. “What we actually do is we scan public information, like news articles, for example, and we understand what is the current trend in the vertical that the organization is in.”
As an example, Pylarinos told ITPro that an organization operating in the financial services sector would be given a crisis control simulation based on factors such as increased APT activities in that industry, or specific malware strains being used against financial institutions.
“Our system understands that and builds an exercise based on what is going on today in the market. So you are training on something that is extremely realistic and relevant to your specific industry. I think that’s the advantage of utilizing AI in that capacity.”
So far, feedback on the service has been great, Pylarinos said. Admittedly, though, the program is still in its infancy so it’s not quite reached the volume where he could definitively outline the true benefits or impact.
Looking ahead, Pylarinos told ITPro the company plans to continue expanding, and growth remains solid. Notably, the chief executive said “I don’t see a fundraise coming any time soon” on account of its positive cash flow.
“We are becoming more and more cash efficient as time progresses without sacrificing growth, meaning that there is a very good chance that we pass the burning point where you spend more capital than you earn and become profitable in the following years.”
There are positive signs the company is making further inroads into other verticals, Pylarinos added. The company initially started as “primarily a red team player” training penetration testers.
But now the company is fostering closer ties with the blue and purple team domains – and it’s a trend he appears keen on pursuing further by leveraging the company’s expertise and established reputation in the red teaming space.
“We are now a fully fledged powerhouse, catering for red, blue and purple needs,” he said. “Blue [teamers] is a much bigger market, so there are more potential users out there that would benefit from our content.
“The fact that we have so much expertise on the red side helps us recapitalize this and train the defensive side on how to deflect and manage the most difficult cyber attacks out there.”
MORE FROM ITPRO
Source link
-
-
-
-
-
-
-
-
