Saturday, February 23, 2019

Space is Open for Business

Space is no longer the exclusive domain of engineering behemoths with a “monumental mission” mindset, as a new ecosystem of technology innovators democratizes extra-terrestrial commerce. 


For fifty years, space innovation meant scaling Apollo-era technologies into ever larger, more durable satellites parked above their terrestrial clients in geo-synchronous orbit. Exotic space-ready parts, militarized defenses, and layered redundancies ballooned into multi-billion dollar systems designed to last 40 years or more beyond their conceptions. Only vast organizations with thousands of aerospace engineers could participate.
By the turn of the century, it didn’t matter that geo-synchronous orbit resembled a stadium parking lot on Super Bowl Sunday. The internet had upended and bankrupted the commercial space industry, whose expensive, decades-old satellites could no longer compete with terrestrial means of moving information. And when a financial crisis gripped the global economy one decade ago, constricting the government budgets that funded most space exploration, NASA’s cancellation of its flagship programs seemed to ring the death knell for our colonization of the cosmos.
The space community was dispirited; no one expected an imminent, explosive emergence of a new entrepreneurial ecosystem that now promises unprecedented opportunities in space and vanishing barriers to extra-terrestrial commerce. The prospect of colonizing the Moon, Mars and beyond now seems likely and even palpable.  
The New Mindset
Space colonization began in 1957 with the launch of Sputnik, followed by the monumental Apollo program that landed humans on the Moon. Both Sputnik and Apollo had to develop their entire missions and supply chains from scratch: rocket engines, spacecraft, avionics software, space suits, ground stations, mission control software, and more.
This monolithic approach dominated space missions until recently. In 2010, Brooklynite Luke Geissbuhler and his son Max heralded a new model for space exploration when their amateur weather balloon ferried an iPhone 19 miles above the surface of the Earth, capturing beautiful space images as expensive satellites do. Luke and Max’s fun experiment exploited the low cost of mass-produced cell phones, whose batteries, antennas, radios, accelerometers and cameras constitute the most common components of commercial satellites.
Meanwhile, students at Cal Poly and Stanford were using those same cell phone components to assemble what they called CubeSats – 10x10x10 cm buses designed to cheaply ferry their science experiments on Low Earth Orbit. (In LOE, where satellites naturally de-orbit within five years due to drag from atmospheric particles, they don’t need exotic radiation-proof parts.) Standard modules for DIY cubesats can now be procured on hobbyist sites as easily as buying a book on Amazon.
Like the DARPA engineers who coded the internet protocol, these students hadn’t appreciated the impact of their invention. Cubesats sparked a realization that true scalability comes not from bigger satellites, but many cheap small ones, and suddenly five accumulated decades of Moore’s Law turned the space industry upside down. Venture-backed startups like Planet Labs and Skybox (now merged) developed constellations of micro-satellites to image the Earth far faster than enormous, lumbering incumbents.  Other ventures like SpaceX and OneWeb are deploying massive constellations to serve the planet with internet and IoT communications. The Silicon Valley teams behind all these constellations naturally focus on software-driven designs with commodity hardware, enabling satellite operators to quickly launch new apps as we do on our smartphones. The largest general purpose cubesat constellation – roughly 60 “Lemurs” operated by Spire Global – already monitor ships, planes and weather.
The new mindset that space is best colonized by smaller, cheaper, faster computers not only admits entrepreneurial engineering teams – it favors them. Hundreds of other startups are now exploiting the 100X cost savings of microsat constellations to colonize space.
A New Ecosystem
The microsat revolution demands a new ecosystem to support the operators of these constellations. By far the most important and difficult input to procure is launch, since all mature rocket programs were designed long ago to carry enormous, expensive payloads to Geosynchronous Orbit with 5-10 years of advanced notice; new players like Virgin Orbit, Firefly and Rocket Lab promise cheap and frequent carriage to Low Earth Orbit. Next-gen operators also need ground stations, mission control software, satellite tracking, data analysis, life support systems, human habitats, robotic mining systems, space WiFi, and more. Sat and rocket manufacturers in turn need specialized software, subsystems, amplifiers, phased array antennas, miniaturized propulsion, materials, extensible solar panels, and batteries. And innovators in additive manufacturing like Velo3D enable SpaceX and Rocket Lab to design and 3D print far more efficient engines.
Space companies now assemble cheaper, better, faster constellations by mixing and matching off-the-shelf elements from this emerging fragmented ecosystem. This new Space Stack (see illustration) promises a virtuous cycle of innovation, diversity and growth akin to the explosion of datacom startups sparked in the 1980s when the OSI 7-Layer Internetworking similarly disrupted an oligopoly of proprietary networks from IBM, Digital HP and Sun.
Atop the space stack sit the microsat operators who create value for people on Earth. They are extraterrestrial mining companies, agricultural intelligence businesses, pharma manufacturers, internet service providers, weather forecasters, marine tracking companies, and new ones every month.  As the space stack grows, these companies look less like scientific research labs, and more like their terrestrial competitors.
In other words, space is open for business. Entrepreneurs are flocking to the final frontier, where Moore’s Law has unleashed massive, enduring opportunities. This is how Humanity will colonize Low Earth Orbit, the Moon, the asteroids, Mars and beyond – through the emergence of a distributed, commercial ecosystem infinitely more powerful than any single company or government.

Sunday, December 04, 2016

Donald Trump Jeopardizes Cyber Privacy And National Security

President-Elect Donald Trump recently released a video in which he promised to work with the Department of Defense and Joint Chiefs of Staff on a “plan to protect Americas’ vital infrastructure from cyber attacks.” This promise reflects Trump’s ignorance of how cyber warfare works — calling in the Marines to secure the nation’s computers is about as effective as exterminating cockroaches with a shotgun.

On the vast, interdependent internet, evolving technologies and best practices must be adopted across the ecosystem for anyone to be secure. An effective cyber defense requires long, hard years of continued investment in research, education, strong encryption, standards, regulations, enforcement, and global cooperation. Unfortunately, Trump’s stated policy goals promise to halt and even reverse the hard-fought progress made in recent years defining and enforcing new cyber standards. The impact on national security will be dire.

Furthermore, Trump’s call to boycott Apple for refusing to break their iPhone encryption and his plan for “closing that Internet up” expose a disregard for cyber privacy and freedom of expression that threatens to undermine our rights and our prosperity.

Stop-and-Frisk in Cyberspace

The US is a cyber superpower, alongside China, England, Israel and Russia. While Edward Snowden’s revelations suggest that the U.S. likely harbors the most potent cyber weapons, the agencies that develop and wield them have a clear mandate to use them only on foreign targets — for example, to retaliate against Russia’s repeated pattern of cyber aggression.

To Trump, however, Vladimir Putin is a friend — the nation’s true enemies lurk within the American homeland: illegal Mexican immigrants, Muslim jihadist refugees, obstructive protesters, and conspiring journalists. Echoing Rudolph Giuliani, Trump has touted stop-and-frisk as a legitimate exercise of “law and order” so we should expect the same in cyberspace, as federal agencies redirect their formidable arsenals away from foreign and toward domestic surveillance. No wonder Peter Thiel supported and now advises Trump — his company Palantir sells the software used by intelligence agencies to monitor large populations; investors plowed another $20 million into the Palantir just last week.
Peter Thiel, co-founder of Palantir

Judicial and legislative oversight bodies normally protect US citizens from mass domestic surveillance. But Trump’s tweets and campaign rally warnings about ISIS have escalated American fear of the terrorist threat to the highest point since 9–11, when Congress passed the Patriot Act. The Republican Congress and Trump-appointed judges may give the President broad leeway.

The Danger of Deregulation

Preventing cyber attacks is impossible without regulation, because cyber neglect is like polluting, drunk driving, or refusing to vaccinate — it endangers not only the reckless, but everyone else as well. The security of every online transaction depends upon the integrity of all the vendors in the ecosystem who handle payments, network traffic, email delivery, cloud servers, and more. Furthermore, any infected computer or device can be used to attack others (as we saw in the October DDoS attack that caused massive internet outages). Without broad regulations and enforcement, internet commerce cannot be secured.

Donald Trump’s campaign speeches and web site have consistently promised to reduce the rules, headcount, and overall spending in the SEC, FTC, CFPB, FCC and IS Oversight Office — the very federal regulatory agencies that have taken the lead in defining and enforcing cyber standards. (His adviser Mark Jamison openly plans to nearly eliminate the FCC.) In addition to the budget savings, Trump sees this as a key element in his plan to promote business and increase jobs. By design, these cuts will relax the rules and enforcement of cyber standards for the public companies, banks, consumer-facing merchants, and network carriers that these agencies regulate. We should expect similar cuts in other regulatory authorities such as the Center for Medicare and Medicaid Services (which enforces HIPAA rules for the healthcare industry) and the Federal Energy Regulatory Commission (which oversees NERC standards for the power grid).

Cyber deregulation will empower American businesses to sell our data to anyone collecting profiles of US citizens. Meanwhile, with a U.S. president who actually invited and benefited from Russia’s intervention in the election, Russian cyber attackers feel they enjoy free rein in American cyberspace. With the rollback of cyber regulations, consumer-facing businesses will slash their own cyber security budgets, leading to weaker systems that further accelerate the growth and severity of information breaches. With our private information exposed, brace for a dramatic rise in identity theft and cyber stalking.

In contrast, the European Union has set the standard for privacy laws that limit how businesses and government agencies can use our information. Once disdained by the business community, these laws now give Europe the competitive advantage. In the wake of Snowden’s revelations, mistrustful Europeans moved their data from US clouds and services to EU alternatives — during Trump’s presidency, Americans will join them. While some Americans look to Switzerland as a safe haven for money, and Canada as a safe haven for our families, many will look to Germany as a safe haven for data.

Cyber 9–11

President Trump’s deregulatory policies will jeopardize not only privacy, but also national security. Our homeland’s greatest vulnerability may well be the cyber threat to our critical infrastructure, potentially disrupting life-support services like power and water. Furthermore, a single breach of a water treatment facility, dam, or nuclear reactor can directly kill millions of people — a cyber 9–11. And yet today most of the nation’s utilities run unpatched software on industrial control systems that remain defenseless, awaiting NERC cyber regulations to kick in next year. A four-year reprieve from these rules by Trump’s administration will expose the U.S. to a massive terrorist attack, and open the door for Russia or other nations to embed cyber bombs in our machinery for future activation. Even if the Defense Department can accurately attribute such attacks, they can only retaliate — they cannot prevent them.

The election of Donald Trump has profound implications for the security of cyberspace. Unless Trump reverses his positions on deregulation, government surveillance, and the Russian threat, his administration will dismantle the safeguards of cyberspace, threatening America’s commercial prosperity, individual privacy, and national security.

Tuesday, September 13, 2016

Investment Recommendation: Claroty Series A

Today, Claroty came out of stealth, announcing a Series A financing led by Bessemer. $32 Million is  is a lot for Series A, but this is an important company for our nation and our planet. To explain why, I thought I'd share this excerpt from our internal investment memo.

EXCERPT from APRIL 2016:

The Need for Industrial Security

The physical infrastructure of modern civilization runs on machinery: traffic lights, railroad switches, nuclear reactors, water treatment, electricity distribution, dams, ship engines, draw bridges, oil rigs, hospitals, gas pipelines, and factories depend upon mechanical elements such as pressure valves, turbines, motors, and pumps. These actuators (like the ones in the original Bessemer steel smelting process) were once manually configured, but today these machines are controlled by software running on directly-attached, single-purpose computers known as Programmable Logic Controllers (PLC). PLCs, in turn, are connected in aggregate to computers running Human Management Interfaces (HMI) through closed, vendor-proprietary Supervisory Control & Data Acquisition (SCADA) protocols like DNP3 and Profibus. Industrial manufacturers provide the machines, the PLCs, and the HMIs, and so Operations Technology (OT) teams typically need to use a mix of controllers and interfaces. This is collectively known as an ICS. 

During the PC revolution, many of these ICS components migrated to cheap, standard PCs, and their SCADA connections migrated to LAN switches and routers that leveraged the connectivity benefits of those PCs’ standard Ethernet ports. The security implications were relatively minor until the Internet came along; but now, if any computer in the building is connected to the Internet, all the machines are potentially exposed. ICS security had once depended upon an air-gap between IT and OT networks, and where absolutely necessary devices like one-way diodes were used to send data out of the OT network to the outside world. However, trends like remote management, cloud, IoT, and the adoption of open standards are eroding the network segmentation and creating new attack vectors.

The threat of ICS attacks is very different from threats plaguing other computer networks. First, there is little valuable data to steal from a PLC (with the theoretical exception of pharmaceuticals), and yet the consequences of an attack are potentially catastrophic; the worst doomsday scenarios of cyber warfare arise from compromised machinery such as gas relays, dams, reactors, and water treatment facilities that can kill millions of people when they malfunction. To get a taste of the kind of damage we’re talking about, watch this video from 2007, where members of the Idaho National Laboratory hacked some of its own machinery.

Second, the fear of unexpected downtime also makes OT teams less willing to experiment with new hardware and software updates. These factors create an environment of older computers running older software that is never patched despite the accumulation of known vulnerabilities.

Finally, OT teams will not run encryption or conventional cybersecurity software on their computers, lest the security processes interfere with the precise and fragile timing of their network; they would rather be infected than incur downtime. And evidence of infections is mounting:

      The Stuxnet worm, allegedly developed jointly by NSA and the Israeli Army’s intelligence arm (Unit 8200), crippled the Iranian nuclear program by destroying their centrifuges;
      Iran crippled the operations of the most valuable company on Earth, Saudi Aramco;
      According to BVP-funded iSIGHT Partners, the Russia-based Sandstone Team developed the Blackworm malware that shut down power for 700K Ukrainians;
      For two years, an Iranian group controlled malware inside a dam in Rye, New York (near BVP’s  Larchmont office).

The malware behind these attacks likely lay dormant for some time, and there is no comprehensive way to know how much more already lurks in critical ICS just waiting to be activated. According to the ICS-CERT, we discover more and more infections every year in US infrastructure.So, at a time when nation-states, terrorists, and criminal organizations are scrambling for an advantage in cyberspace, society’s most critical infrastructure remains exposed and undefended.

Claroty’s Origin

Although our small investment in cyber foundry Team8 is gaining market value, we originally invested for more strategic reasons. Following our roadmap principle of “following the attackers,” we have long known that ICS would develop into a significant target, and hoped Team8 would provide us the best opportunity to invest in this market. They did just this with Claroty (fka Team 82), which is the second spin-out. Claroty is one of two dozen companies addressing cyber attacks on ICS. While Claroty is a newer entrant in this relatively nascent space, we believe deep the experience of its team makes it the likely winner.

Recall that retired Israeli General Nadav Zafrir had founded Team8 to focus the world’s best nation-state cyber warriors on the biggest challenges of cyber security. Zafrir recently commanded Unit 8200, considered Israel’s equivalent to the US National Security Agency (NSA). But unlike the NSA, which employs career-minded employees, Unit 8200 draws and trains the smartest draftees from the Israeli population, who, like everyone else, typically resign their military commission after three years. Naturally, several of them founded cybersecurity companies like Check Point, Palo Alto Networks, and NICE. But now Zafrir, along with the Unit’s former Head of Cyber (Israel Grimberg) and former Chief Technology Officer (Assaf Mischari), recruit and commercially train the top 1% of those graduates, re-purposing them in cybersecurity startups.

A principal skill set attributed to Unit 8200 is blind protocol analysis. If, for example, you wished to hack a Siemens centrifuge, you’d need to deconstruct the packets sent back and forth between the HMI and the PLC, or between the PLC and the actuator. Most protocols were cobbled together decades ago and were rarely well documented, and in some cases the vendors themselves treat them as holy writ. Unit 8200 is reputedly the best in the world at quickly and accurately understanding and parsing them down to the individual bit level. Team8 recruited the best, most experienced ICS thought leaders in Unit 8200, led by their team leader Benny Porat (CS PhD), to staff Claroty.

When Team8 starts a new company, it marries a technical team with an entrepreneurial founder. In the case of Claroty, Team8 recruited Amir Zilberstein, who founded the successful Waterfall Security and Gita Technologies. Waterfall develops ICS security products (unrelated to Claroty’s product); Gita’s technology remains undisclosed. Team8 also recruited Galina Antova, the former head of Siemens’ Industrial Security Services division, to run business development. Antova is a super impressive executive - highly connected, brilliant, and fast-moving. [See Appendix: Due Diligence for summaries of the team reference calls.] Next step is to recruit a CMO – we hope to get Patrick McBride, who was a star at iSight.

Beyond Security 

With meaningful Operations Technology (OT) experience on the team, Claroty is taking a different approach to the market than its competitors who generally come from cybersecurity backgrounds. Rather than lead with the cybersecurity benefits of their product, Claroty has developed an OT visibility platform that first and foremost surfaces operational issues. By deconstructing the proprietary vendor protocols, Claroty has delivered the first heterogeneous HMI with analytics that span an ICS network. Seeing as how most OT teams today care more about downtime than infection, we believe this approach will enjoy a far better reception in the near-term.