Hacking people is too easy: CultureAI announces $4m seed round to measure and mitigate human cyber security risk

CultureAI, the human cyber security platform founded by professional hackers, announced the closing of a $4 million Seed round to fuel its rapid growth. The investment was led by Senovo and saw participation from new investors Conviction alongside existing investors Passion Capital. Angel investors Paul Forster (Co-founder, Indeed) and Guntram Friede (Head of Marketing, EMEA Salesforce & MuleSoft) also joined the round to support CultureAI’s disruption of the cyber security awareness market. The additional capital accelerates product development and enables CultureAI to expand into new markets.

Also Read: Anti-Ad Fraud Platform ADEX Announces Real-Time Traffic Analysis is Available to All Clients

Founded when professional hacker James Moore saw even the best security awareness training made no difference to attackers’ ability to compromise organisations, CultureAI is being adopted by a rapidly growing number of organisations to easily identify and prevent security incidents caused by employees.

“It’s almost unheard of for professional hackers (known as penetration testers) to fail to gain access to an organisation, even if they have great security awareness training for employees,” explains James, who continues “We successfully gain access to organisations’ data and systems every time and it’s almost always as a result of human behaviour or error. As an example, multi-factor authentication (MFA) is often touted as a key cyber defence – yet we find that an average of 32% of employees accept MFA authentication requests sent by attackers, essentially opening the door for them. The traditional awareness training approach simply doesn’t improve behaviours like this – hacking people is still too easy.”

James believes security coaching, not training, is key – “Outside of security, when someone starts to learn a sport or a new skill and wants to improve, they get a coach. A coach observes behaviour, corrects mistakes in real-time, and gives them tailored advice whilst motivating and empowering them by providing the right equipment to perform. A coach doesn’t simply tell them to watch some generic training videos, take a multiple choice quiz and then expect them to be perfect; which is, regrettably, the common approach to security awareness today.