Galvanick: Cybersecurity for the Modern Industrial Age
Cyber Attacks in the Modern World
One of the less anticipated pandemic-era crises was the great cream cheese shortage of 2021 that nearly ended some New York City’s holiest institutions — bagel shops. But while supply chain issues were partly responsible for this calamity, the main culprit was a massive industrial cyberattack that shut down one of the US’s biggest cheese manufacturers during peak demand. Like the 2017 attack that shut down the Cadbury chocolate factory in Australia, the incident was a ransomware attack which impacted the industrial control systems in command of a modern manufacturing facility.
Ransomware is one kind of cyber attack that can compromise a company’s operations. These attacks are often classified by the seven steps — often called the cyber kill chain — a hacker must take in order to conduct a malicious act using code. It begins with reconnaissance, where a would-be attacker collects passwords or other personal information, and ends with unauthorized control of key systems and/or machinery.
Disruptions to cheese or chocolate production, while not insignificant, are just the tip of the iceberg when it comes to threats to digital systems. The 2020 SolarWinds attack, which was another form breach called a supply chain attack; hackers of Russian origin penetrated SolarWinds, a US information technology firm that develops software for businesses to help manage their networks, systems and IT infrastructure, enabling them to spy on private companies like the elite cybersecurity firm FireEye and the upper echelons of the US Government, including the Department of Homeland Security and Treasury Department. Private files and emails were exposed including sensitive communications between people at the highest levels of the US government.
Other major attacks like the 2021 Florida water system attack and the Colonial Pipeline Company ransomware attack allowed hackers to increase the amount of sodium hydroxide by a factor of 100, and nearly shut off access to the largest petroleum pipeline in the US that supplies about half of the East Coast’s gasoline. These kinds of attacks can not only amount to billions of dollars in damages, but more alarmingly can potentially kill millions of people. And very recently, just hours before the Russian invasion of Ukraine, Russian government hackers targeted the American satellite company Viasat, resulting in an immediate and significant loss of communication in the earliest days of the war for the Ukrainian military, which relied on Viasat’s services for command and control of the country’s armed forces.
Modern cyber attacks can take many forms and can take aim at a multitude of points of vulnerability inside of an organization from the receptionist, to email systems, to intricate industrial control systems that manage entire manufacturing processes all the way from top-level enterprise management down to control of the individual sensors and actuators that are part of robotic systems on the factory floor. A hack at any level can render the entire system worthless at best and programmed to purposely do harm at worst.
Nearly all organizational functions can be categorized into either informational technology (IT) or operational technology (OT) categories. Simply put, IT systems involve the flow of information inside an organization (computers, emails, communications, files, etc) and OT systems involve the management of industrial operations (control of manufacturing processes, hardware, moving things from point A to point B, etc). A services business like a law firm or a bank may have way more IT vulnerabilities while a power plant, auto manufacturing facility or water treatment center will have both IT and OT weak points.
Over the past thirty years, industrial enterprises have replaced manually operated equipment with computer operated equipment — all industrial systems are now networked. These decisions have traded increased efficiency for unknown and potentially catastrophic downside risk. Modern cybersecurity systems now operate at multiple levels of the industrial control system, and because of fully-networked, always-on, computerized operations, most cyber companies have focused on specific cyberattack vectors and types of cyber attacks, meaning that the operators at the helm of these systems are bombarded with millions of data points daily from multiple cybersecurity vendors making it nearly impossible to monitor, process, and then respond to actual potential threats. A better threat detection system is desperately needed.
Galvanick — Secure Industrial Operations
What modern industry needs is a unified security incident detection and response platform that automatically collects and correlates data from multiple proprietary security components. Or in cybersecurity industry terms, an industrial extended detection and response (XDR) platform.
Today we are excited to announce that MaC has led the $10M series seed round into Galvanick that is building such a solution. We’re fortunate to be investing alongside Founders Fund, Village Global, Countdown Capital, HNVR, Shrug Capital, 8090 Industries, and over 25 angel investors specializing in cybersecurity, manufacturing, finance, and defense. Formed in September 2021 after an intensive six-month discovery process that entailed reviewing the current state of industrial control systems cybersecurity and conversations with more than one hundred domain experts from operators to researchers, consultants to entrepreneurs, investors to academics, Galvanick is the coming together of three well-positioned founders with deep networks and complementary skill sets to build a necessary and critical product.
If it’s time to build as Marc Andreessen said it was in his 2020 essay, or if we truly wish to rebuild American dynamism as Katherine Boyle, GP at a16z proclaimed in announcing her firm’s focus on backing companies building solutions to seemingly insurmountable problems in our society — from national security and public safety to housing and education, or if truly believe that hard tech leads to hard power as many investors like Jai Malik at Countdown Capital have argued, then we need superior security underlying all these efforts. Any organization is only as strong as its weakest link, and if we allow our re-emerging industrial might to be vulnerable at any point, we will fail in our ultimate goal of securing a safer and more peaceful world.
Right Team at the Right Time
Galvanick was founded by three individuals with diverse and complementary backgrounds. CEO, Josh Steinman started his career in operations counterterrorism as a Naval Officer after completing his undergraduate degree in history at the University of Chicago. After two operational deployments to Iraq, Josh joined a task force answering to the Chief of Naval Operations that identified, tested, and advocated for integration of cutting-edge technologies into the US Navy. In 2014 Josh conceptualized and authored multiple white papers on, and advocated for, the creation of a “DOD Embassy” in Silicon Valley. The concept was approved and implemented by the Secretary of Defense in early 2015 as Defense Innovation Unit — Experimental (DIUX), the organization to help the U.S. military make faster use of emerging commercial technologies. Josh left the Navy in 2015, moved to Silicon Valley, and joined a YC-backed cybersecurity startup in Palo Alto. He then transferred over to the Navy Reserves, and helped stand up the DIU. In 2017, General Mike Flynn recruited Josh to become the Senior Director for Cyber Policy and Deputy Assistant to the President on the National Security Council. In this role Josh ran all U.S. Government cyber, telecommunications, cryptocurrency and supply chain policy. Josh sees Galvanick as a way to continue pushing to secure America against cyber attack — the same impulse that led to the cyber policies he helped write while at the NSC.
Meanwhile, Galvanick CTO Brandon Park was building a career in cybersecurity and industrial control systems. Brandon began his career as a controls and automation engineer at Merck, supporting and optimizing vaccine manufacturing systems with a cybersecurity focus. He left Merck to join Bechtel’s ICS Cybersecurity Lab to implement cybersecurity on industrial systems at the company’s Department of Defense and Department of Energy programs. In 2018, Amazon recruited him to help stand up their cybersecurity team focused on its global fulfillment and operations network.
Finally, COO Feliks Pleszczynski began his career working in the import-export business in Sub-Saharan Africa. He then transitioned to trading volatility at a New York-based hedge fund. In 2019, he was appointed Deputy Chief Economist at the U.S. Department of Labor, and later joined the White House as a Director for International Economic Policy on the National Economic Council.
The US Federal Government has taken a hard look at requiring critical industries to protect their infrastructure. The recently released 2023 National Cyber Strategy continues and accelerates much of Josh’s work as a senior cyber policy maker, with regulations being developed at numerous departments and agencies. Additionally, many inside the US government believe it’s time for an independent uniformed cyber service. Cybersecurity is taking more and more of a center stage in the conversations around how we defend our citizens, our critical infrastructure and our industrial operations, and that paves the way for Galvanick to make an impact.
Signal From the Noise
Galvanick is positioning themselves as the data layer that will sit on top of the cybersecurity point solutions that have been developed over the past decade, or put another way, the system that watches the systems. Other OT and IT cyber monitoring software systems will plug into Galvanick allowing Galvanick to ingest millions of operational data points every minute. The “magic” of their platform will be an AI layer to draw correlations between various data points. These correlations will provide much needed context to this firehouse of information, determine the causation of security breaches, and ultimately allow the prevention of cyber attacks.
Galvanick’s focus is on operational technologies involved with SCADA (supervisory control and data acquisition). Galvanick’s cloud-native analysis platform aggregates telemetry from industrial assets and environments, providing continuous monitoring and threat detection to enable security practitioners to quickly understand the difference between, and context around, both normal and malicious behavior.
Conclusion
The industrial operations of the United States and our allies are more online and networked than ever before. We have traded efficiency gains for unknown and potentially catastrophic vulnerability. Companies are coming under increasing external pressure from regulators, customers, and boards of directors to buy down this risk. However, businesses do not have to retreat back to the days of manually operated machinery. Rather, now is the perfect time to match our operational technology cybersecurity with the modern industrial requirements to be a global superpower.
Cyber attacks are growing in frequency and in size. Just as more and more of our industrial base gets digitized and put online, hackers become ever smarter in understanding how to exploit the resulting vulnerabilities.
The average annual cost of a cyber attack for a US company in 2019 was $27.35M, by far the highest in the world. America’s industrial base is the biggest hacker target in the world. Companies are desperate for solutions that actually work.
There are fewer than 10,000 OT cybersecurity specialists in the United States. Half of those work for the US Government or companies supporting it, and the remaining half are divided between those working for the 50–100 companies that are currently building OT cybersecurity practices, and startups working to build solutions. The “first generation” of OT cybersecurity firms are just now reaching pre-IPO, and these companies are solely focused on collecting one type of data and surfacing it to the user. Only in the past three years has the market reached the saturation point where an integrating company could aggregate those new data streams into a single platform with analytics on top of it.
Galvanick is the classic case of the right team with the right technological solution at the right time. The elements are all here for not only an extremely successful and valuable company, but also one that ensures the safety and security of the United States as the gold standard of industrial might.
Michael Palank led the Galvanick seed round for MaC Venture Capital.
About MaC Venture Capital
MaC Venture Capital is a seed-stage venture capital firm based in Los Angeles and Silicon Valley that invests in technology startups leveraging shifts in cultural trends and behaviors. The general partners represent diverse backgrounds in technology, business, politics, entertainment, and finance, allowing them to accelerate entrepreneurs on the verge of their breakthrough moment. The firm provides hands-on support crucial for building and scaling category-leading companies, including operations strategy, brand building, recruiting, sales development, and mission-critical introductions. MaC Venture Capital is the result of a merger between Cross Culture Ventures, co-founded by Marlon Nichols, and M Ventures, co-founded by Adrian Fenty, Michael Palank, and Charles D. King. Find MaC Venture Capital online at https://macventurecapital.com and @MaCVentureCap.
