As someone who’s spent a career leading financial operations for successful cybersecurity startups such as Attivo Networks and Cloudmark, I knew it would be hard to resist an invitation from 1Kosmos board member Alberto Yépez to meet and talk with 1Kosmos CEO and founder, Hemen Vimadalal, about a role as the company’s first CFO.
Alberto is the founding partner at Forgepoint Capital and has a long history of building next-gen companies that become leaders in protecting the digital world. Like Attivo Networks, 1Kosmos was in the Forgepoint portfolio prior to acquisition, so from a distance I was familiar with the 1Kosmos passwordless MFA solution. After further discussions, it would become very clear why in early 2021, Forgepoint led Series A funding with a $15 million investment in 1Kosmos.
1Kosmos has developed today’s most advanced and user-friendly platform for unifying identity verification with multi-factor authentication. For a finance guy, that’s a mouthful, but what it essentially means is that fake accounts that trouble the financial services and government industries along with account takeover attacks that lead to ransomware, data breach and billions in fraud losses get shut down when hackers can’t log in. To me, that makes intuitive sense.
My curiosity peaked when I learned that to their growing number of customers, 1Kosmos represents much more than the convenience of passwordless access. For them, closing the gaps between identity and user authentication is critical so they know who is logging into corporate services. This is a level of trust that you can’t have without verifying identity at every access request.
What’s more, for CFOs like me who view user privacy and the security of PII (including user biometrics) as materially significant issues, it quickly became clear to me that 1Kosmos solutions present organizations with an architectural advantage to fend off cyber attacks, and with it every downstream security system becomes more effective.
As conversations progressed, I happily accepted the CFO position at 1Kosmos to help establish the people, process and financial systems necessary to scale the organization and meet the enormous market opportunity its technology represents. Here are the top three reasons why it was an easy “Yes!”
#1 Passwordless MFA without Verified Identity Still Relies on Hope
The challenge 1Kosmos solves is one faced by every organization in every industry. According to SecurityBoulevard.com, account takeover attacks were 30% higher during the first quarter of 2022 than the average over the past three years. Also, according to the Verizon 2022 Data Breach Report, more than 70% of all data breaches are now caused by compromised credentials. More than 83% of organizations have been compromised this way more than once.
Now throw in account enrollment fraud, in which cybercriminals use stolen or synthetic identities to open new banking, government, and merchant accounts, and the problem grows worse. When taken together, account takeover and account enrollment fraud contribute to up to $5 trillion in global fraud losses each year.
The problem: Identity verification and authentication have always been decoupled, making passwords and antiquated MFA the default for both. Without unifying the two, organizations still do not know with certainty who is logging into their digital services … meaning even with unverified biometrics logins are still vulnerable to impostors posing as legitimate users. For digital business in all shapes and sizes, identity should be verified at every login attempt. An exception to this rule of thumb equates to a security vulnerability.
Not only does 1Kosmos prevent account takeover, it can also be strengthened by scanning a driver’s license, passport, or other form of government-issued identification to prevent account enrollment fraud.
With the identity management market entering a major growth phase in the face of mounting attacks, these capabilities mean 1Kosmos is in a position to capture a very large piece of the action.
#2 1Kosmos Architectural Advantage Tilts the Playing Field Against Cyber Criminals
Passwordless authentication is the future, but it has to be done right to avoid missteps along the way. Like other PII, biometrics can be compromised and using technology that introduces racial bias presents obvious shortcomings.
We’ve seen single sign-on be used as a weapon by cybercriminals who trick employees and sometimes contractors out of passwords, and for years have deployed two-factor authentication. But technology has advanced and simply putting passwordless in front of SSO ignores critical elements that should be in place – namely user identity verification, user privacy, and data security.
From the beginning, 1Kosmos architecture addressed these challenges, and they have embraced the responsibility of every security vendor to produce quality code and ensure interoperability within what can be highly complex corporate IT networks. They don’t just preach compliance with industry standards. 1Kosmos has put their entire platform through multiple, rigorous industry certifications that prove their systems are commercial grade.
#3 More Than a Company—a Mission
Start with a proven executive team made up of seasoned veterans behind some very successful startups in the industry. Add a culture that’s laser-focused on delivering successful outcomes for employees, customers, and investors with deep domain expertise in identity and access management. Then, mix in a passion to make the digital world a better and safer place despite cybercriminals ranging the gamut from drug and human traffickers, to terrorists, rogue governments and various other scoundrels.
I feel this is a winning combination because what you get as a whole isn’t just a group of can’t-lose industry leaders. You get a tribe of game-changers committed to putting an end to the financial and human carnage caused by cyberattacks—forever. I mean, how do you say no to that?