RecoLabs hopes to secure corporate collaboration

Collaboration security provider RecoLabs (Reco) announced it has raised a $30 million Series A round to secure collaboration tools in today’s modern enterprise.

The company’s collaboration security platform is designed to enable organizations to securely gain visibility and share information through multichannel collaboration tools such as Slack, G-Suite, Jira and others.

As remote and hybrid working arrangements continue to impact the business ecosystem, employees increasingly expect greater transparency, better technology, enhanced collaboration, and greater flexibility. As a result, new technologies for digital workspace solutions have proliferated, and collaboration tools are part of that stack.

However, this development brings with it a new challenge. According to a recent report, working remotely has increased the frequency of cyberattacks by 238%. Another report by Verizon states that 85% of all breaches involve the exploitation of a human vulnerability. This underscores the fact that most breaches originate from the users of these collaboration tools and that it is critical that organizations understand the context of these breaches.

Reco claims to develop tools that help organizations secure sensitive assets by mapping and monitoring contextual metadata. The company claims that it uses applied machine learning (ML) to create a model of interactions and collaboration among an organization’s employees, teams and external vendors, allowing them to understand and visualize threats through collaboration and sharing . According to Reco, this will result in the creation of a contextual knowledge graph that will enable security teams to detect and respond to unauthorized or unusual activity in real time.

Workflow in the modern company

Collaboration tools are becoming the new standard and an undeniable part of business today. In fact, Gartner predicts that nearly 80% of employees will use collaboration tools. These tools provide access to technologies that enable onsite and remote workers to engage and communicate both inside and outside their work environments.

Following the outbreak of COVID-19, there was a 176% increase in collaboration apps installed on corporate devices, making collaboration security risk management a top priority for CISOs.

While collaboration tools enable people to work faster and more effectively, they also expose organizations to a new set of vulnerabilities and an increased risk area, according to Ofer Klein, co-founder and CEO of Reco. According to Reco, these risks and problems can be broken down as follows:

Inability for legacy systems to keep up

Legacy systems are computers with outdated software, hardware, or both that are still being used in place of newer versions. The systems continue to meet the needs for which they were created, but are no longer expandable. They require many static rules that quickly become obsolete and slow down operations.

The lack of dynamics can lead to too much noise – either they see everything and get in the way of business, or they don’t see enough. Due to the lack of dynamic and resource-intensive structure, security teams have to manually change rules like permissions and whitelists, and deal with alerts on a regular basis, which makes management extremely burdensome.

Legacy systems suffer from a lack of transparency

Legacy tools are unable to understand why an event occurred. This can be done, for example, by enforcing static rules that prevent certain files from leaving the organization. While it used to be easy because data didn’t leave the company, it’s now more difficult because information is legitimately passed outside the company. However, there is no way to successfully secure the collaboration tools without first understanding why this is the case.

CISOs, employees and the business as a whole are affected by these two major challenges. According to Klein, protecting critical assets is a major responsibility for any organization, and the only way to spot actual collaborative security issues is to understand the business context of each interaction. Reco, he claims, plays a big part in that.

According to Reco, its security solutions enable organizations to intelligently detect and remediate common challenges such as incorrect third-party access and files being transferred or shared with the wrong user. This is achieved by using the Reco-Ontology, an overarching metadata view powered by two internal algorithms: Process-Discover, which discovers interactions, classifies entities and categorizes them via their actual business process.

Content-based security to context-based security

Insider risk and data loss prevention (DLP) are becoming increasingly important for organizations with distributed workforces and a growing reliance on technology. While it may seem obvious that modern workplaces require modern security solutions, some companies are reluctant to abandon their legacy systems. This could be due to concerns about the unknown, exorbitant cost of technology or a lack of time for a revolution.

Post-pandemic, almost 74% of manufacturing companies rely on legacy systems to get their jobs done, and up to 90% of companies are hampered in terms of growth and efficiency due to outdated technologies.

Klein said in an email interview that Reco offers a novel approach to collaboration security by learning the context and reason behind every collaborative event. Rather than reading the content of user interactions, Reco claims to have built a Business Context Justification (BCJ) engine that uses applied machine learning and cognitive analytics to know why, not just how, an attack occurred. This, according to the company, is the “game changer” that sets it apart from the competition.

According to Klein, the BCJ is responsible for creating the collaboration map and understanding the business context. The collaboration map depicts the context of every interaction between teams within the company. Reco can use the BCJ to create security incidents based on non-business related events. With a better understanding of the dynamic organization, the justification for actions evolves over time. Reco says this removes the need for manual intervention in security incident reporting.

Additionally, the company claims that its Business Context AI engine requires no manual policy creation, tagging, classification, or ongoing maintenance. It claims this offloads 40% of the workload of security teams while maintaining a high level of protection without slowing down its ever-evolving business.

Reco says its “No Agent” feature allows users to join in minutes and get instant value. According to the company, this results in the lowest number of false positives while also detecting events and situations that no other tool can – such as sharing sensitive information in the wrong Slack channel. Reco claims that it only reads metadata, not the actual content of emails, Slack messages, or files.

Reco plans to invest the funds to expand its team and accelerate U.S. launch. The Series A round was led by Zeev Ventures and Insight Partners, with participation from Boldstart Ventures, Angular Ventures and leading private investors.