A Conversation With Galina Antova

Image for post
Image for post

by Chenxi Wang, Ph.D. General Partner

As co-founder and Chief Business Development Officer of a company specializing in Industrial Control Systems (ICS) security, Galina Antova is considered the face of the company, and to some, the face of ICS security.

Industrial Control Systems help to operate some of the most foundational aspects of modern society, such as water, electricity, oil & gas, and manufacturing. In developed countries, we take these functions for granted — clean drinking water flows from the faucet, electricity is available on-demand, and there is plenty of fuel and goods to go around. But a conversation with folks in the ICS space may reveal a very different picture, one that is at once devastating and entirely probable to occur at any given moment.

Earlier this year, Rain Capital invested in Claroty. I got to know Antova quite a bit during the process. Aside from her day to day tasks at Claroty, the former Siemens executive travels the world these days preaching the importance of ICS security. Earlier this month Galina was in Vegas for Blackhat and DEF CON, and we found time to connect.

Claroty, which Galina co-founded in 2014, provides ICS security monitoring and control for some of the most critical infrastructure in the world. Galina and her co-founders established the company with the help of Team8, a famed Israeli Cybersecurity foundry. They did this when most operators of industrial control systems were oblivious to the threat and disruption that could face their networks.

Since then, the NotPetya attack devastated some of the largest control systems around the world, not the least was the operation shutdown of the Danish shipping giant, Maersk. The incident caused Maersk nearly $300 million of damages and has spread across Europe, the Middle East, the US, and Asia. It brought hospitals, manufacturing plants, pharmaceutical companies, and governments to their knees, causing a total of over $10 billion of losses globally.

This was arguably a turning point for the ICS security market, which had long been plagued by low security awareness, slim budgets, and a glacial adoption speed. For the first time, ICS operators and manufacturers are sitting up and taking notice of what Galina and her colleagues have to say.

Since its inception, Claroty has poured a significant amount of investment into research, demanded from its partners a deeper commitment to ICS security awareness, and worked tirelessly to build an ecosystem to elevating ICS security. Even though there are now many players in the ICS security space, Claroty remains a clear leader in the space.

When I met up with her at Vegas, Antova had just come off of a few weeks of intense travels. But she was as energized as ever, I’d say even a bit more animated than usual given the activities at Blackhat and DEF CON. Our discussions covered a variety of topics, from ICS to being a woman in security.

Note: Some of the questions and answers below have been edited for brevity and clarity.

Antova grew up in Bulgaria, moved to Canada and attended school at York University. She then joined IBM, which at the time was innovating in software development and services. After honing her craft and knowledge at IBM in various roles, Antova went to Switzerland for her MBA and was hired by Siemens in an extremely competitive executive program. At Siemens, she was mentored by the CEO of Siemens and other high-level executives. Her work at Siemens led to the creation of the first ICS Cybersecurity services business within Siemens.

Chenxi Wang (CW): So why ICS security as a career? Was it by accident or design? What about ICS security attracted you to your position at Siemens and eventually to Claroty?

Galina Antova (GA): To be honest, I didn’t know about ICS security until I joined Siemens. At Siemens, I became aware that the world’s infrastructure runs on industrial control systems. These devices were starting to be connected and they had little security because most were designed decades ago. I thought it was a fascinating problem, and realized that protecting this infrastructure was going to be a huge opportunity in the market.

If you take the Fortune 2,000 companies in the world, about 45% of them rely on ICS networks for their core business. Example industries include oil and gas, electricity, manufacturing, mining, etc. Other industries like banking or high tech still have data centers, HVAC systems, and other infrastructure components relying on ICS. At Siemens, I created and led a new business solely focused on industrial Cybersecurity. I realized that, at the time, none of the large security players on the market had any offerings/solutions to secure industrial infrastructures. This realization eventually led to the creation of Claroty.

CW: Let’s talk about Claroty. You and your co-founders founded the company way before NotPetya, way before ICS security was a regular discussion topic, what drove that? What was in your crystal ball that made you think founding an ICS security startup was the right thing to do back in 2014?

GA: To me, it was the natural progression of things. At Siemens, I was exposed to just how large the ICS security challenge was. Because cybersecurity companies were not addressing this challenge at the time, I saw an opportunity for a dedicated security company for ICS. For me, it was never a question about whether or not founding an ICS security was the right thing to do — it was just a matter of who I could do it with, when we should start, and how we go about securing ICS networks in the most effective ways. Fortunately, I met my co-founders through the Team8 platform. All three of us were passionate about ICS security and shared the exact same vision for the market opportunity. The rest was history.

CW: When the world is abuzz with things like blockchain, cryptocurrency, your company remains steadfast in your commitment to securing some of the most archaic infrastructure in the world. Did you ever wish, even for a moment, that you were working on something more buzz-worthy?

GA: Absolutely 0% regret. I actually think that our opportunity is much bigger because in essence what we’re doing is protecting and securing the world’s infrastructure. We’re elevating the security maturity of this infrastructure to the standards of the 21st century. If you think about the total addressable market (TAM) for this — it is a gigantic opportunity. At the same time, we are also moving into the IoT space, which is very exciting. I don’t think there is another line of business within Cybersecurity that has quite the same impact as securing the ICS and IoT infrastructure.

CW: Claroty recently finished a funding round. It was somewhat unprecedented that many of the top ICS device manufacturers such as Schneider, Siemens, and Rockwell participated in the round. What do you think drew this level of interest, particularly from these manufacturers?

GA: There were a few reasons our latest funding round drew so much interest:

  1. We had a competitive edge and emerged as a clear leader in ICS security. Claroty had already emerged as a leader across multiple verticals and everyone wants to invest in the leading startup in that domain. We already had existing business relationships with the top ICS device manufacturers. These manufacturers had evaluated every major competitor in our space and chose to work with Claroty because of our strong technology.
  2. They viewed Claroty as a strategic partner to extend their ICS product offerings. These manufacturers saw an opportunity and a need to supplement their technology with Claroty’s product. I think this is a testament to how much the ICS vendors (e.g., Schneider, Siemens, and Rockwell) have changed because they’ve become much more proactive and strategically oriented. And to have all three leading ICS vendors invest in Claroty helped validate that our technology was truly an essential element in ICS.

CW: Has the industry changed since you first entered it, in what ways?

GA: The industry has changed a great deal! I’d say five or six years ago, there was a lot of push vs. pull between security and operation teams with different priorities. Operations felt that no security technology could be installed on OT networks because it would break their fundamental requirements of uptime and availability.

In the last two or three years, we’ve essentially closed the gap between security technologies and the operational requirements of companies. It’s been really exciting that we have produced technologies that can now satisfy both protection and uptime/availability needs. The conversation has become much more nuanced and structured as the strategic initiatives between IT and OT are much more aligned today.

CW: With the recent change in the political climate, ICS and critical infrastructure security are being thrust into a spotlight. For Claroty, is that a good spotlight to have, or is it a challenging one? Why?

GA: I think it’s a good spotlight because it brings visibility to the ICS protection problem and in turn to our approach. It is also a good indicator that the industry is ready for change. The fact that there are nation-states interested in critical infrastructure means that they are important. This helps to bring awareness of the problem at the board level. Company boards are now asking: “What are we doing about critical infrastructure and ICS security?” This awareness is helping to generate the demand and traction that we are seeing because the threat is real.

Another sign that the industry is changing is that, in many companies, the CISO is now being given the responsibility to secure the ICS networks. This is in contrast to what it was several years ago. As long as the responsibility lies within the CISO’s organization, visibility and protection for the industrial networks will be a priority.

At the same time, however, being in the spotlight can also be risky because of the geopolitical tensions that are taking place. In many cases, these networks remain largely invisible and unmonitored, as organizations are just beginning to employ solutions like Claroty’s. Clearly, attackers, be that nation-state or otherwise, will continue to exploit vulnerabilities within those networks. Just because you can’t see what is going on — it doesn’t mean that the Russians are not in your critical infrastructure.

As a woman in technology (and Cybersecurity), I’m often asked how I got into this field and how I made it a career. It’s always interesting to me to hear other women’s stories, especially one that is as colorful as Antova’s — grew up in Bulgaria, educated in Canada, worked in the US & Germany, studied in Europe, founded a company in Israel, and living as a global-trotting executive today.

CW: Did you always want to be in technology? Was there a defining moment in your life when you knew you were going to make a career in technology or was it a gradual thing?

GA: I was always good at math and sciences so it was never a question for me that I would make a career in science and technology. I don’t think you choose to be in technology — you just become fascinated by the problem and challenges. I’ve always been a geek at heart and once I find a topic that I’m interested in, I want to learn more about it. That eventually led me to the technology field and more specifically to industrial Cybersecurity.

CW: At IBM, you had a number of different roles with software engineering and also customer-facing roles. You held many different positions within IBM. So in a sense, you were training for the future. Did your time at IBM help prepare you for what you do now and how?

GA: At IBM, I was part of the software group. I started out in technical roles and later moved into customer-facing roles which gave me diverse exposure to how technology can help transform large company initiatives.

Also, during my tenure at IBM, the company executed many acquisitions. These acquisitions allowed me the opportunity to work with different startups and helped to incorporate them into IBM. Through that experience, I gained interesting insight on how a startup works internally, which became extremely valuable in the early days of Claroty.

CW: Let’s talk about mentorship. I had many mentors who made a difference in my career. What about you? Did you have mentors earlier on in your career and how has that impacted you? Who were some of the standout mentors that you have had?

GA: I was fortunate that from the beginning of my career I was mentored by some of the most successful executives in high tech. My first mentors were from IBM. They challenged me to think strategically and taught me to recognize and seize an opportunity when it arises. That helped to shape my career.

As a woman in technology, I think we won’t necessarily be given the same opportunities as men for various reasons. So it is extremely important that we raise our hands, embrace challenges, and seek out opportunities proactively — we must “lean in” as in Sheryl Sandberg’s words. Being proactive has defined my career and is continuing to define my career and my future.

CW: Are you open to mentoring others who are starting out in their careers? What are some of the things that you would do as a mentor that you wish your mentors had done for you?

GA: I think it’s extremely important to have more senior women in technology so that we can serve as mentors to those joining the field. I contribute to SheEO, an organization where advisors and entrepreneurs are investing time and money in other female entrepreneurs and female-led businesses. That type of work is especially rewarding to me. I’m always looking for other opportunities to do more, for example, participating in the Grace Hopper Conference this year. I’d love to do more in the future as time allows.

CW: I think you and I are similar in that we always lead with our professional qualities first. Often, the gender question fades away once you are seen as an equal or someone able to deliver work at an equal or superior quality. But the activist in me sometimes says: “Why do we always have to perform to break the gender stereotype? Why couldn’t we start at a level-playing field as men?” Any thoughts on that?

GA: First of all, I absolutely agree with you. That has been my experience — that I always lead with professional qualities. In most cases, I was able to get the other party to view me as a professional, not as a woman. But this does take a bit of an effort. For instance, when I walk into an introductory meeting with a male colleague of mine, often the other party would think that I report to the male colleague. So I make it a point to lightheartedly joke about the situation to bring awareness to the problem that there might be stereotypes at play. That often leaves an impression. My hope is that if they encounter enough such occasions, it will start to change their implicit assumptions and unconscious biases.

Even though there has been tremendous progress made in supporting women in tech, we still have work to do. And it may take more than a generation to truly change hearts, minds, and hence behaviors.

CW: What do girls growing up today need to do MORE OF if they want to succeed in tech? What about LESS OF?

GA: Nowadays, I feel that many girls struggle with enrolling in sciences and technology because of the negative stigma associated with it. It’s concerning to me that there’s been a notable decline in women enrolling in computer science programs. According to the National Center for Education Statistics, in 1984–1985 women accounted for nearly 37% of all computer science undergraduate students. As of 2010–2011, women make up just 17.6% of computer science students.

CW: Do you think the industry will look substantially different 8–10 years from now, from a woman in tech viewpoint? Why and why not?

GA: In terms of ICS, absolutely I think the industry will be very different. Given the current trajectory — all the infrastructures (e.g. manufacturing or any physical processes) in the world are essentially becoming digitized and this trend will accelerate at a pace that we’re not even anticipating right now and that’s great news. As long as we have the right cyber solution — which is what we’re working on!

In terms of women in technology, I think we have a tremendous amount of work to do if we want to see a visibly different future. If you look at the number of female students entering computer science, the pipeline numbers are not very optimistic. However, I think we are talking about the issue more openly, which is the right first step. We are also highlighting more women executives, role models, and success cases, which are very important. For instance, we have more women on corporate boards now, more women founding companies, and women serve as partners for Venture Capital firms — you founded Rain Capital for instance. Looking back, I think some of the challenges we faced 10 years ago still remain today, but what is important to me is that we are collectively making progress and working towards a convergence point.

To many skeptics, who believed (and still believe) that ICS system operators are slow adopters when it comes to cybersecurity, Galina’s unparalleled enthusiasm serves as a reminder that the times are a-changin’! Industrial Control Systems may be the last stronghold of archaic security, but I, for one, am glad that professionals like Galina Antova are helping to shape the future of ICS security, and even more glad that she is a Rain entrepreneur, whom we call affectionately, “Rainmakers”.

Originally published at https://www.raincapital.vc on September 11, 2018.

Rain Capital is a cybersecurity venture fund based in the San Francisco bay area. A women-led and -managed fund, Rain invests in disruptive security companies.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store