Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybersecurity Funding

Data Protection and Privacy Firm Titaniam Raises $6 Million in Seed Funding

Los Gatos, Calif-based data protection and privacy firm Titaniam has raised $6 million seed funding from Refinery Ventures, with participation from Fusion Fund, Shasta Ventures and individual investors. Titaniam seeks to square the circle between data protection and data usability.

Los Gatos, Calif-based data protection and privacy firm Titaniam has raised $6 million seed funding from Refinery Ventures, with participation from Fusion Fund, Shasta Ventures and individual investors. Titaniam seeks to square the circle between data protection and data usability.

Encryption is the current standard for sensitive data protection. If encrypted data is lost without the decryption keys, it cannot be considered lost. But encrypted data also loses much of its value to the data owner – it can be neither searched nor processed without decryption.

“At a basic level,” Titaniam founder and CEO Arti Raman told SecurityWeek, “encryption is not searchable – so, if you need to both protect and use the data, you have a problem.” Encrypted data is effectively immune to ransomware’s exfiltration extortion, general cyberattacks, insider threats and accidental exposure – but at the same time, it is almost as useless to the keeper as it is to the criminals.

 “So, the first thing Titaniam developed,” she continued, “is high performance encrypted search and analytics.” Most of the pertinent data is kept in large scale databases. “We figured out how to work with the big data indexes without needing to decrypt anything. That’s the basis.”

With Titaniam in use, even a privileged intruder will only see encrypted data. Decryption is only applied as required by specific downstream systems and functions and limited to what is required. “We keep valuable data secure, whether it is on the move, in storage, or being actively used in applications,” said Raman. “We built a unique platform, got it certified, and helped numerous organizations protect their data in the face of relentless cyberattacks.”

When the data needs to be processed, it can be released to the downstream functions in any of nine different privacy preserving formats – some functions might require certain fields to be decrypted or masked or tokenized. “When you do your daily processing, you have a choice on how to release the data to the functions,” she continued. “You can apply some pretty granular privacy policies while having closed the biggest weakness in the attack chain – stolen administrator credentials.”

The acid test for privacy protection is whether it can stand up to GDPR’s Schrems II ruling. At its heart, this ruling states that if US law enforcement or intelligence agencies can gain access to European personal data via FISA 720, it contravenes GDPR. By keeping the data encrypted, PII cannot simply be subpoenaed in a meaningful form – which just leaves the keys. Titaniam’s recommendation here is for the keys to be kept in a separate third-party vault. The customer, not Titaniam, is responsible for the keys – and private procedures can be put in place to make it difficult if not impossible for law enforcement to obtain them. On the surface, Titaniam can go a long way to satisfying Schrems II requirements: allowing the customer to both store and process European personal data.

Titaniam’s encryption is all powered by NIST-approved and patented innovations. The system provides visibility into data that was accessed, observed, or exfiltrated, and delivers field-level documentation certifying that throughout any attack, the protected data retained strong encryption, regardless of access privilege. 

Advertisement. Scroll to continue reading.

The new funding, says Titaniam, will be used to support ‘an aggressive sales expansion and further product innovations.’

Related: Enterprise Data Privacy Startup Piiano Emerges From Stealth Mode

Related: Solving the Right to be Forgotten Problem

Related: Europe’s Hypocrisy Over Personal Data Privacy Exposed

Related: Austrian Regulator Says Google Analytics Contravenes GDPR

Written By

Kevin Townsend is a Senior Contributor at SecurityWeek. He has been writing about high tech issues since before the birth of Microsoft. For the last 15 years he has specialized in information security; and has had many thousands of articles published in dozens of different magazines – from The Times and the Financial Times to current and long-gone computer magazines.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Learn how to utilize tools, controls, and design models needed to properly secure cloud environments.

Register

Event: ICS Cybersecurity Conference

The leading industrial cybersecurity conference for Operations, Control Systems and IT/OT Security professionals to connect on SCADA, DCS PLC and field controller cybersecurity.

Register

People on the Move

SaaS security company AppOmni has hired Joel Wallenstrom as its General Manager.

FTI Consulting has appointed Brett Callow as Managing Director in its Cybersecurity & Data Privacy Communications practice.

Mobile security firm Zimperium has welcomed David Natker as its VP of Global Partners and Alliances.

More People On The Move

Expert Insights