Connect with us

Hi, what are you looking for?


CISO Strategy

The Team8 Foundry Method for Selecting Investable Startups

Team8, a VC organization with added sauce, queried more than 130 CISOs from its own ‘CISO Village’ to discover the concerns of existing cybersecurity practitioners, and the technologies they are seeking for the future.

Team8 regularly consults with its CISO Village of around 350 enterprise CISOs over startup investments. AI security, 3rd party risk management, and the insider threat are today’s top CISO concerns.

Team8, a Tel Aviv venture capital (VC) organization with added sauce, queried more than 130 CISOs from its own ‘CISO Village’ to discover the concerns of existing cybersecurity practitioners, and the technologies they are seeking for the future.

The VC in the equation is capital investment in cybersecurity startups, with a focus on data science, AI and fintech. The added source is deep technical and managerial expertise that is applied together with the investment capital. The CISO Village is a group of around 350 enterprise CISOs – including from Fortune 500 companies – from which Team8 discovers the technologies currently or expected to be most in demand. 

The result is that Team8 knows exactly what is needed, and then ‘builds’ relevant startup companies together with the technology to fill the known market gap. That market gap is based on genuine practitioners’ pain points rather than new vendor and media hype. Team8’s USP is that it builds new companies rather than simply injects capital – usually at the rate of one company per year.

The 2023 CISO Village summit comprised five days of discussion with and between the CISO members, culminating in the 2023 CISO Village survey (PDF). There are three primary takeaways from this survey. Migration to the cloud and remote working has been accelerated, not caused, by the COVID pandemic. This creates extra pressure for access management (IAM and PAM) and cloud security solutions. Secondly, the public emergence of artificial intelligence (AI) has highlighted the need for security against threats to and from artificial intelligence. Thirdly, the increasing use of third parties for both software and services demands better third party risk management.

Bobi Gilburd, chief innovation officer at Team8 and a former Colonel in in the IDF’s unit 8200, commented, “I believe that the next one or two companies the team8 will build, this and next year, will be mainly one of the cases based on this survey.”

The new entry in this year’s survey is AI. AI has been used by security vendors for many years, but the emergence of publicly available gen-AI (eg, ChatGPT) at the end of last year has focused attention on the need to secure AI itself rather than simply use AI to help secure systems and improve processes. We focused our conversation on AI security.

Advertisement. Scroll to continue reading.
Bobi Gilburd, Chief Innovation Officer at Team8
Bobi Gilburd, Chief Innovation Officer at Team8

The AI threat is not immediately critical. “There are lower fruits for the attackers to pick,” said Gilburd; “but it is coming and inevitable, and we need to be ready for it.” 

There is a growing need for trustworthy AI, but it is a complex and wide-ranging subject. Internal use needs to be accurate, ethical, and secure. If social media gets its AI algorithms wrong, they may run afoul of regulations. If HR gets them wrong, they could be accused of bias, racism, sexism and worse. So internal AI needs to be built accurately and ethically, and then protected from malicious alteration by attackers. The same applies to AI used to secure systems – if the algorithm can be manipulated by attackers, what should have been a security defense becomes an insecurity threat vector.

Gen-AI has now widened the AI threat. The potential to increase the scale and quality of phishing attacks is obvious. Its use to generate a new quality of deepfake – what Gilburd calls ‘fakes on steroids’ – is inevitable. And the threat to privacy abuse via gen-AI training data is causing concern at government levels.

So, the AI threat is now how to build unbiased algorithms, how to protect those algorithms, and how to detect and counter malicious use of external AI. Team8 uses its CISO Village discussions to uncover these new areas of concern, and to determine when solutions will be necessary. Based on the 2023 CISO Village, it is a certainty that Team8 will invest in AI security – it is not so much a question of if, but when.

Related: How a VC Chooses Which Cybersecurity Startups to Fund in Challenging Times

Related: ChatGPT, the AI Revolution, and the Security, Privacy and Ethical Implications

Related: Biden, Harris Meet With CEOs About AI Risks

Related: Protect AI Raises $35 Million to Protect Machine Learning and AI Assets

Written By

Kevin Townsend is a Senior Contributor at SecurityWeek. He has been writing about high tech issues since before the birth of Microsoft. For the last 15 years he has specialized in information security; and has had many thousands of articles published in dozens of different magazines – from The Times and the Financial Times to current and long-gone computer magazines.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join security experts as they discuss ZTNA’s untapped potential to both reduce cyber risk and empower the business.


Join Microsoft and Finite State for a webinar that will introduce a new strategy for securing the software supply chain.


Expert Insights

Related Content

CISO Strategy

SecurityWeek spoke with more than 300 cybersecurity experts to see what is bubbling beneath the surface, and examine how those evolving threats will present...

CISO Conversations

U.S. Marine Corps and SAIC CISOs Discuss the Differences Between Government and Private Industry

CISO Conversations

While the BISO might appear to be a new role, it is not – and understanding its past provides insights into its present.

CISO Conversations

Joanna Burkey, CISO at HP, and Kevin Cross, CISO at Dell, discuss how the role of a CISO is different for a multinational corporation...

CISO Conversations

SecurityWeek examines the role of the virtual CISO in a conversation with Chris Bedel and Greg Schaffer.

CISO Conversations

In this issue of CISO Conversations we talk to two CISOs about solving the CISO/CIO conflict by combining the roles under one person.

CISO Strategy

Security professionals understand the need for resilience in their company’s security posture, but often fail to build their own psychological resilience to stress.

CISO Conversations

SecurityWeek talks to Chief Information Security Officers from, FreedomPay, and Tassat about their role and experience as CISOs.