Those making this year’s list were evaluated by an advisory board and regulatory analysts and recognised for the innovation of the technology solution offered, potential cost saving and efficiency improvement for clients, and company growth.

“We’re delighted to be named in the CyberTech100 for the second year running,” said Rachael Greaves, Castlepoint CEO and Co-Founder.

“With regulated entities coming under increasing attacks from malicious actors in attempts to access data, if a breach occurs, it’s essential to quickly understand what the exposure was.

“Knowing and applying regulatory rules is one of the best ways to reduce cyber risk. The best way to find all that risky data, track it, match it to the regulations and rules, and manage it compliantly, is via AI.”

Castlepoint’s AI registers every system in an environment, in the cloud and on prem. It registers every record in every system (structured or unstructured), and every file in every record, and uses Natural Language Processing to extract all the meaningful topics and entities mentioned in every item, no matter the format. It captures every event on the data, as well as all metadata.

“Last year, after suffering a breach, an Australian university contacted Castlepoint. Within 24 hours we were managing their data and registered over 50,000 systems containing more than seven million items and indexed and classified approximately 200 systems in scope of the breach.

“This incident illustrates the speed at which our AI works. Within one day we coded a Secrecy Provisions ontology from Acts and Regulations specific to the client, and a Records Authority to identify which of the spilled data was overdue for disposal. The University was able to report the impact of the breach to their governance team within 48 hours and have kept Castlepoint in place to help prevent any future spills.”

Most organisations focus on immediate priorities and have a short planning horizon for cyber, which doesn’t seem as urgent as the need to meet targets, respond to FOIs, or complete reporting cycles.

But the most serious cyber incidents have a slow burn. Threat actors can lie dormant in systems for months before striking or can be slowly exfiltrating data without detection. Against this backdrop, and with rapidly growing data stores and regulatory obligations, organisations need a low-impact, high-coverage method to control data risk and value.

“We need to do what we can to reduce likelihood of a breach – but we can never completely prevent one. What we need to focus much more on is reducing the impact of a breach,” continues Greaves.

“We must know our own data so we can focus our efforts on what has the most risk, which can include national security, sensitive personal information, and financial data. Then we must understand the risks specific to the organisation, whether that’s IP, trade secrets, core business data, or regulated information – Castlepoint makes this possible.”

Some of the problems Castlepoint has recently solved include:

• Finding references to potential child abuse in government databases with 99.8% accuracy
• Providing command and control over more than 56,000 systems for one organisation
• Reducing the cost of legal discovery for one agency by 97% per year.

Commenting on the chosen companies, FinTech Global said, "The CyberTech100 recognises the next-generation of solution providers shaping the future of the cybersecurity industry. These are the companies every financial institution needs to know about as they consider and develop their information security and risk management strategies.'

A full list of the CyberTech100 can be found here.

About Castlepoint Systems:

Castlepoinis a software solution that manages all the information in an organisation’s business systems. It automatically registers every digital record regardless of location or format and uses Artificial Intelligence to classify it against rules and regulations (including secrecy provisions, privacy rules, and Records Authorities for example) and apply appropriate lifecycle controls. It acts as a single pane of glass to find, relate, manage, and audit every record in an organisation’s network, no matter what system it is stored in, and it does this without any impact on existing systems or users, and without complex rules engines. This allows governance teams to finally have a complete view across the whole environment, and to apply security, discovery and compliance processes to every single system from a single interface.