Over the past several months, two PhD candidates in MIT’s CSAIL program have been busy attempting to solve a few tough questions: How do you make cybersecurity sexy? How can you create excitement about the field? And perhaps most importantly, how do you take the impressive work being done at academic institutions and find ways to bring it to market?
This week, Jean Yang, a PhD student in her final year, and Frank Wang, who is in his third year of his doctoral program, have partnered with the VC firm Highland Capital to launch Cybersecurity Factory, an eight-week bootcamp where academics working on cybersecurity projects can work to commercialize their research. They are currently accepting applications for three to four teams, and each will receive $20,o00, mentoring, and free office space in the firm’s Cambridge office from June 22 through Aug. 25.
“A lot of university PhD students have all these great cybersecurity ideas that could solve a lot of real-life problems,” Wang said. For example, recent hacks on Home Depot and Anthem could have been thwarted if the companies had been saving their data in an encrypted cloud environment, he said, one of the many areas that academics have been targeting their research.
Wang and Yang said that security startups face unique challenges that make it difficult for academics to sell their ideas to companies that might need them. “With security companies, often their strength is in the absence rather than the presence of things,” Yang said. “If you have a really safe system and it doesn’t break, it’s harder to prove to people that it’s working.”
It’s also harder to pitch to companies that might want to back you or use your product. “If it’s a dating app or food-order app, you can see how it looks or feels,” Yang said. “But if you have something that you’re storing all our health records, how it looks and feels isn’t as important as the guarantees.”
Highland has long hosted bootcamp-like programs in its offices in Cambridge and Silicon Valley; the firm’s “Summer at Highland” program, which launched in 2007, has helped incubate startups like Jebbit, Gemvara, Wellframe, and Wildfire, the latter of which was acquired by Google in 2012 for $350 million. But this is the first time it has created a specific track for cybersecurity startups, general partner Sean Dalton said. “It’s a natural fit for them and us,” he said. “Security is a big part of what we focus on.”
Dalton said that Highland plans to provide the teams with broader exposure and connections to its portfolio. He’s hoping that the teams will be able to test their products on real-world data sets to help prove how effective they can be. “It’s about understanding the basics and the value that can be derived from the technology and marrying that in a commercial environment,” he said.
Yang said she’s struggled to convey the importance of her own research to outsiders, and hopes the summer sessions will give the teams time not only to work on their research, but also hone their pitches to VCs. “There’s pretty much nothing visual I can show about my work. All the cool parts are in the guarantees, which — if they’re working right — they have no bugs,” she said. “I think we really need to reframe how people are evaluating things.”
Which might lead to a different way of showing off the effectiveness of their final projects, she said. “Maybe instead of a demo day, we’ll do a hack week.”