Nudge Security emerged in October 22 after a period of stealth development under the direction of co-founders Jaime Blasco and Russ Spitler, former technology leaders at AT&T Alien Labs. Seed funding for the company was provided by Ballistic Ventures, which is comprised of an iconic group of cybersecurity luminaries including Roger Thornton, Barmak Meftah, Jake Seid, Ted Schlein, and Kevin Mandia.
The basic concept driving the Nudge Security offering is that employee behavior can be influenced toward improved security decision-making using a supportive technology platform. Chief amongst the goals for the platform design is the decision to ensure non-disruption of worker productivity by focusing on empowerment rather than the usual security approach of blocking, denying, and mitigating user requests.
Using Nudge Security to empower the workforce
Cybersecurity solutions for many years focused on preventing bad things from happening. More modern solutions have begun to find that shifting emphasis toward enabling good things to happen can achieve better results. This idea of empowering users, including employees, contractors, and third parties, to make good decisions is the fundamental basis for the Nudge Security platform.
The general platform operation for Nudge Security is depicted in the diagram below. The primary actors in the protection ecosystem are the employees (which is shorthand for both employed staff, consultants, and other individuals with direct access to corporate resources) and the administrators of the Nudge Security platform (which is also presumed to be done by employees or other empowered staff with privileged access).
The operation is straightforward—namely, as employees interact with cloud and SaaS services such as AWS, Office 365, Salesforce, Azure, Github, Google Workspace, Slack, and Google Cloud, email notifications are regularly woven into their workflow. The Nudge Security platform ingests employee engagement and responses safely and uses this as the basis for guiding behavior.
A front-end dashboard is available to both employees and administrators to configure settings and manage accounts. A back-end system, accessible by administrators, generates email messages to employees to provide recommended guidance, training, or other information based on the observed user behavior. This is where employees gain valuable insights about their decisions—and it is presumably where they will develop better habits.