Cybersecurity startup EchoMark is releasing a brand new software programming interface (API) to permit for its novel digital watermarking software to combine with just about any current communications software program.
Based in 2022 to develop a digital watermarking system to safeguard organizations’ delicate and proprietary data, EchoMark initially centered on injecting customized identifiers into emails and link-based networked doc sharing instruments. Now, armed with $10 million in seed funding, the corporate is on a mission to “watermark the world,” as founder and CEO Troy Batterberry places it.
“Our imaginative and prescient is that any piece of personal data could be forensically watermarked and tied to a recipient’s identification,” Batterberry tells Quick Firm, including that the corporate’s clients requested for a technique to combine the software program instantly into their very own bespoke communications channels. “We constructed this API so we will add this into any industrial software or customized workflow.”
Batterberry has been interested by leaks for a very long time. As a younger missile techniques engineer conducting analysis and growth on new weapons for the U.S. Navy, Batterberry discovered himself personally entrusted with “deeply categorized stuff,” liable for continually including his signature to paper copies of delicate paperwork to sign his function as their approved guardian.
“Signing your title on the highest of a doc signifies you’re the custodian of that data,” he says. “Psychologically, it modifications how you consider defending that data. Should you depart it out, you can lose your safety clearance—or, even worse, your whole career.”
Following his profession within the Navy, Batterberry went into the non-public sector as an engineer, first at Sony after which Microsoft, the place he spent the subsequent 25 years and finally turned a company VP answerable for Groups and Webinars. It was at Microsoft that Batterberry developed a digital rights administration system to guard streaming media by way of audio and visible watermarks. Such safeguards ensured that, ought to content material make its technique to unlawful streaming portals like BitTorrent, the supply of the leak could be simply identifiable.
These experiences finally coalesced in Batterberry’s mind right into a urgent organizational query that shaped the idea for EchoMark: What in the event you might take customized watermarking and apply it to something, from emails and pictures to healthcare data and authorized paperwork?
EchoMark’s watermarking resolution is elegant in its simplicity. When a delicate doc is distributed to its meant recipient, the corporate’s software program generates customized copies with hundreds of slight formatting variations imperceptible to the human eye. As soon as that doc makes its manner out into the wild, whether or not as a photocopy, screenshot, and even as {a photograph} taken from a private mobile phone, customers can make use of EchoMark’s proprietary pc imaginative and prescient and AI to scan the goal artifact and match it towards the unique copies. Quite than bodily signal copies, as Batterberry did within the Navy, EchoMark applies customized signatures at scale with lightning effectivity in order that leaks are simply traceable again to the supply.
Batterberry demonstrated the software program for Quick Firm in actual time with a replica of Dobbs v. Jackson Girls’s Well being Group, the U.S. Supreme Courtroom choice hanging down Roe v. Wade that leaked to Politico in Could 2022 (the supply of the leak was never identified). Batterberry despatched an electronic mail containing a PDF of the Dobbs choice processed by EchoMark to seven phony electronic mail addresses standing in for these of the sitting Supreme Courtroom justices; he then opened the doc from the faux account of Chief Justice John Roberts and took a photograph of it on his pc display screen together with his private cellphone. After importing the photograph to EchoMark, the software program dashboard shortly analyzed the picture and spit out a definitive conclusion: The doc pictured in his photograph was actually equivalent to the one the Roberts account had obtained.
“Whoever leaked the [Dobbs] choice knew that so long as they used a private system, they might by no means get caught as a result of a number of individuals had entry to the report,” Batterberry says. “With EchoMark turned on, we might have IDd the supply of that leak in minutes.”
The Supreme Courtroom is only one instance of EchoMark’s potential governmental purposes. Batterberry cites as different disclosures the place EchoMark’s software program might have confirmed helpful the rogue IRS contractor who in 2020 leaked President Donald Trump’s tax data to information organizations, in addition to Airman 1st Class Jack Teixeira, the Massachusetts Air Nationwide Guardsman who leaked tons of of categorized Protection Division recordsdata onto Discord in 2023.
EchoMark at the moment boasts greater than 100 “excessive revered” purchasers throughout the federal government, monetary companies, well being care, and leisure sectors, in response to Batterberry, with the corporate projecting 10-time development within the coming yr amongst.
“The federal authorities is extraordinarily ,” Batterberry says. “The FBI, for instance, has grave issues about leaks when investigating drug cartels who’re prepared to spend severe cash to get entry to data and adapt accordingly.”
EchoMarks’ forensic watermarking isn’t nearly figuring out leakers as a part of a breach investigation, however prevention as effectively, to this point that the presence of digital identifiers will purportedly dissuade potential leakers from releasing delicate data into the wild in the event that they know they’ll be nearly immediately recognized. And by empowering organizations with a low-cost, easy-to-implement methodology for investigating and mitigating leaks, EchoMark serves a bigger function: serving to organizations share data brazenly and with confidence relatively than shut themselves off internally to stamp out leakers.
Certainly, Batterberry cites the September 11, 2001, terror assaults for example of what occurs when delicate data isn’t allowed to move freely between intelligence and legislation enforcement businesses.
“A key purpose for the breakdown in communication main as much as the 9/11 assaults was that authorities businesses didn’t share data they wanted to share with one another,” Batterbery says. “Communication is the lifeblood of any group.”
