Small businesses are big targets for ransomware attacks, and these attacks can cost companies millions of dollars, according to a report from cybersecurity firm NordLocker.
A Centennial startup aims to reduce these attacks and just raised $2.3 million to put toward this goal.
Founded by a former National Security Agency mathematician Gadalia Montoya Weinberg O’Bryan, Dapple Security is a digital identity and security startup that uses biometrics — like a user’s fingerprint or voice — to offer people and businesses a phishing-resistant passwordless login.
But Dapple takes its solution one step further. It creates a digital lock and key but unlike traditional biometric passwords, it doesn’t save the key. Instead, it saves the digital lock in the cloud. This allows Dapple’s security solution to be used on any device rather than having to create a password or key on every device.
“If you move to a different device or something, you can still come back and say, ‘Hey, I still have the key,’” O’Bryan, Dapple’s CEO and co-founder, told Colorado Inno. “Whereas right now, if you got a new MacBook or whatever laptop you have ... it would have no idea who you are because it’s not a laptop with your biometrics stored on it.”
Dapple’s B2B solution is made for small and mid-size businesses, a sector of the market that’s often overlooked by cybersecurity companies and most at risk of cyber attacks because they lack access to solutions, O’Bryan said.
“When it comes to security breaches or data breaches, upwards of 90% of them start with someone having a fake login and getting in that way — so stolen password or getting past [a company’s] multi-factor authentication,” O’Bryan said. “When we can provide a more secure way of that login happening, you’re really protecting that front door, which is where most of the attacks occur.”
Dapple’s solution is expected to enter beta testing by this summer and launch commercially in the fall.
Founded in 2022, O’Bryan began working on Dapple full-time in January 2023. Before launching Dapple, O’Bryan worked at a nonprofit dedicated to bird conservation, data security company Koverse and the NSA.
The idea for Dapple came about during O’Bryan’s time at the NSA, where O’Bryan worked as a crypto mathematician from 2005 to 2013.
“[I] really fell in love with security and the fact that this academic training I had was ... actually practical and useful in that setting,” O’Bryan said. “I think a lot of the work I was doing around cryptography and biometrics really was formative and planted the seeds for the work that we’re doing now at Dapple. I think the seeds of those ideas have been kicking around in my head, honestly, since that time, even though I started there almost 20 years ago at this point.”
The idea to securely use biometrics was solidified during a thunderstorm in May 2022.
“There was this huge thunderclap and I sat up in bed [and] I was like, ‘Oh my gosh, I have an idea.’ And that really for me was the beginning of Dapple,” O’Bryan said. “After that night ... I was compelled to start the company. ... I knew that if I didn’t do it, I would always regret it.”
Since working on Dapple full-time, O’Bryan has hired Dapple’s co-founder and CTO Keith Bucher and founding engineer and head of R&D Alie Slade. (Bucher and O’Bryan previously worked together at Koverse.)
Dapple also participated in Techstars Boulder over the summer, where it focused on customer discovery and learning about outbound sales, how to cold call and how to land discovery calls. O’Bryan said Dapple wouldn’t have been successful without Techstars.
Techstars also helped the startup prepare to raise capital. Dapple recently raised a $2.3 million pre-seed round, which includes $500,000 from an angel investor that closed over the summer. The remaining $1.85 million was recently led by First In, a firm that invests in military veterans or people who previously worked in the intelligence community. Techstars, Access Venture Partners, Ex/ante — a venture fund focused on privacy, security and information — and angel investors also participated in the round.
“In the SMB space, we’ve seen passwords become a dangerously common attack vector for breaches,” Eric Shu, a principal at Access, told Colorado Inno via email. “The approach that Gadalia and her team at Dapple are taking is unique, balancing both security and privacy. We’re privileged to have the opportunity to work with her on this important mission.”
While at the NSA, O'Bryan did work around cryptography and biometrics.
