From Teenage Hacker to Cybersecurity Innovator: Shay Shwartz’s Mission to Combat AI-Driven Phishing
Shay Shwartz’s journey into the world of cybersecurity began under unconventional circumstances. As a teenager, he made money hacking email systems, exploiting vulnerabilities through phishing attacks. However, his perspective shifted dramatically after he was caught at the age of 16. Instead of continuing down a risky path, Shwartz chose to redirect his talents toward protecting organizations from the very threats he once exploited. This transformation laid the foundation for a distinguished career in cybersecurity, culminating in his latest venture tackling the emerging challenges posed by AI-powered phishing.
A Decade of Elite Cybersecurity Experience
Shwartz spent roughly ten years in high-profile cybersecurity roles, including leading significant projects within Israel’s elite defense and intelligence communities. Notably, his expertise contributed to the Iron Dome missile defense initiative, a project renowned for its technological sophistication and critical national security importance. Later, he joined Axis, a cybersecurity startup that was eventually acquired by Hewlett Packard Enterprise (HPE), further honing his skills in cutting-edge cyber defense technologies.
Throughout his career, Shwartz nurtured the ambition to launch his own startup. Two years ago, he finally took the leap.
Ocean: A New Frontier in Email Security
Shwartz’s startup, Ocean, recently emerged from stealth mode with a total funding of $28 million. The investment round was led by Lightspeed Venture Partners, with contributions from Picture Capital and Cerca Partners. The backing also included notable angel investors such as Assaf Rappaport, CEO and co-founder of Wiz, and Yevgeny Dibrov and Nadir Izrael, co-founders of Armis, which was acquired by ServiceNow for $7.75 billion. This level of support underscores the confidence industry leaders have in Ocean’s innovative approach to email security.
Addressing the AI-Powered Phishing Threat
While established cybersecurity vendors like Proofpoint and Mimecast, as well as newer entrants such as Abnormal Security, have developed solutions to detect traditional phishing attempts, Ocean’s founder emphasizes that AI-driven attacks require a fundamentally different defense strategy. Shwartz explains that spear-phishing historically demanded significant time, research, and manual effort by highly skilled hackers to craft targeted emails.
“AI just made the entire process automatic, so the scale is much, much bigger now,” Shwartz told TechCrunch. “I can instruct large language models (LLMs) to understand exactly who you are, harvest large amounts of public information, and create phishing attacks very targeted against you.” This automation dramatically increases both the volume and sophistication of attacks, making traditional detection methods less effective.
How Ocean’s Technology Works
Ocean claims to leverage artificial intelligence to conduct deep contextual analysis of every incoming email, enabling the platform to identify fraud and impersonation attempts with greater precision. The startup has already scaled operations to analyze billions of emails monthly for high-profile clients, including Kayak, Kingston Technology, and Headspace.
According to Shwartz, Ocean developed a specialized small language model designed to swiftly interpret emails, discern the sender’s intent, and assess the message against the specific organizational context of each user. This approach allows Ocean to operate like a vigilant guard at every inbox, proactively maintaining high email hygiene and preventing threats before they cause harm.
“This is like having a guard in every door,” Shwartz said. “This is how we make the inbox a safe place with high hygiene.”
When you purchase through links in our articles, we may earn a small commission. This doesn’t affect our editorial independence.
Source: Here
