News

July 24, 2024

How 'Gandalf' helped Atomico-backed AI security startup Lakera raise $20m

The Series A round was led by Atomico with participation from Citi Ventures, Dropbox Ventures and existing investors

Tim Smith

4 min read

Zurich-based startup Lakera, which specialises in making generative AI more secure for businesses, has raised $20m in a Series A funding round. 

The investment was led by Atomico with participation from Citi Ventures, Dropbox Ventures and existing backers including redalpine.

“We provide what we call real-time GenAI security, so that the most powerful technology of our lifetime cannot be tricked into unintended actions,” says founder and CEO David Haber. “We do that in a time where the majority of Fortune 500 companies are integrating this technology into their production environments, and millions and millions of people will have access to this.”

Advertisement

Lakera’s viral hacking videogame “Gandalf”, for example, provides insight into how people attempt to tamper with AI systems — and has helped the three-year-old startup win customers and big-name investors.

Its latest funding will be used to accelerate Lakera’s product development and expand its go-to-market teams. 

What risks is Lakera protecting against?

Haber tells Sifted that the typical Lakera customer is a Fortune 100 or  500 company that’s using GenAI for either internal or customer-facing use cases. The companies, he explains, are opening themselves up to malicious actions from a far wider group of people, as hackers no longer need coding skills to cause organisations issues.

“In the world of GenAI, you literally just need to be able to speak your native language to hack yourself into these systems,” says Haber.

When it comes to threats from customer-facing GenAI, he gives the example of one customer, a logistics company, who suffered reputation damage when their chatbot was hacked, and another who leaked sensitive data to the public

“Their publicly facing chatbot was hacked, and subsequently harassed customers all over the place,” Haber tells Sifted, adding that he’s seen “a number of events where sensitive data and IP has been disclosed to the public as a result of people hacking into these systems”.

In terms of internal GenAI applications causing businesses problems, he describes another example of where an organisation moved its company travel booking system onto a GenAI product, which was then abused by employees.

“People hacked internally to get around existing travel policies, where a policy would say, ‘You're only allowed to book three star hotels,’” he says. “People got around that and booked super expensive hotels and, when prompted by the finance department, they said, ‘Well, that's what the GenAI has told us we can do.’”

Catch me if you can

Haber says Lakera protects against threats like this by supplying companies with its own specialised AI model, that “continuously monitors data sources to learn to distinguish between malicious intent and good interactions”.

Its model is taught to recognise threats via a combination of public data, internal company information and learnings from its viral game Gandalf, which invites players to try and hack a chatbot to guess a hypothetical password. Haber describes how, by inviting people to hack a fictional system, it’s uncovered valuable information about how people think about abusing real-life AI applications.

Advertisement

“It's been played by millions of people,” he says. “It distils the world's creativity around how people are trying to tamper with these AI systems.”

What’s next?

Lakera counts companies like Dropbox and a “top 3 US bank” among its customers and has had “35% of Fortune 100 companies knock on their door,” according to Atomico Partner Sasha Vidoborskiy, who will join the company’s board.

Haber says the demand for GenAI protections will only increase, as more and more companies develop their own proprietary AI models, creating more potential for sensitive data to be exploited.

Lakera has its work cut out in winning what it hopes will be a growing customer base, with other startups like Tel Aviv-based Prompt and Washington DC-based CalypsoAI working on similar products, as well as established global cybersecurity companies.

But Haber hopes that this new funding round, combined with Lakera’s unique access to crowdsourced data via its Gandalf product, will help it to keep winning business in a field that’s only set to grow.

Tim Smith

Tim Smith is news editor at Sifted. He covers deeptech and AI, and produces Startup Europe — The Sifted Podcast . Follow him on X and LinkedIn