In a recent SafetyDetectives interview, Flexxon Co-Founders Ms. Camellia Chan (CEO) and Ms. May Chng (COO) discussed the evolution of their company, founded in 2007, from industrial storage solutions to pioneering hardware-based cybersecurity. They emphasized the revolutionary nature of their flagship product, the X-PHY SSD, a firmware-based AI-embedded solution providing real-time threat detection within the device’s hardware. The Co-Founders highlighted its proactive and dynamic approach, addressing cybersecurity challenges in the face of evolving cybercrime. They also introduced upcoming products, including solutions for data centers and enterprise servers, and the X-PHY Vault, a handheld security device recently soft-launched at CES 2024. Flexxon envisions a paradigm shift towards hardware-centric security systems as a necessary step to effectively combat cyber threats in the future.
(L-R) Camellia Chan and May Chng
Photo Credit: Flexxon
Can you introduce yourselves and talk about your roles at Flexxon?
Ms. Camellia Chan: We co-founded Flexxon in 2007, and I’ve been the CEO and May the COO since our inception.
Can you provide a brief overview of Flexxon and its mission in the tech industry?
Ms. May Chng: We are a pioneer in hardware-based cybersecurity solutions, addressing an overlooked segment of the cybersecurity market that is essentially the weak link in even the most well-funded security postures.
We founded the company in 2007, and originally focused on industrial NAND storage solutions, serving the niche industries of the industrial, medical, automotive, and aerospace sectors. We grew to serve many Fortune 500 companies and customers in the miliary and defence sector due to their need for highly reliable, high performance and non-negotiable security for data storage. This led us to rolling out our first generation of security solutions in 2017, built upon the twin pillars of Data Integrity and Data Confidentiality. These solutions focus on static security, such as key management and encryption.
We pivoted in 2019 when we recognized the dire need for dynamic storage solutions to properly deal with the evolving state of cybercrime. THis also came with the notion of embracing a Security-by-Design mindset due to the rising sophistication of cybercrime.
This is what gave rise to our flagship cybersecurity solution, the firmware-based AI-embedded X-PHY SSD. Today, it is a multi-awarded and patented solution that effectively defends against Zero Day exploits. This has since evolved into a suite of solutions that covers endpoint security for individuals and enterprises.
We have since been evolving rapidly beyond our legacy business, with a mission to bring accessible and efficient solutions to all digital citizens. Our latest security solution, the X-PHY Vault, was soft-launched at CES just 2 weeks ago.
Can you provide insights into how the AI-powered solution in X-PHY® detects and identifies threats in real-time?
CC: The X-PHY is a completely revolutionary cybersecurity solution that closes a major gap in today’s predominantly software-centric security landscape. The X-PHY is like an intelligent brain within the hardware setup of a device, that utilises patented AI and ML algorithms to autonomously monitor and detect incursions in real-time.
Here’s how it differs from external security solutions:
Security at the external layer has to deal with not only 6 network layers as opposed to a single physical layer (data link, network, transport, session, presentation and application), but also the compounded variables within each layer. Within the Application Layer alone for instance, we are looking at interactions between tens or even hundreds of apps on a user’s device with the network. Common apps that you might be familiar with include web browsers like Google Chrome, Firefox, Safari, and email clients like Microsoft Outlook and Gmail.
In contrast, the physical layer is far more fixed. With an enclave environment that does not need to be concerned with the external layers, the variables are greatly reduced. At the physical data storage level, the environment is engineered for one-door access/a single access point. There is literally only one way in and one way out.
This makes threat monitoring, detection, and action far more reliable, accurate, and speedy, because the environment is completely within the user’s control and the attacker has nowhere to hide and no way to mask himself.
This is the battleground in which the X-PHY operates, acting as a sentinel to guard your data against cyber attacks. Deployed within endpoint devices, it protects stored data proactively and autonomously.
How are Flexxon products designed to mitigate risks related to network-based attacks and unauthorized data access?
CC: In the case of the X-PHY, it acts as the last line of defence against cyberattackers looking to access and steal your stored data. Beyond the attributes mentioned in question 3, it also protects data against physical attacks such as side channel attacks and device theft.
One important aspect of the X-PHY is that it functions proactively instead of reactively like the majority of security solutions. In addition, it is a dynamic solution that creates far greater security as opposed to static solutions.
The X-PHY is designed to work in tandem with security solutions at the external layers and good user cyber hygiene. But when all else fails, which we have seen happen often, the X-PHY is the final protective layer that is proactive, dynamic, and autonomous.
Do you have other security products that you’d like to share about?
CC: With the successful launch of the X-PHY in 2021, we have continued innovating to deliver more effective solutions to even more use cases.
With the X-PHY focusing on securing endpoint devices, we have also developed an upcoming solution that covers data centers and enterprise servers. Beyond detection, we have also designed capabilities to greatly minimise downtime and deliver near-instantaneous data recovery. Which is an essential element for businesses in today’s fast-paced environment.
Concurrently, we have also developed the X-PHY Vault, a nifty multi-purpose handheld security solution that functions as a personal cloud device and ‘warm’ crypto wallet. It’s a highly unique but also functional product that caters to both avid crypto users and anyone who prizes the security and privacy of their data. We just soft-launched the product at CES 2024. As anticipated, it drew a lot of interest and curiosity from attendees due to its unique and functional nature!
Both of these upcoming products will be launched officially this year, and we are excited for them to hit the market!
What challenges does the cybersecurity industry face today?
MC: The cybersecurity industry is having a hard time playing catch up to cybercriminals. The criminal landscape has transformed tremendously in the past few decades, it is now a sophisticated industry, well-funded, and highly organised.
On the other hand, the cybersecurity industry has remained in the same frame of mind that it has since the 1990s. Heavily dependent on software solutions that still require a high level of human intervention to keep the database of threats updated. To be frank, anti-virus is the bare minimum, but I would never rely on it solely to protect my business or even personal data
CC: Yes, this is exactly why the cybersecurity industry must see a major shift in the coming years. Flexoxn’s perspective is that dynamic security systems will be embedded by design in our hardware. Hardware is the best defence for autonomous data and system protection, while software systems and cyber hygiene standards deal primarily with deciphering human behaviours, such as social engineering attacks.
As businesses and individuals face the undeniable fact that current software-based security solutions cannot work alone, we will begin embracing an inbuilt, hardware-centric approach that deploys intelligent detection systems at the foundation of each device, enterprise server, and data centre to protect users across the spectrum.
We will finally see a major mindset shift that has been entrenched for over three decades and stop relying on software-centric security as the sole means of protection against hackers. Then only can we have the peace of mind with the knowledge that we are holistically equipped to detect, respond, and shut down incursions effectively.