For decades, the promise of big data was on the horizon as a means to make sense out of our digital chaos
The big data wave crested and crashed: there is more data at the fingertips of any human than anytime in history – all you need is a smartphone and the internet. While there are many positives associated with such rapid innovation, a dangerous current cuts through our online world: hackers also use big data tools to make cents from the digital chaos.
Until now, the cybersecurity industry has done what it knows how to do best: harden infrastructure
By locking hackers out of systems, traditional cybersecurity vendors tried to stem the tide of attacks. We are at an inflection point: further hardening of infrastructure is a losing battle, because hackers know that they only need to trick a human to defeat the most powerful technical solutions.
The Human Operating System is fallible
Love, fear, curiosity, and other emotions present potential ways that we can be manipulated, and personal information about each of us tells hackers what our passions and concerns are. This fundamental situation is the reason the social engineering problem is so challenging to resolve, and has remained such a threat.
Securing the Human OS
Recognizing that our own data trails are being used against us, and that humans are vulnerable to exploitation, Picnic’s founders realized that the solution to the social engineering problem – the way to protect people from those who would use their information against them – is to think like a hacker, to focus on harnessing the power of information for good, and to provide people with the technological means to reduce their visibility and accessibility to social engineers by controlling their data footprint. Our team was built to achieve this.
Meet the team
Matt Polak
Chief Executive Officer
Matt is a subject matter expert in intelligence collection, having spent his career applying these skills to intractable growth and competitive strategy challenges for Fortune 500 customers. Matt’s extensive experience and expertise in the field of human intelligence inspired Picnic’s creation as a means to protect people from open-source intelligence gathering by hackers.
Prior to founding Picnic, he was the founding partner of BroadBranch Advisors where he directly supported over $200B of successful M&A transactions in over a dozen industries ranging from cybersecurity to life sciences. Early career roles included working in investment banking and as an intelligence analyst. Matt holds dual MBAs from the UCLA Anderson School of Management and Escuela de Negocios de la Universidad Adolfo Ibáñez (Chile). He received his BA in International Affairs from James Madison University.
George has been a respected entrepreneur and product designer, across multiple industries, for two decades. He combines a background in mathematics with intelligent, user-oriented design to create powerful software solutions. In his words, a product “is only powerful when it empowers the user” … and that mantra is ever-true in Picnic’s software.
Prior to Picnic, some of George’s experience includes being the principal designer of a multiple-award-winning video game (which he then exited in a sale to an industry giant); co-founder of a data visualization company building mapping software used by DoD; executive producer of several films used as keynote presentations for major development banks (distributed to 10,000+ officials in emerging markets); and partner with a strategy consulting firm providing energy-cost analysis for large US metropolitan city governments (driving multi-million-dollar savings).
Michael is responsible for all Engineering and Data Science at Picnic. Before Picnic, Michael was VP of Engineering at IronNet Cybersecurity and Director of Engineering at Socially Determined with years of public and private sector product development.
Troy Roberts is a proven sales leader with over twenty years of experience and expertise in enterprise software, cybersecurity, and digital transformation. He is a committed “servant leader” who is passionate about elevating the performance of his teams and enabling them to achieve exceptional results.
Ben leads Picnic’s Sales team with a focus on customer-centric relationship building and collaboration. He brings over 15 years of experience partnering with both private and public enterprise organizations to deliver cutting-edge cybersecurity solutions. Ben has previously held leadership positions with XTec Inc, Intercede, and EMC (RSA).
Manit is a Certified Red Teamer and Expert Social Engineer. Formerly Head of Red Teaming for the UK’s central bank, Manit now leads Picnic’s Global Intelligence function, building the attacker mindset and techniques into the Picnic product line.
Quentin is a dedicated Customer Success leader with over 10 years of experience in leading customer-facing teams. He partners with key stakeholders to deliver on our mission to be the best in class with a focus on delivering outcomes that meet and exceed customer expectations.
Sara is an award-winning marketing leader with over 15 years of experience fusing strategy, technology, and creativity to help leading organizations in the commercial, professional services, and agency spaces forge and amplify their brands in the marketplace, with a focus on driving growth and delivering quantifiable results for clients.
With over 10 years of experience solving challenges across the private, public, and non-profit sectors, Marco is a strategy consultant at heart with a deep interest and expertise in technology, data, and cybersecurity.
Picnic is backed by a top-flight group of expert advisors.
In today’s world, with the explosion of connected devices and more identities and credentials online than ever before, securing the ‘person in the chair’ and addressing the ‘identity of things’ must become our top priority. Social engineers have become such a danger to businesses today because they have an asymmetrical advantage. They can cast a very wide net but usually need only one bite to break in and wreak havoc. Picnic works to take away the social engineer’s advantage by reducing the visibility and attack surface of an enterprise’s people, creating a more secure human data layer that is harder to breach. They help protect the very thing that is most vulnerable and not very good at securing itself- the human OS. Picnic’s timely platform is greatly needed and most welcome.
Niloofar Razi Howe
Cybersecurity Strategist and Executive
Digital consumers are unaware of how information about them is being saved, aggregated, and circulated today. The boundary between an individual’s work and personal life has blurred. This has created a unique and complex cybersecurity challenge for the enterprise: how to protect employees in an environment where their data is being used against them by social engineers. The primary challenge with this dilemma is that it continues to grow larger due to the success of cyber criminals. Picnic has created an employee-forward cybersecurity platform that empowers businesses and security specialists to know and manage digital footprints beyond the conventional perimeter while offering a benefit to the employee.
Jim Routh
Board member of Supply Wisdom, GrammaTech, Unbiased Security and the Global Resiliency Federation
As cybersecurity infrastructure has become more and more difficult for hackers to break into directly, social engineering-based attacks have become an ever-present menace. All too often, victims are caught unaware in a psychologically persuasive trap concocted by an attacker using a person’s own data. Picnic gets at the root of the problem by going to the source of what makes a social engineer’s scheme so convincing: the personal information that the attacker requires to trick people. In helping organizations and individuals see themselves the way a social engineer sees them, and to manage their own data footprint, Picnic effectively makes them harder for social engineers to target, addressing the problem directly and proactively.
Dr. Noah Goldstein
Professor of Management & Organizations, Medicine, and Psychology at UCLA
Ransomware and malware delivered through phishing and social engineering continue to be the number one threat in cyber today. These attacks target our age-old “weakest-link”– people and their inability to control personal data on the internet. Once in the “wild,” personal data is commonly exploited as Open-Source Intelligence (OSINT) by attackers. Picnic’s unique platform stands out as the right mix of security technology, innovation, and predictive intelligence to help individuals and enterprises reduce their exposure to OSINT. Picnic’s platform not only provides the continuous controls, automation, and flexibility to significantly reduce OSINT risk, but also presents a valuable benefit to an organization’s people on a personal level. No one wants their personal information out there without their explicit permission. Picnic finds it and reduces it.
Mark Ford
President, Mark V Ford Risk Consulting LLC
Picnic’s platform is one of the most cost-effective ways to improve an organization’s cybersecurity – because it focuses on educating and safeguarding the risk to its people. Infrastructure security has come a long way, threat actors have had to adapt, and the cybersecurity game has changed in today’s environment, where there is no true network edge. Social engineers using our own data against us is a central issue. If organizations want to protect against today’s increasing cyber risks, it’s critical that they view their employees’ safety and security holistically. Picnic protects individuals and their families in office, home, and remote environments, creating an enterprise culture of safety, security, and privacy. It empowers their people and delivers a smart cost-effective layer of cybersecurity that modern security teams need.
Scott Goodhart
CISO Emeritus, AES Corporation
We live in a digitally fluid world. Data trails cross the work/home boundary with ease. Social engineering hackers are opportunistic and simply choose their targets based on accessible data. With that in mind, people must take control of their information – at work and at home before it can be used against them. Picnic allows its users to see their data footprint to know if they are vulnerable and it provides the actions necessary to reduce their attack surface. In doing so, users are no longer easy targets. The fact that companies can offer this service to employees as a benefit is of tremendous value. Picnic’s product is a no-brainer; it makes people safer at work and safer at home. Most folks know their credit score – someday soon I see them knowing their Picnic score.
Gary Doucette
Healthcare Executive
Picnic has some very unique characteristics as a cybersecurity company challenging the complex and somewhat shadowy domain of social engineering. Their innovative platform constructs actionable insights into an organization's exposure surface from the perspective of the social engineers themselves. As a security team, it's invaluable to be able to see from the outside-in where you are vulnerable, why, and what kinds of threats you're being exposed to. Picnic’s platform not only does this and puts this information into digestible metrics and scores for internal and external comparison, but also gives security personnel the knowledge and means to do something about it. Additionally, Picnic’s companion app for employees goes much further than training awareness in that it empowers them to be an extension of the security team. It creates a natural collaboration point between the employee and the employer while maintaining employee privacy and providing real-world benefit to both parties. In today's world, it's refreshing to see innovative thinking being applied in such an approachable yet powerful way.
Max Kilger
Ph.D., Director of Data Analytics Program and Associate Professor of Practice
Picnic is charting and combating the risk space that’s responsible for over 90% of cyber-attacks today: the exploitation of public data by social engineers. Along with their expert team, Picnic has pulled in a fantastic circle of advisors from across the private and public sector as well as academia to solve this problem. Picnic allows enterprises to assess risk on a new and profound level and to take the strategic security actions necessary to minimize that risk automatically and continuously in a way that protects not just businesses, but all their people too. It’s timely technology and every industry needs this capability in their security arsenal.
Henry Ristuccia
Investment Partner and Advisor at York IE
Picnic has built their technology platform from a perspective of deep domain expertise. They have combined their knowledge of human reconnaissance and intelligence, engineering, cybersecurity, and the psychology of social engineering to deliver an incredible platform. It is a refreshing approach to a very big problem. With Picnic, businesses can understand not only how they are vulnerable, but also why; they can see what the hackers see and adapt to protect themselves against the social engineering threat with quantifiable results.
Lyndon Brown
Chief Strategy Officer, Pondurance
In today’s world, with the explosion of connected devices and more identities and credentials online than ever before, securing the ‘person in the chair’ and addressing the ‘identity of things’ must become our top priority. Social engineers have become such a danger to businesses today because they have an asymmetrical advantage. They can cast a very wide net but usually need only one bite to break in and wreak havoc. Picnic works to take away the social engineer’s advantage by reducing the visibility and attack surface of an enterprise’s people, creating a more secure human data layer that is harder to breach. They help protect the very thing that is most vulnerable and not very good at securing itself- the human OS. Picnic’s timely platform is greatly needed and most welcome.
Niloofar Razi Howe
Cybersecurity Strategist and Executive
Digital consumers are unaware of how information about them is being saved, aggregated, and circulated today. The boundary between an individual’s work and personal life has blurred. This has created a unique and complex cybersecurity challenge for the enterprise: how to protect employees in an environment where their data is being used against them by social engineers. The primary challenge with this dilemma is that it continues to grow larger due to the success of cyber criminals. Picnic has created an employee-forward cybersecurity platform that empowers businesses and security specialists to know and manage digital footprints beyond the conventional perimeter while offering a benefit to the employee.
Jim Routh
Board member of Supply Wisdom, GrammaTech, Unbiased Security and the Global Resiliency Federation
As cybersecurity infrastructure has become more and more difficult for hackers to break into directly, social engineering-based attacks have become an ever-present menace. All too often, victims are caught unaware in a psychologically persuasive trap concocted by an attacker using a person’s own data. Picnic gets at the root of the problem by going to the source of what makes a social engineer’s scheme so convincing: the personal information that the attacker requires to trick people. In helping organizations and individuals see themselves the way a social engineer sees them, and to manage their own data footprint, Picnic effectively makes them harder for social engineers to target, addressing the problem directly and proactively.
Dr. Noah Goldstein
Professor of Management & Organizations, Medicine, and Psychology at UCLA
Ransomware and malware delivered through phishing and social engineering continue to be the number one threat in cyber today. These attacks target our age-old “weakest-link”– people and their inability to control personal data on the internet. Once in the “wild,” personal data is commonly exploited as Open-Source Intelligence (OSINT) by attackers. Picnic’s unique platform stands out as the right mix of security technology, innovation, and predictive intelligence to help individuals and enterprises reduce their exposure to OSINT. Picnic’s platform not only provides the continuous controls, automation, and flexibility to significantly reduce OSINT risk, but also presents a valuable benefit to an organization’s people on a personal level. No one wants their personal information out there without their explicit permission. Picnic finds it and reduces it.
Mark Ford
President, Mark V Ford Risk Consulting LLC
Picnic’s platform is one of the most cost-effective ways to improve an organization’s cybersecurity – because it focuses on educating and safeguarding the risk to its people. Infrastructure security has come a long way, threat actors have had to adapt, and the cybersecurity game has changed in today’s environment, where there is no true network edge. Social engineers using our own data against us is a central issue. If organizations want to protect against today’s increasing cyber risks, it’s critical that they view their employees’ safety and security holistically. Picnic protects individuals and their families in office, home, and remote environments, creating an enterprise culture of safety, security, and privacy. It empowers their people and delivers a smart cost-effective layer of cybersecurity that modern security teams need.
Scott Goodhart
CISO Emeritus, AES Corporation
We live in a digitally fluid world. Data trails cross the work/home boundary with ease. Social engineering hackers are opportunistic and simply choose their targets based on accessible data. With that in mind, people must take control of their information – at work and at home before it can be used against them. Picnic allows its users to see their data footprint to know if they are vulnerable and it provides the actions necessary to reduce their attack surface. In doing so, users are no longer easy targets. The fact that companies can offer this service to employees as a benefit is of tremendous value. Picnic’s product is a no-brainer; it makes people safer at work and safer at home. Most folks know their credit score – someday soon I see them knowing their Picnic score.
Gary Doucette
Healthcare Executive
Picnic has some very unique characteristics as a cybersecurity company challenging the complex and somewhat shadowy domain of social engineering. Their innovative platform constructs actionable insights into an organization's exposure surface from the perspective of the social engineers themselves. As a security team, it's invaluable to be able to see from the outside-in where you are vulnerable, why, and what kinds of threats you're being exposed to. Picnic’s platform not only does this and puts this information into digestible metrics and scores for internal and external comparison, but also gives security personnel the knowledge and means to do something about it. Additionally, Picnic’s companion app for employees goes much further than training awareness in that it empowers them to be an extension of the security team. It creates a natural collaboration point between the employee and the employer while maintaining employee privacy and providing real-world benefit to both parties. In today's world, it's refreshing to see innovative thinking being applied in such an approachable yet powerful way.
Max Kilger
Ph.D., Director of Data Analytics Program and Associate Professor of Practice
Picnic is charting and combating the risk space that’s responsible for over 90% of cyber-attacks today: the exploitation of public data by social engineers. Along with their expert team, Picnic has pulled in a fantastic circle of advisors from across the private and public sector as well as academia to solve this problem. Picnic allows enterprises to assess risk on a new and profound level and to take the strategic security actions necessary to minimize that risk automatically and continuously in a way that protects not just businesses, but all their people too. It’s timely technology and every industry needs this capability in their security arsenal.
Henry Ristuccia
Investment Partner and Advisor at York IE
Picnic has built their technology platform from a perspective of deep domain expertise. They have combined their knowledge of human reconnaissance and intelligence, engineering, cybersecurity, and the psychology of social engineering to deliver an incredible platform. It is a refreshing approach to a very big problem. With Picnic, businesses can understand not only how they are vulnerable, but also why; they can see what the hackers see and adapt to protect themselves against the social engineering threat with quantifiable results.
