Ep456: Barak Rabinowitz | Managing Partner, F2 Venture Capital

Cybersecurity is once again at a critical crossroads—this time, driven by the explosive growth of AI technologies. During a recent visit to Descope’s Palo Alto office, I sat down with CEO Slavik Markovich, a veteran in the cybersecurity space whose past ventures, Demisto (acquired by Palo Alto Networks) and Sentrigo (acquired by McAfee), shaped much of the modern security landscape. Our conversation centered around how AI is radically reshaping digital identity.Slavik and his team—collaborators for nearly three decades—launched Descope with a bold mission: eliminate passwords altogether. “Passwords are the worst of both worlds,” he noted, “hard for humans to remember and easy for computers to crack.” As AI supercharges phishing and other attack vectors, traditional passwords only grow more inadequate.Instead, Slavik advocates for passkeys—phishing-resistant, cryptographic keys stored locally and authenticated via biometrics, without ever exposing the biometric data. It's a fundamentally more secure and seamless approach to authentication.Descope’s innovation doesn’t stop there. As AI evolves into “agentic” form—digital agents acting on behalf of users—the company is tackling a new security frontier. These agents don’t fit neatly into existing models of user authentication or machine-to-machine trust. “The industry is shifting toward agentic AI,” Slavik explained, “and that’s expanding the scale and complexity of identity management.”One surprisingly common challenge they’re solving is the "confused agent problem," where digital agents unintentionally act with higher privileges than intended. Descope positions itself as the intermediary—managing progressive authorization, mediating between users, agents, and applications, and ensuring secure, compliant interactions.For CISOs and enterprise leaders, this shift presents both urgency and opportunity. AI is no longer an emerging edge case—it’s embedded in tools and workflows across organizations. Security teams must act swiftly to secure agent-driven interactions and identity touchpoints or risk falling behind.At Clarity, where I focus on AI-powered threats like deepfakes and next-gen phishing, I see firsthand how vital identity management has become. It’s no longer just a login issue—it’s the first and most critical line of defense. Security solutions must be both robust and frictionless, balancing user experience with airtight protection.Slavik also shared a personal insight that stood out to me: “We prioritize having fun. We’ve built multiple companies together because we genuinely enjoy the journey.” That mindset resonates. The best cybersecurity innovations come from passionate teams that love solving hard problems, not just building defenses.The identity revolution is already underway. Organizations that embrace passwordless, agent-aware authentication now will dramatically improve both their security and user experience. Those that delay will face rising vulnerabilities and growing user frustration.Our industry isn’t just evolving—it’s undergoing a full-scale transformation. Proactively embracing agentic AI, passkeys, and adaptive identity strategies is not just smart—it’s essential. Those who lead will define the future of digital trust. Those who don’t may find themselves struggling to catch up in a threat landscape redefined by AI.

23 Maj 26min

The cybersecurity landscape is rapidly evolving, driven by advancements in artificial intelligence (AI) and the growing complexity of enterprise data environments. In a recent conversation with Dan Benjamin, VP at Palo Alto Networks and co-founder of Dig Security, it became clear that securing data and AI requires moving beyond traditional perimeter-based strategies toward more dynamic, proactive approaches.Dan brings deep entrepreneurial experience. After founding multiple cybersecurity startups, his latest—Dig Security—was acquired by Palo Alto Networks within just two years, signaling rapid adoption and market validation. His background at Microsoft and current leadership role give him a sharp lens on the intersection of AI and data security.One key takeaway from our conversation: speed is critical. “The ability to scale quickly and see immediately if something works or doesn't is critical,” Dan said. This mindset powered Dig’s growth to nearly 80 employees in two years, fueled by focus and strategic clarity.A major theme was the rise of Data Security Posture Management (DSPM). As Dan shared, when Dig launched, “more than 50% of enterprise data had already moved to the cloud,” rendering legacy security tools ineffective. DSPM answers urgent questions like: What data do we have? Who can access it? Is it protected? As companies adopt multi-cloud infrastructures, DSPM becomes essential.This transformation has also been accelerated by market awareness—fueled by VC investments and competing startups. “Data security wasn’t even a top-ten concern for CISOs initially. Within a year, it was top three,” Dan noted. It’s a reminder of how fast industry priorities can shift.And now, AI is redefining those priorities again. Dan emphasized how AI introduces both opportunity and risk. Boards are pushing for rapid AI integration, while CISOs scramble to secure it. “AI security must begin with visibility—knowing what models you’re running, what data was used, and ensuring proper compliance and access controls.”At Palo Alto Networks, around half of all data security discussions now center on AI, reflecting its growing urgency. AI isn’t just creating new threats—it’s forcing a rethink of cybersecurity strategies.But AI isn’t just a risk—it’s also part of the solution. Dan predicts that in the next five years, AI will autonomously handle many cybersecurity decisions. Already, AI tools are handling initial threat triage in SOCs, easing analyst workloads and improving response times.This aligns with what we’re seeing at Clarity, where AI-driven tools are helping counter advanced threats, from deepfakes to social engineering attacks. The shift from reactive alerts to proactive AI-powered defense is already underway.My biggest takeaway: enterprises must integrate DSPM and AI security now—not later. The threat landscape is evolving weekly. Those who delay will fall behind, while those who adapt quickly will build unmatched resilience.As Dan put it, “Entrepreneurs have limited patience—we must see rapid progress.” That sense of urgency is exactly what today’s cybersecurity leaders need to stay ahead in an AI-powered world.

23 Maj 34min

Haunted by the rise of online antisemitism, Tal-Or Cohen Montemayor left a high-powered legal career to launch CyberWell—a nonprofit using AI to hold social media platforms accountable to their own policies. In this conversation, she shares how antisemitic hate moved from fringe forums to mainstream feeds, the troubling aftermath of October 7, and why current systems are failing to respond. Her work exposes the gaps in content moderation and reveals how high-integrity data and generative AI can reshape digital accountability—offering a hopeful, scalable path forward in one of tech’s most urgent ethical battles.#20minuteleaders #OnlineAntisemitism #AIForGood #ContentModeration

21 Maj 24min

Shalev Ifrah’s path is one of curiosity, creativity, and continuous growth. From launching his first ventures to building Israel’s leading digital marketing college, he shares how real-world learning, persistence, and strategic risk-taking shaped his entrepreneurial vision. His journey highlights the power of aligned partnerships, rapid adaptation, and turning insights into innovation.#20minuteleaders #EntrepreneurshipJourney #RevenueGrowthStrategies #DigitalMarketingLeadership

18 Maj 25min

At nine, Roey Eliyahu was already coding. By 11, he was freelancing. His path from an IDF cybersecurity unit to founding Salt Security reflects a deep understanding of how microservices and GenAI transformed APIs from simple gateways to complex security risks. He shares why discovery, governance, and protection are now essential pillars for any enterprise navigating rapid innovation—and how early insights shaped a category-defining solution.#20MinuteLeaders #APISecurity #CybersecurityLeadership #EnterpriseTech

12 Maj 20min

By Michael Matias, CEO of Clarity and Forbes 30 Under 30 alumCybersecurity is at a turning point, driven by AI’s rapid rise. In a recent conversation with Matan Derman, CEO of Apex, we explored why integrating AI into organizations is inevitable—and why traditional security strategies must evolve to meet AI-specific threats.Derman, with a background in elite Israeli cyber units and Stanford Business School, alongside co-founder Tomer Even, quickly recognized how accessible AI tools like ChatGPT and GitHub Copilot were revolutionizing productivity while exposing new vulnerabilities. “Organizations were banning AI tools out of fear—legal, compliance, privacy, and data leakage concerns were overwhelming,” Derman shared.At Clarity, I’ve seen firsthand how AI-generated cyberattacks are escalating. Team8 reports AI-driven phishing attacks have surged over 2,000% recently. Static, reactive security models are no match for these dynamic threats.Apex’s solution? Use AI to secure AI. "We evolved from being a security company focused on AI to becoming a security company for AI, leveraging AI extensively," Derman explained. Traditional defenses can’t handle novel attack methods like prompt injection and jailbreak attacks, which trick AI models into revealing sensitive data—even through creative methods like Morse code.Organizations now face a clear choice: adopt proactive, AI-powered security or risk falling behind. As AI lowers the barrier for attackers, real-time, AI-driven defenses have become essential.Derman stressed that for AI’s true potential to be realized, it must be widely adopted across entire workforces—not just by tech experts. Yet, broader use also expands the risk landscape. Companies must urgently adopt AI-native security platforms to harness AI’s benefits safely.The cybersecurity industry is at a crossroads. AI-driven solutions are no longer optional—they’re today’s standard. As Derman put it: “Our goal was identifying critical problems unique to AI use and creating foundational security layers for future AI adoption.”The time to act is now. The future won’t wait.

6 Maj 42min

By Michael Matias, CEO of Clarity and Forbes 30 Under 30 alumCybersecurity is at a turning point, driven by artificial intelligence (AI). My conversation with Jonathan Roizin, CEO of Flow Security—now part of CrowdStrike—reinforced the urgent need for organizations to rethink data protection strategies in an era of dynamic, fluid information exchange.The Shifting Nature of Data SecurityRoizin, a veteran of elite Israeli cybersecurity organizations, has spent over 15 years tackling cyber threats. His focus on "data in motion" highlights a critical reality: data no longer sits in static environments. It moves continuously across cloud services, SaaS platforms, and APIs, fundamentally altering security needs.The stakes are enormous. IBM’s 2023 Cost of a Data Breach report revealed that the average breach now costs $4.45 million. Meanwhile, organizations use over 130 SaaS applications, a number increasing nearly 18% annually. Yet, many still rely on outdated security models that assume clear perimeters around data.The Decline of Traditional DefensesRoizin emphasized the need to move beyond legacy Data Leakage Prevention (DLP) strategies, which were designed for endpoint security and internal networks. “The boundaries have been broken,” he explained. As organizations migrate to cloud environments like AWS, Google Cloud, and Microsoft Azure, perimeter-based security models are becoming ineffective. Gartner predicts that by 2025, 85% of businesses will operate primarily in the cloud.AI as a Threat and a Defense MechanismThe rise of AI compounds security challenges. AI-powered tools—such as coding assistants and automated meeting note-takers—introduce new vulnerabilities. Employees often share sensitive information through unmonitored AI platforms, inadvertently exposing critical data. A Team8 report found AI-driven phishing attacks have surged by more than 2,000%, with nearly half using GPT-generated communications.Yet, AI also strengthens cybersecurity. Flow Security leverages AI-driven automation to classify and monitor sensitive data in real time, providing dynamic protection that traditional security models cannot achieve.The Urgent Need for Proactive AI IntegrationThe future of cybersecurity demands a philosophical shift—security cannot rely on passive visibility. Instead, AI-driven real-time interventions must become the norm. Roizin and I share a conviction: cybersecurity teams should not simply identify risks but actively prevent breaches before they occur.My work at Clarity reinforces this belief. AI-driven techniques can protect organizations far more effectively than reactive security models. Intelligent automation minimizes false positives, allowing security teams to focus on genuine threats rather than being overwhelmed by noise.Looking AheadThis conversation reaffirmed my thesis: cybersecurity must evolve alongside rapidly shifting technological landscapes. Static security frameworks no longer suffice. Organizations must integrate AI-driven defense mechanisms that adapt to the continuous movement of data—or risk falling behind.Those who embrace this paradigm will unlock unprecedented security resilience. Those who delay may find themselves vulnerable to increasingly sophisticated cyber threats.

5 Maj 36min

Artificial intelligence (AI) is reshaping cybersecurity—not just for digital threats but also for critical physical infrastructure like railways. My conversation with Miki Shifman, Co-Founder and CTO of Cylus, underscored the urgent need to extend cybersecurity beyond traditional digital domains to protect transportation systems.Railway Cybersecurity: A Growing ConcernShifman, a cybersecurity expert and Israeli intelligence veteran, co-founded Cylus in 2017 to address vulnerabilities in railway systems. Historically, rail safety focused on mechanical redundancy and human oversight. But modern trains—autonomous, high-speed, and digitally connected—face unprecedented cyber risks. As Shifman put it, “The boundaries have been broken.”Recent incidents highlight the severity. London’s railway shutdown last September exposed the economic and societal disruptions cyberattacks can cause. A similar event in New York’s subway system would ripple far beyond transportation, affecting healthcare and public safety.Emerging Threats and AI’s RoleRailway cyber threats fall into two categories: availability threats that halt train operations and safety threats that could lead to collisions or derailments. Many railway systems lack adequate encryption and authentication, making vulnerabilities deeply embedded. AI accelerates these risks—lowering the expertise needed to execute sophisticated attacks. Tools like ChatGPT enable less-experienced hackers to gain insights into specialized rail protocols, expanding the pool of potential attackers.Regulatory Response and AI-Powered DefenseWith railways classified as critical infrastructure, regulatory bodies in the EU and U.S. are mandating stronger cybersecurity measures by 2025. However, these solutions must integrate carefully to avoid interfering with operational safety.AI also strengthens defenses. Cylus uses AI to enhance threat detection, real-time monitoring, and anomaly detection while reducing false positives. AI boosts productivity across railway cybersecurity, from rapid prototyping to regulatory compliance automation. “AI helps turn compliance from a burden into an asset,” Shifman noted.The Future of Railway CybersecurityRail cybersecurity lags behind other critical infrastructure sectors, but AI provides an opportunity to leap forward. Organizations embracing AI-driven security will gain unprecedented protection—while those slow to adapt remain vulnerable to increasingly sophisticated threats.When asked about AI’s future in rail security, Shifman admitted, “We’re still evolving our understanding. But ignoring AI simply isn’t an option. This technology changes the landscape weekly.” That mindset—alert, adaptable, and proactive—is exactly what the railway industry needs today.

5 Maj 27min