#StartupsEverywhere: Gadalia Montoya Weinberg O'Bryan, Founder and CEO, Dapple Security
This profile is part of #StartupsEverywhere, an ongoing series highlighting startup leaders in ecosystems across the country. This interview has been edited for length, content, and clarity.
Innovating privacy authentication with biometric data
Using her background in cryptography and mathematics, Gadalia Montoya Weinberg O’Bryan set out to challenge the current standard of multifactor authentication used to protect user and company data. Her company, Dapple Security, simplifies the authentication process using biometrics. We had the opportunity to chat with Gadalia about her journey to founding Dapple Security, data privacy policies, and more.
Can you tell us more about yourself and what led you to create Dapple Security?
I started my career as a mathematician specializing in cryptography, where I fell in love with technology and cybersecurity. I worked with the government in that space for about a decade before I joined some colleagues who started their own data security company. It was a big leap, but one I am glad I took because I learned that I love entrepreneurship, startups, and leading innovation.
After seven years, we sold the company, and I decided to start my own. The idea came about from my background as a security practitioner and from seeing gaps in data security. I wanted to address the issues in securing how people log in, especially in their workplaces, and Dapple was born.
What is the work you all are doing at Dapple Security?
Dapple Authenticator is an authentication app that can be installed on employee devices to log in. It’s similar to other multifactor authentication, but instead of using a password or one-time code, we use biometric data which is easier for users and more secure. We work with small to medium-sized businesses (SMBs) with managed service providers that serve SMBs.
What role can the government play in building the talent pipeline for technical fields?
I was lucky to get a prestigious National Science Foundation (NSF) fellowship in mathematics. Without that award, I would not have been able to attend the University of California, Los Angeles. Opportunities like those are critical to ensuring that we are building up American talent. I don’t know how we remain competitive as a country if we’re not enabling real technical fields to build talent.
What has been your experience with federal grant programs?
In terms of federal funding for Dapple, we did apply for the NSF Small Business Innovation Research (SBIR) and Small Business Technology Transfer (STTR) Phase I programs grant but were unsuccessful there. We were, however, successful in being awarded a National Institute of Standards and Technology (NIST) Phase I SBIR grant. Overall, it was a relatively positive process and we were ecstatic to receive this nondilutive funding to advance our commerical innovations.
Unfortunately, it would be almost impossible for a company to get by on only SBIR funding, even though that may have been the initial intent. Part of the problem is the time it takes between applying and finding out if you were awarded the grant.
On top of that, there is an additional, and unpredictable, wait time between phase one and phase two. For example, we waited for NIST to release the announcement for phase two, which was delayed multiple times. If Dapple didn’t have venture funding, my company would have died on the vine waiting for federal funding.
Encryption is key to your product. Increasingly, governments around the world want tech companies to build intentional vulnerabilities into their products for law enforcement purposes. How would you react to a request like this?
The debate around privacy and security has been around since the dawn of strong asymmetric cryptography in the 70s. At first, the National Security Agency (NSA) was resistant to that tech because of the inability to break it. I worked at the NSA during the Snowden era, where I saw a lot of debate both domestically and internationally about the nuances between privacy and security.
In terms of allowing backdoor access to our data, that would make me super uncomfortable. Ideally, there should be a legal way, not a technical way, to obtain evidence. A locksmith company doesn’t hand over the keys to people’s houses so the police can come and search them. The same idea applies to data.
Are there any local, state, or federal startup issues that you think should receive more attention from policymakers?
I think there’s lots of things the government can do to help enhance capital access for startups. For example, expanding the SBIR program and making it more effective for innovative startups can help extend runways without the need for outside investors at the earliest stages. Venture capital can be good, but it often comes with lots of strings.
Along those lines, expanding the R&D tax credit indefinitely would also help founders just starting. Legislation to remove the amortization requirement that recently went into place would be great. These are all different pathways for providing founders with options when it comes to access to capital which is incredibly important.
What are your goals for Dapple Security moving forward?
I want to get our tech out there more broadly and have an impact in helping to ensure people’s data is secure. I want to see that happen from a mission perspective, as well as a good financial outcome for me and my family.
All of the information in this profile was accurate at the date and time of publication.
Engine works to ensure that policymakers look for insight from the startup ecosystem when they are considering programs and legislation that affect entrepreneurs. Together, our voice is louder and more effective. Many of our lawmakers do not have first-hand experience with the country's thriving startup ecosystem, so it’s our job to amplify that perspective. To nominate a person, company, or organization to be featured in our #StartupsEverywhere series, email advocacy@engine.is.
