As Internal Threats Rise, Investors Back New Security Tech

On February 3, 2011, a little over two years before Edward Snowden would board his plane to Hong Kong and change history, a 37-year-old man named Jason Cornish fired what may have been the first shot in one of the new fronts of the battle for enterprise security.

An information technology employee at Shionogi, the US subsidiary of a Japanese pharmaceutical firm, Cornish woke up that icy February morning, went to his local McDonald’s and deleted 15 virtual hosts on Shionogi’s network, housing the equivalent of 88 different computer servers.

Shionogi lost its email and Blackberry servers, its order tracking system, and its financial management software, according to an FBI report.

Cornish accessed the network via a software program he had secretly installed and used his familiarity with the company’s network to select each of the virtual servers he wanted to delete. The FBI estimated that attack cost the company $300,000.

Companies have lost billions to both disgruntled employees and outside hackers, governments have been hobbled (rightly or wrongly) by information leaks, and identity theft has skyrocketed.

Amid this steady drumbeat of technology breaches and security snafus, venture capitalists have spent roughly $6.5 billion on new technologies to combat this menace, according to CrunchBase data.

The latest company to benefit from this deluge of dollars, and the one that addresses the issue of bad actors inside corporate networks most directly, is HyTrust, which has just closed on $25 million in new financing. The Series D round was led by new investor Accelerate IT Ventures with additional participation from Vanedge Capital.

Previous strategic investors VMWare, Cisco, Intel, Fortinet and In-Q-Tel (the investment arm of the Central Intelligence Agency) and venture capital firms Granite Ventures, Trident Capital, and Epic Ventures also participated in the round.

“HyTrust definitely benefited from the Snowden effect,” said one investor familiar with the company.

To prevent against future Snowden-like breaches in government or in business, HyTrust allows companies to automate controls around who can access what information and then monitors how different users behave on the network. If a user tries to access files or acts anomalously Hytrust can notify the right security channels and prevent access to unauthorized material.

The movement to “cloud computing” which allows organizations to store and process orders of magnitude more data than every before has exposed that information to more attacks, says Brian Nugent, and investor with AITV who will take a seat on the HyTrust board of directors. “Cloud computing creates a soft underbelly of data security,” he says.

Traditional security depended on the protection of hardware and software and network perimeters. But with data distributed across a network, the notion of a “perimeter” disappears. “System administrators are now some of the most powerful people within an organization,” says Eric Chiu, HyTrust chief executive.

HyTrust and other companies like it allow organizations to create layers of controls to gauge who has access to what information, and integrate with other services to monitor user behavior and look for anomalies. By partnering with networking giants like Cisco, virtualization technology vendors like VMWare, and hardware companies like Intel, HyTrust has a window across all aspects of a company’s network, according to investors.

And securing networks has never been more important. According to a survey by Forrester Research 53% of enterprise workloads were already virtualized in 2013, and that number is expected to rise to 71% by the end of this year.

While HyTrust is attracting dollars and investor interest, other security buckets represent big opportunities for venture investors and young technology companies, according to one venture capitalist familiar with the security market.

“This has the potential to productize a multi-billion dollar consulting market around security penetration,” the investor said. Marquee firms like Benchmark, which backed Hacker1, and Greylock, Kleiner Perkins Caufield & Byers and Google Ventures are behind Synack. Venture capitalists are also taking a closer look at document management, security and tracking, with three stealthy companies backed in the last year.

Finally, new companies are even taking a run at HyTrust’s market of securing against internal threats in a network. Baltimore-based RedOwl Analytics raised $4.6 million in a round of funding to develop its network monitoring and security technology, and Fortscale has raised $12 million from investors including Intel Capital looking at a similar market. “This category builds on top of security compliance, and adds a bunch of data sources to do predictive analytics,” the investor said.

Ultimately, enterprises will turn to all of these technologies, because, frankly, they have little other choice, investors said. “There’s no one technology that’s a silver bullet,” said an investor backing HyTrust. “Companies need everything they can to reduce the cost and complexity of security, and counterintuitively that means buying more technology. The threats keep multiplying.”