Phantom Cyber, a cybersecurity startup with an ambitious idea, announced a $2.7M seed round with backing from some of the biggest names in computer security.
Investors include John W. Thompson, former CEO of Symantec, Thomas E. Noonan, former CEO of Internet Security Systems (ISS) and John C. Becker, former CEO of Sourcefire. Zach Nelson, CEO of NetSuite Inc, Foundation Capital and Rein Capital also participated.
The trouble with today’s approach to cybersecurity is that it’s entirely too manual, postulates Phantom Cyber CEO Oliver Friedrichs. Throwing a large number of people to watch attacks, then making decisions and taking manual actions isn’t keeping up with the problem, he explained. His company wants to automate most of that activity and take humans out of the loop unless absolutely necessary.
He said part of the problem is there aren’t enough security professionals to keep up with the need, but more importantly the level of activity requires machine speed to deal with the volume and sophistication of the attacks we are seeing today. His company’s goal is to coordinate holistically at a high level connecting to all of the security pieces within an organization, easier said than done.
Phantom Cyber wants to set up sensors to detect attacks, then in military fashion observe, orient, decide and act. The system looks at security operations, working around the clock monitoring for threats and staying focused on providing the tools to deal with what Friedrichs calls a “Tier One Alert.”
The level of automation is going to depend on the company, but he recognizes there will be times when the system needs to bring humans into the loop to make the final determination, and how much that happens is going to depend on the individual requirements of each customer.
“There will be varying degrees of automation made on a per enterprise basis based on the type of business and amount of risk you are willing to take,” he said.
While he says other companies are attacking parts of the problem, not many companies are trying to coordinate across the entire security infrastructure. The only one he could think of was CSG Invotas.
If it’s true there are only a couple of companies attacking this space, so far, then it presents a huge market opportunity where there is probably room for more than one player.
The reason you don’t see the usual computer security suspects attacking this end of the market is because it requires a level of neutrality to work with a full range of industry products and services.
“We need to be like Switzerland integrating with all of best of breed products across the market to orchestrate this,” he explained.
“Typically what you want to see in early stage company is to validate this will take off. The early indications are that this is a rare green field idea,” Friedrichs said.
So far, it’s very early, as you would expect with a seed funding round. The company has about a dozen Alpha deployments ready to roll and they hope to go into Beta over the summer, followed by general availability after that.
The company has come up with a great idea, but one that is difficult to pull off given all the pieces, it needs to connect and communicate with to do this well. But if it can do what it’s set out to do, there is tremendous potential here in an area of real need.