Security breaches are a disaster for corporate companies, but good news if you’re someone who offers preventative solutions. In 2018, wide-ranging attacks on the likes of Equifax, Sony Pictures and Target have only added value to those charged with safeguarding companies.
Balbix, one such solutions provider, has pulled in a $20 million Series B to grow its business and try to prevent high-profile cybersecurity disasters using a predictive model of measuring and assessing threats.
The round is led by Singtel Innov8, the corporate fund of Singapore telco Singtel, which owns Trustwave and is active in the security space, and Mubadala Ventures, the Abu Dhabi firm that’s well-known for backing SoftBank’s $100 billion Vision Fund. Existing Balbix investor Mayfield Fund also took part alongside angels, including ex-Cisco CEO John Chambers, former Cisco EVP Pankaj Patel and entrepreneurs BV Jagadeesh and Gary Gauba.
Balbix raised $8.6 million a year ago when it came out of stealth, although the company was first founded 2.5 years ago by CEO Gaurav Banga (photographed above), who was a founder of Bromium, a fellow security company that has raised more than $115 million from investors.
This time around with Balbix, Banga is turning predictive. The company’s platform uses a combination of smarts like artificial intelligence and machine learning to essentially map out all potential vulnerabilities within an organization. That could range from varying operating system version numbers to weak employee passwords, one employee’s poorly secured laptop and beyond. The Balbix system plugs into existing operational security products to offer reactive responses and to create a real-time view of an organization’s security health and any weaknesses.
“At enterprise scale, keeping everything up to snuff is very hard,” CEO Banga told TechCrunch in an interview. “Most organizations have little visibility into attack surfaces, the right decisions aren’t made and projects aren’t secured.”
“We started this company so that we could use cutting-edge machine learning algorithms to automatically and comprehensively measure the security and attack surface, and to produce relevant insights for all stakeholders,” he added. “You look at the numbers and you could easily have hundreds of millions or tens of billions of data points to watch for vulnerabilities — you have to make sure they are OK.”
The timing certainly seems opportune, with data breaches seemingly in the headlines on a regular basis. In particular, in the case of Equifax, the implications of the attack went to the C-level management and boardroom.
“2017 was special,” Banga said. “Ask any CIO, CEO or board member of a public company and that was the year that everyone woke up [and] figured their careers were at risk. It should have happened before but it took the Equifax breach… they realized this thing is real and it can have a career-altering impact on their work and personal life.”
“The CSO was always the fall guy before, but now it can go all the way up,” he added. “One of our challenges we face now is how do you answer a board member or CEO’s questions on security. For us, the answer is simple: if you can’t measure something then you can’t improve it, the right decisions are based on data so go ahead and find that data.”
Unlike other solutions, Balbix doesn’t charge security companies by the event — aka attacks — so it remains invested in preventing those kinds of scenarios from happening.
For this round, Banga said the company was focused on raising “smart money” that goes beyond simply providing capital to offer strategic value, too. The company does have international reach in terms of customers — which include both enterprise customers and global managed security service providers (MSSP) — and sales, but for now its only office is in San Jose.
Internationalization is certainly an area where Singtel Innov8 and Mubadala Ventures — located in Southeast Asia and the Middle East, respectively — can lend a hand, and the company itself is weighing up international offices.