Thanks to advances in AI, small and medium businesses have become a significant target in the world of cybercrime, accounting for roughly half of all breaches worldwide by some estimates. Now, one of the companies building security tools for SMBs has raised a round of funding to expand its business, underscoring the demand in the market for better defenses.
Guardz, an Israeli startup that has built an all-in-one security and cyber insurance service for small and medium businesses, has raised another $18 million in a Series A round of funding.
The company emerged from stealth less than a year ago (at the end of January 2023), and since then it has had a bit of a pivot. It’s no longer selling directly to SMBs but is working with managed service providers that in turn sell and manage IT services for SMBs. MSPs, it found, were the primary route to getting their product to get used by SMBs (meaning direct business was not taking off). Now those MSPs are able to build their own offerings “powered” by Guardz.
“This is the journey. It’s a blended solution, powered by Guardz but with the logo of the MSP out in front,” said Dor Eisner, the CEO, in an interview.
The plan will be to use the funding to hire more engineering talent to continue evolving the Guardz product, which has been selling primarily to customers in the U.S., U.K. and Australia. It has around 200 MSPs on its books currently, which in turn are working with some 3,000 SMBs, which in turn represent some 36,000 seats overall using Guardz’s products. Security remains the main revenue driver, with cyber insurance an option add-on.
Glilot+, the early growth fund of Glilot Capital Partners, is leading the round, with ClearSky and previous backers Hanaco Ventures, iAngels and GKFF Ventures also participating.
The company is not disclosing its valuation, but Eisner — who co-founded the company with Alon Lavi — said that the figure has tripled since its last fundraise, a $10 million seed round that coincided with Guardz coming out of stealth mode.
To give some more context: The startup has now raised $28 million and alongside securing around 36,000 “seats” it is growing fast, within an interesting opportunity for more customers since there are around 150,000 MSPs globally serving the SMB market, Eisner said. That likely puts Guardz’s valuation comfortably above $100 million.
The gap in the market that Guardz is targeting is a big and urgent one. In the past, SMBs were overlooked by cybercriminals largely for the same reasons that they were mostly ignored by the most cutting-edge B2B technology developers: SMBs are too fragmented as a group, and they typically do not represent lucrative ROI compared to large enterprises.
However, developments in AI have made it very easy for malicious actors to develop, execute and scale campaigns exploiting vulnerabilities. That’s been an alarming development, because typically SMBs have lacked the in-house expertise, and the right tools, to defend against that.
Guardz’s aim has been to create a security platform for these customers that is just as robust as what larger organizations might use. The platform is provided as a managed service — meaning the customer does little to manage it directly — but within that managed service, there is a lot of AI-based automation built in: Guardz’s tools automatically detect malicious activity, provide remediation against it and write up activity reports that can be further triaged by the MSP. The MSP can also use Guardz to create security breach simulations — customized to the specific activity of the SMB in question — which can be used to help train the employees at their customers.
Part of the funding will be used to continue expanding the tools that its own team has at hand to match the increasing sophistication of bad actors.
“Every day we find a new method used by hackers,” Eisner said. A recent discovery, he said, involved a method to create automated forwarding rules for those using Microsoft 365, giving malicious actors a way to collect emails “in a silent way.”
“We found that people were talking about this attack on the dark web, so we decided to develop detection and remediation around it,” he said, adding that a technique like this would likely be used as part of a multivector attack, alongside phishing, for example.
SMBs have become a sharper target for tech companies building enterprise services not just because innovations in cloud services and AI have improved the unit economics. It’s also because they are a huge market segment, estimated at over 99% of all businesses globally. And that can mean big business in a variety of verticals. Payments and fintech business SumUp, which also targets SMBs, earlier this week announced more than $300 million in funding to expand its platform and grow its customer base. Guardz is also not the only one in the area of building cybersecurity for SMBs. Others in the long list of direct competitors include CyberSmart out of the U.K. as well as bigger players like CrowdStrike and Check Point.
“When we met the exceptional team at Guardz, which combines cybersecurity leaders with small business go-to-market experts, it became evident that they had built the ultimate solution for small business cybersecurity – a longstanding and rapidly growing market need we’ve been monitoring at Glilot for a while,” stated Lior Litwak, who is the managing partner heading up Glilot+, in a statement. “Guardz has developed an impressive, holistic, and user-friendly cybersecurity and cyber insurance risk-assessment platform that is cleverly tailored to MSPs, who serve the often-overlooked long-tail small business market. We are excited to lead this funding round and join the Guardz team on their journey to secure the digital world for those who today need it most.”