Picus Safety Receives $45M to Improve Publicity Administration
Attack Surface Management
,
Governance & Risk Management
,
Security Operations
Riverwood Capital Leads Funding in Safety Validation Agency to Develop in Americas
A security validation startup led by an ex-Turkish Treasury official raised $45 million to correlate insights and provide a unified risk management platform for clients.
See Also: 2024 State Of Identity Security in Financial Services
Picus Safety mentioned the Collection C funding from Riverwood Capital will permit the San Francisco-based firm to develop its capabilities in assault floor administration, automated penetration testing and breach simulation, in keeping with co-founder and CEO Alper Memis. From there, Memis mentioned, Picus needs to correlate insights throughout these instruments to provide organizations a unified view of their cyber danger.
“We’re the pioneers in breach and assault simulation, however within the final 18 months, we actually advanced our know-how extra like a platform with serving to organizations to handle publicity administration,” Memis mentioned. “The concept is to create a platform in order that organizations can perceive their cyber danger. And we acquired nice notion from the market, and that additionally interprets to the investor neighborhood.”
Correlating Merchandise to Higher Perceive Danger
Picus Safety, based in 2013, employs 233 individuals and has raised $80 million in 5 rounds of outdoor funding. The corporate has been led since inception by Memis, who beforehand spent 11 years within the Turkish Treasury analyzing the monetary markets and formulating debt administration and borrowing methods. Memis mentioned the funding will assist Picus put money into product innovation and international growth (see: New AI Bot Could Take Phishing, Malware to a Whole New Level).
Memis mentioned Riverwood Capital’s worthwhile cybersecurity experience and community of decision-makers will assist Picus sharpen its market methods and obtain sooner progress. The alignment in imaginative and prescient between Picus and Riverwood is a key issue of their partnership, and Memis mentioned Riverwood’s expertise shall be pivotal in serving to Picus scale.
“They may also help us by reaching a community of decision-makers in a more practical means,” Memis mentioned. “We’re a product-first firm. We like to construct merchandise. However how one can convey these merchandise to the market in a extra environment friendly method? Riverwood has this expertise.”
Picus will work on offering deeper integration with different cybersecurity merchandise to enhance information correlation and create a unified platform that offers organizations a clearer understanding of their cyber danger and the steps wanted to mitigate it, he mentioned. Correlating information from varied safety controls will assist corporations higher perceive their cyber danger, in keeping with Memis.
“We wish to correlate all of the insights from the completely different merchandise that we’ve and present a unified, holistic, end-to-end cyber danger understanding of the group that we name publicity prioritization,” Memis mentioned. “How I can correlate all of the insights and provides extra significant outcomes to the group? Did I’ve time to give attention to the issues that matter most to them? There’s numerous analysis that we already began engaged on.”
Unleashing Extra Assets in america
Picus needs to extend its footprint within the Americas from 25% of complete gross sales to 50% inside two or three years by investing in additional gross sales, advertising and marketing and buyer success personnel, Memis mentioned. The US is a key goal for Picus as a result of measurement and the maturity of the cybersecurity business. Fifty p.c of worldwide cybersecurity spending comes from the U.S., in keeping with Memis.
“Organizations are telling us, ‘I want to speculate into 5 – 6 completely different merchandise to grasp my cyber danger.’ It might be attainable from a budgeting angle. It might not be attainable from the staffing aspect of, ‘Who’s going to handle all these completely different merchandise?’ So, correlating completely different insights and giving them a unified view of the cyber danger – there’s nice curiosity in that within the Americas.”
Memis mentioned Picus primarily targets massive enterprises in sectors resembling banking, finance and insurance coverage, the place understanding cyber danger is especially difficult in complicated environments. The corporate has emphasised a “land and develop” technique, starting with one product and rising right into a platform-based resolution, in keeping with Memis.
The agency competes towards conventional breach and assault simulation and safety validation gamers resembling SafeBreach, AttackIQ, Horizon and Pentera, in addition to vulnerability administration gamers resembling Tenable, which now presents publicity administration. Memis mentioned Picus differentiates itself by providing a platform that mixes breach and assault simulation with automated pen testing and assault floor administration.
“Within the subsequent two to 3 years, we are going to see among the larger names like Tenable additionally coming into this a part of the cyber danger evaluation,” Memis mentioned.
Regardless of the funding, Memis mentioned, Picus goals to keep up effectivity by making certain that its income progress will not be overly reliant on burning by way of its funding. The corporate goals to maximise output with minimal useful resource expenditure and hopes – as an illustration – to get $30 million in returns with simply $10 million in money.
“Try to be a part of the answer,” Memis mentioned. “You’ll want to have them perceive how they will repair these gaps in a extra automated method. These are issues that we’re in search of as a way to create worth for the CISO neighborhood.”