DENVER, CO (Forbes.com) – Cybersecurity is a major risk for any business, becoming a tax on business productivity. As a result, the cat and mouse game between white and black hat technologies is a booming business representing a $75.4 billion global market in 2015, growing at an estimated 7.8% CAGR through 2019, according to Gartner. It’s also a driving force for innovation and new companies attempting to solve the growing problem.
One such newer entrant is Red Canary, a Denver-based company that mixes machine learning and human intuition with its software and managed services hybrid offering. It’s an emerging category of cyber security called managed detection and response.
Founded in 2013, the company recently announced it’s A round financing with a placement of $6.1 million from investors from Access Venture Partners in Denver, Colorado and Noro-Moseley Partners in Atlanta, Georgia.
“We provide a service to businesses that monitors their computer systems for potential cybersecurity threats or attacks, and then very quickly identifies those threats and alerts our customers. They can then immediately respond and stop that attack before it becomes a breach you see in the news,” says Co-founder and CEO, Brian Beyer.
But with all of the high profile and many not-so-high profile breaches happening on a weekly, if not daily, basis, one might think cybersecurity is an oxymoron.
“Many days, it does feel like a losing game. The most important thing to do is to be able to think like your attacker and then understand how your attacker works. We’re very fortunate that the Red Canary team, myself to a limited amount, started in the defense and intel community with several people on our team working on both the offensive and defensive side of cybersecurity. We’ve been the Red team before, we’ve looked at these systems. So we know how an attacker thinks,” says Beyer.
The company focuses on the mid market—the 17,000 or so businesses in the U.S. with 500-10,000 employees. “Most security vendors only focus on the Fortune 500 companies that have the biggest security budgets. Those are the companies that most often have the most advanced security. In our opinion, that’s just not right. It’s not right that you should only be able to have great security and defend against these attacks if you’re the largest businesses. It’s something we think every single business should have access to and why we ultimately built Red Canary. So whether you are one of our Fortune 500 customers or whether you are a 40 person hospital in rural Idaho, both of those companies get the exact same level of service from Red Canary. And that is something we think is incredibly powerful and turns out to be a very large differentiator.”
The twenty-person company is growing fast, having only publicly launched the service a little over a year ago. The service is sold as a subscription that they bundle in both software and human intervention. Beyer’s back of the napkin calculations put the entire total adjustable market of this cybersecurity segment at about $4 billion, with the mid-enterprise market accounting for about $3 billion of that.
“We didn’t realize our approach was going to be something that began to disrupt the industry. When we built Red Canary, we started building the solution with five different pilot organizations and they tended to be those mid-enterprise customers. Some had 100 employees; some had 500. I think our largest around that time had about 1500 employees and we built the service around them. After about a year and half, we could see that we had created something pretty unique.”
The idea for developing a cyber security subscription service that combines the best of both the software and human analyst worlds stems from the co-founders backgrounds.
“The three of us co-founders come from two very different worlds that actually, turns out are quite similar. My CTO, Chris Rothe, and I worked on satellite based processing systems here in Colorado. You collect a massive amount of data from overhead satellites that you then pick through with technology to identify what is potentially interesting. From there, these potentially interesting events need to be looked at by an expert analyst. Our third co-founder, CSO, Keith McCammon, built the security programs for large defense contractors. He has very, very deep security experience. When you combine those two worlds you get Red Canary: a solution that analyzes a massive amount of data to surface potentially threatening cyber-attacks that are then reviewed by one of our expert analysts.”
Unfortunately, even mid-sized companies are targets for cybersecurity threats, yet most are unprepared according to Beyer. How many of these company leaders are aware of ransomeware, for example? “If I had asked that question 12 months ago I would have gotten blank stares. Right now, everybody knows either they’ve been hit with it, one of their peers has been hit with it or one of their relatives has been hit with it. My mom actually got hit with it at her business probably about a month ago. And that’s a 10-person timber, forestry, and management company up in Michigan. So it does not discriminate in who they target.”
Beyer’s journey to cybersecurity entrepreneur is anything but conventional. He grew up on the eastern shores of Wisconsin and then northern Michigan. “When you grow up in a town of about 3,000 people in Northern Michigan, turns out I had no idea that computer science was a thing. When I went to school I ended up going to Purdue because they had an exceptionally good industrial engineering program.”
Beyer grew up amidst the family business and understood risk-taking. “My grandfather graduated high school and ended up buying a semi-truck and hauling timber across Northern Michigan. He was so successful at that he ended up turning that into a trucking company and then realized it made a lot of sense to start a timber and forestry management company as well.”
From industrial engineering he switched to computer science after spending time with Disney as an intern where he wound up building some of the systems that were used for analysis and data-tracking. Then a recruiter from ManTech recruited him with an unusual pitch: “He said, ‘hey do you watch the show 24? You know how Jack Bauer will get the bad guy’s cell phone and he’ll jam it in to some device and that device breaks the phone’s encryption and figures out who he’s been talking to? If you want to build that technology come work for us’. It was a no-brainer. My response was pretty much, ‘Tell me when you want me to start.”
While at ManTech, he met McCammon who was solving those types of cybersecurity problems in support of the global war on terror. “That’s really how I got started in all of this and ended up taking a little bit of a sidetrack. I came out to Denver and worked on the satellite programs which was a very fascinating problem looking at vast amounts of data. Then it all came back together with Red Canary, bringing together the large amounts of data applied to cybersecurity with a rabid focus on making it more efficient, higher quality and delivered with a great customer experience.”