Cyvatar’s cybersecurity venture is picking up customers across the globe with a clear value proposition: generate value under 90 days.
At the end of April, time-to-value clocked in at a staggering 34 days.
“The real value is remediation,” says co-founder Corey White. “The cybersecurity industry for years has been presenting problems without solutions.”
Cyvatar’s technology handles gap analysis, notifies users of network security breaches like ransom ware attacks, secures the system and maintains that security.
“This is revolutionary and game-changing. No one has done it,” White says.
Origins
Three years ago, an introductory meeting between White and Craig Goodwin at the Thirsty Bear Brewing Co. in San Francisco’s South of Market neighborhood laid the foundation for what turned out to be the industry-disruptive firm.
When White and Goodwin met, it was following days of full slate meetings, dinners and panel sessions. “Crafted, organic beers and cocktails sounded far more appetizing than another debriefing inside the halls of the Moscone Center during the RSA Conference,” White says with a laugh.
“I still have Craig’s text message invite to the Thirsty Bear saved on my smartphone. “Thirsty Bear Brewing Co. is now my favorite pub in the world.”
The duo had been talking to a slew of VCs at the time about building a platform based on their deep experience with security technology, recalls Goodwin, an industry veteran who’s held global executive roles for more than two decades.
“Craig literally had one side of what I needed in the business,” says White, who laid out the framework of creating a one-stop-shop platform to enable enterprises, and small and medium-sized businesses to build, implement and manage their cybersecurity strategy.
What Cyvatar has created “is revolutionary and game-changing. No one has done it before.” — Co-Founder Corey White
White counts 25 years in the security industry, including leading professional services divisions at Foundstone and its acquirer McAfee. He was employee No. 12 at Cylance Inc. and the first in its consultancy business, the primary source of revenue in the company’s early years before launching its initial cybersecurity software product, Cylance Protect.
Irvine-based Cylance was acquired by Blackberry Ltd. in February 2019 for $1.4 billion. White, who rose to Chief Customer Experience Officer, left the company four months after the deal closed to work on his next project. It wasn’t long before Goodwin left his role as Chief Trust and Risk Officer at Japanese conglomerate Fujitsu Ltd. to join him.
Ramping Up Development
Cyvatar emerged from stealth mode in September 2020 with a $3 million seed round from Bill Wood Ventures in Austin, Texas. The startup used the funding to speed up customer adoption of its subscription-based cybersecurity-as-a-service (CSaaS) offering and boost development of its outcomes driven Genesis Platform.
“We needed the money to build it up, bring in a team and really accelerate,” says White, who zeroed in on targeting small and medium companies. “They’ve got the same compliance regulations as any large company has, but they don’t have the expertise and resources.”
Though Cyvatar entered a crowded field of 4,000 global security product makers and service providers, the Irvine-based firm has steadily grown its customer base since late 2019, even securing its first million-dollar deal.
Early on, Cyvatar attracted several follow-on subscriptions from its client base.
“As we continue to grow the business, we’ve designed a journey for the next solution,” White explains. “It’s not like a traditional company where you have one product and one service to sell.”
Cyvatar’s Co-Founders believe the $130 billion cybersecurity industry is broken and a reckoning is underway.
Automating processes and attracting several subscriptions from the same company produces higher margins. Cyvatar technology, rooted in proprietary installation, configuration, assessment, remediation and maintenance, is billed to deliver smarter, measurable security solutions, such as security compliance and cyber-attack protection, faster and more efficiently than traditional standards.
Cyvatar has partnered with more 20 security software companies, including Obsidian, FireScope and AttackIQ, to offer customers a scope of services—such as vulnerability and IT asset management, threat monitoring, incident response, and compliance.
Establishing a partner network, outsourcing development and moving operations to the cloud has positioned Cyvatar to benefit from the vast workplace changes brought on and accelerated by the coronavirus pandemic.
“One of the things we always had in mind when we built a business was the ability to quickly, easily, and remotely install solutions and have people up and running and protected quickly,” Goodwin says.
Cyvatar publicly released the first version of its platform in December 2020 and launched several major releases over the first quarter.
As Goodwin explains, the company developed an operating system for cybersecurity, with transparency beyond glorified reports.
“You now get to see those issues being fixed, being managed and piece of mind as a customer that your security program is being actually managed and operated by Cyvatar,” Goodwin says.
In the coming months, Cyvatar will continue to iterate the software and build out functionality, ultimately building an AI CISO with the ability to draw predictive analytics and informative metrics from security data.
“With that visibility, we’re going to be able over time to really draw those predictive analytics and those metrics to really help a customer be proactive with their security program,” Goodwin says. “Unlike other vendors, which are purely reactive.”
White adds, “We will be leaner and meaner in this type of organization.”
A Contrarian View
White and Goodwin’s venture capital strategy and business model highlight several contrasts. Most traditional seed-funded competitors, Goodwin contends, allocate funding to building a brand-new product from scratch. Cyvatar , unlike the fold, already had customers before securing its seed round.
The company, which employs 10, didn’t have to build a big in-house development team either; instead it relied on outsourcing partners.
“We were much more focused on the user interaction and user experience of this platform because we want normal cybersecurity users to be able to manage their cybersecurity program,” Goodwin explains by phone from his home outside London. “We focused on the product management side.”
Outsourcing engineering and development to Pasadena-based Hello Iconic, which has its tech team in Honduras, allowed Cyvatar to focus on other areas of the business, like building for non-technical audiences, prioritizing user design, and moving to scale quickly.
“It has allowed us to speed up that product development and do it in a slightly different way,” Goodwin says.
Seismic Shifts
White and Goodwin believe the $130 billion cybersecurity industry is broken and a reckoning is underway.
“Buying individual products and buying individual services will die,” says White, who uses this analogy to make his point.
After all, he says, buying the best door lock on the market doesn’t mean a home is secured.
“It’s the same thing with security products,” he explains. “Just buying technology will not solve the problem.”
Businesses need a mix of technology, human capital and processes to build the best cyber protection strategy in an increasingly digital world. A vast shift, akin to the streaming content movement Netflix ushered in, is afoot.
“Ownership,” White concludes, “is moving towards membership”
Copyright © 2021 California Business Journal. All Rights Reserved.
This article was edited and published by Rick Weinberg, California Business Journal’s Founder, Publisher and Editor-in-Chief. Click here for Rick Weinberg’s biography.
For testimonials on the impact of California Business Journal articles, click here .
Corey White on LinkedIn
Craig Goodwin on LinkedIn
Related Posts