May 2017

Meet the 2017 CNBC Disruptor 50 companies

  |   Portfolio News, The Latest

Tuesday, 16 May 2017 | 6:00 AM ET

 

In the fifth annual Disruptor 50 list, CNBC features private companies in a range of industries — from biotech and machine learning to transportation and retail — whose innovations are changing the world. These forward-thinking starts-ups have identified unexploited niches in the marketplace that have the potential to become billion-dollar businesses, and they rushed to fill them. A startling 31 are unicorns that have already reached or passed the billion-dollar mark. In the process, they are creating new ecosystems for their products and services. Unseating corporate giants is no easy feat. But we ranked those venture capital–backed companies doing the best job. In aggregate, these 50 companies have raised nearly $44 billion in venture capital at an implied Disruptor 50 list market valuation of about $239 billion, according to PitchBook data. Already it’s hard to think of the world without them. Read more about the consumer and business trends that stand out in the 2017 list ranking and the methodology used to select this year’s Disruptor companies.

1 Airbnb It’s a $31 billion trip
2 Lyft The car-ownership killer with a conscience
3 WeWork Reworking the office
4 Grab Uber-growth for an Asian ride-share rival
5 Uptake Technologies Capturing Warren Buffett’s billionaire energy
6 Houzz The homiest e-catalog
7 Ginkgo Bioworks Growing products in the lab
8 Palantir Technologies Tracking the world’s secrets
9 Cylance Making cyberthreats idle
10 Udacity Closing the skills gap
11 CrowdStrike Going into the breach
12 23andMe Bring your genome home
13 Progyny Rocking the cradle
14 SpaceX Humanity’s interstellar escape plan
15 SurveyMonkey Question everything
16 Ezetap India’s answer to Apple Pay
17 GreenSky A credit to the mobile race
18 Moderna Therapeutics Going viral
19 Uber The car controversy with a valuation bigger than Tesla, GM or Ford
20 SparkCognition Deciphering the data overload
21 IEX The traders Michael Lewis made famous in a flash
22 GitHub The biggest coding party in the world
23 Bloom Energy Helping companies like Apple get off the grid
24 Drawbridge An ad strategy Facebook and Google can’t ignore
25 Jaunt VR that both Disney and Paul McCartney have experience in
26 Coursera Go to a top school, without going
27 MongoDB The BIG idea in databases
28 Qualtrics Surveying the corporate landscape
29 Domo Complete cloud cover
30 Blippar You, augmented
31 Pinterest An image is worth $11 billion
32 Illumio A new segment in cybersecurity
33 Phononic Quietly cool
34 Veniam Constructing the global superhighway of data
35 Spotify Not even Apple Music has slowed it
36 Dropbox The file-sharing economy
37 Trulioo Tracks twice as many people as Facebook: 4 billion, exactly
38 Synack Who the IRS and DoD use against hackers
39 DocuSign Signed, sealed, electronically delivered
40 Payoneer Payments without borders
41 Skillz A sport to surpass the NFL, with less injury risk
42 Blue Apron What’s for dinner
43 Robinhood There is no brokerage fee low enough
44 Zocdoc Real patient-centered health care
45 SoFi $18 billion in loans and counting
46 Foursquare A success story turned inside out
47 Warby Parker Still seeing things in new ways
48 Persado A motivational speaker that’s not human
49 Stripe Visa is banking on this platform
50 Quid The ultimate trendspotter

Find article here: www.cnbc.com

Read More

Amid Comey Furor, Companies React to Trump’s Cybersecurity Order

  |   Allegis News, The Latest

 

 

 

Xconomy | By Bernadette Tansey | May 12, 2017

 

On a day dominated by news about President Trump’s firing of FBI director James Comey, and its impact on the ongoing investigation of Russian hacking of the 2016 presidential election, two significant developments for the cybersecurity industry also emerged Thursday.

First, President Trump signed an executive order laying out plans to shore up data security for federal agencies as well as for critical U.S. infrastructure, which can include private companies such as electric utilities. The order, which calls on executive branch agencies to assess and remedy their security vulnerabilities, could open up opportunities for cybersecurity companies.

Second, at a Senate Intelligence Committee hearing primarily focused on the Comey firing, senators and U.S. intelligence chiefs discussed whether American agencies should avoid doing business with Kaspersky Lab, a major U.S. seller of antivirus protection, because the company is based in Russia.

The public hearing surfaced a controversial question: Should customers looking for cybersecurity services first consider the national origin of security providers, and even the ex-U.S. ties of their founders and executive team members?

Xconomy sounded out Bay Area cybersecurity experts on these two fronts.

 

Executive order on cybersecurity

Veteran cybersecurity investor Bob Ackerman applauded President Trump’s executive order for calling on U.S. agencies and departments to take responsibility for their own security, and to cooperate to conform with common technology standards.

“It’s a good starting point as a baseline,” Ackerman says.

Steven Grossman, vice president of strategy at cybersecurity company Bay Dynamics, praised the executive order for building on an initiative launched by President Obama in 2014 and making some valuable additions. He pointed to a section calling for efforts to build up the nation’s workforce to address a shortage of experts trained in cybersecurity.

The executive order sets a 90-day deadline for the leaders of each executive branch agency to submit a risk management report detailing their security measures and any unmitigated risks. The document also calls for a study on the feasibility of operating all or some of the agencies under consolidated network architectures, with shared services such as e-mail, Web-based software, and cybersecurity.

“The executive branch has for too long accepted antiquated and difficult–to-defend IT,” the report states.

Grossman says cybersecurity companies stand to gain government contracts to help assess the current risks and then help fill in the security gaps.

“It’s a huge amount of opportunity,” Grossman says.

Oren Falkowitz, co-founder and CEO of cybersecurity company Area 1 Security, says simplifying the security infrastructure and creating common standards are good steps.

“Complexity in networks is one of the things attackers take advantage of,” Falkowitz says. He emphasizes the urgency of security improvements, not only for government agencies but also for companies and organizations.

“The trend in cybersecurity is not good,” Falkowitz says. “Intellectual property is being stolen, elections are being hacked, and financial damage is being done.”

Falkowitz says he expects the administration’s plan will be followed by further executive orders and perhaps Congressional action to add elements to the federal security framework.

Ackerman, founder and managing director at Allegis Capital, already has some ideas to suggest. He proposes that the government create an “IT department” that would serve all government agencies, so that each wouldn’t have to develop its own cybersecurity methods. He also advocates for a mechanism whereby cybersecurity experts in U.S. intelligence agencies could share some of their knowledge with U.S. industries. That government expertise could also be an element of a “cybersecurity infrastructure bank,” proposed by Ackerman. The bank would make loans of government funds to small water plants, utilities, and other key entities to help them quickly upgrade their defenses against attack.

The bank could focus on institutions that lack the expertise and capital available to better-funded and more sophisticated parts of the critical infrastructure, such as stock exchanges, Ackerman says.

“You’re only as strong as your weakest link,” he says.

The government also should make it easier for innovative security startups to compete for government work, which is currently a slow and “resource-intensive” process that few startups can afford, Ackerman says.

 

The question of “cyber-nationality”

The conclusion by U.S. intelligence agencies that Russia interfered with the 2016 presidential election— by means such as hacking into e-mail accounts of Democratic campaign officials and spreading fake news—has now forced the Russian cybersecurity company Kaspersky Lab into the public spotlight.

The company’s national origins became a focus Thursday for the Senate Intelligence Committee, which is investigating Russia’s role in the U.S. election and the possibility that the Trump campaign colluded with Russian operatives to gain an advantage over Trump’s Democratic opponent, Hillary Clinton.

Senators at the committee hearing voiced concerns that the Russian government might use Kaspersky’s software to infiltrate U.S. agency computers or damage broader American information networks. The intelligence chiefs said they were monitoring Kaspersky. When Sen. Marco Rubio (R-Florida) asked leaders of the agencies whether they would be comfortable using Kaspersky software, the heads of the FBI, CIA, NSA, and three other intelligence agencies all said no.

Ackerman says the underlying concerns are not limited to Kaspersky, or even to cybersecurity companies. “In this globalized economy, everyone is in favor of open trade,” he says. But the inspections and commerce system isn’t prepared to deal with the speed and diversity of goods moving among countries. Customers need to develop criteria to decide whom to trust, whether they’re buying food, microprocessors, or cybersecurity services, he says.

“You do have to look at the nation, or nations, of origin,” Ackerman says.

While Ackerman isn’t saying that Kaspersky has done anything wrong, he says it might be a pragmatic decision to choose another cybersecurity provider.

“There’s clear, irrefutable evidence that Russia is engaging in nefarious activities,” he says. There’s also good evidence that Russia collaborates with the “private cybersecurity firms” in Russia, he says.

“Anything from Russia immediately becomes suspect,” Ackerman says.

In addition to looking at the national origins of companies, people are also scrutinizing the backgrounds of cybersecurity company founders and other executives for links to other nations, Ackerman says. The concerns extend not only to U.S. national security, but also to fears that cybersecurity companies might share sensitive intellectual property with competitors in other countries, he says.

Area 1’s Falkowitz says company risk management departments are always looking into factors such as the supply chains of their vendors and other possible threats to security. But he’s uncomfortable with the idea of ruling out a business partner based on geography alone.

“I think we would take great offense to such assertions by other governments that our cybersecurity or tech companies were agents of our government,” Falkowitz says.

“To create fear around the national origins of companies is a mistake,” Falkowitz says. “There are many amazing companies here in the U.S. that were founded by people of foreign origin—Google, for example.’’

Instead, buyers should examine the merits of a company’s work, such as the standards it uses to ensure quality, Falkowitz says. Certainly, though, if company wrongdoing is uncovered, that should be brought forward, he says.

“I also don’t see anything wrong with buying American,” Falkowitz says. “There are other reasons why that might be the right thing to do—such as that the companies’ work is very good.”

Find Article Here: www.xconomy.com

 

Read More

Allegis Capital Appoints David DeWalt, Former FireEye CEO, As Venture Partner

  |   Allegis News, The Latest

Globe Newswire | May 12, 2017

 

SAN FRANCISCO, May 12, 2017 (GLOBE NEWSWIRE) — David G. DeWalt, the former CEO of publicly held cybersecurity company FireEye, is joining Allegis Capital as a venture partner.  Previously, DeWalt served as the CEO of cybersecurity market leader McAfee and held executive positions at EMC.

DeWalt, 52, becomes the sixth cyber security executive serving as a venture partner at Allegis, a 21-year-old early stage venture firm that focuses solely on investing in cybersecurity startups.

DeWalt is a member or leader of a number of boards of directors including ForgeRock, a San Francisco-based multinational identity and access management software company. He is also vice chairman of ForeScout Technologies, a San Jose cybersecurity firm focused on network-connected devices, and a board member of Five9, a leading San Ramon-based provider of cloud contact center software.  Additionally, DeWalt is a director of Delta Air Lines.

“Allegis Capital is differentiated by the breadth, depth and experience of our operational cyber bench – our Venture Partners. These executives bring tremendous domain expertise and broad networks to our investment team and our portfolio companies,” said Robert R. Ackerman Jr., the founder and managing director of Allegis Capital. “Dave has operated at the top of the cyber security market for many years and is a superlative addition to an already-impressive group of venture partners.  Cyber is a market where you can’t have too much expertise,” Ackerman added.

“Allegis Capital was the very first cyber-focused venture firm and has invested in a number of top-flight cybersecurity startups.  The firm’s reputation for rolling up its collective sleeves to support its portfolio companies is a great fit for my experience and interests,” DeWalt said. “This is an excellent opportunity for me to help the firm grow further and to broaden my participation in the fastest-growing space within information technology.”

The five other cyber venture partners at Allegis Capital are:

  • Nawaf Bitar, chief information officer, Citadel Securities
  • Tom Gillis, founder and CEO, Bracket Computing
  • Joe Levy, chief technology officer, Sophos
  • John Stewart, SVP and chief security and trust officer, Cisco Systems
  • Jeff Williams, former VP, worldwide sales and business development, FireEye

About Allegis Capital

Allegis Capital, founded in 1996 and based in San Francisco, is an early-stage venture firm that invests solely in cybersecurity. Current investments include Area 1, Bracket Computing, Cyber GRX, E8 Security, RedOwl, Signifyd, Synack, tCell.io and vArmour. Allegis is also a founding partner in Cyber Start-Up Studio, DataTribe, based in Columbia, Maryland.

Read More

Unstructured-data search giant Lucidworks makes its first acquisition

  |   Portfolio News, The Latest

lucidworks

In addition to helping organizations make their unstructured-data troves searchable, Lucidworks Inc. now wants to provide the tools for visualizing them.

 

The company set its plan in motion today by acquiring Twigkit Ltd, a British provider of dashboarding software that boasts clients such as General Electric Co., Toyota Motor Corp. and Thomson Reuters Corp. Its product lineup consists of seven integrated development modules that provide the ability to build a customized visual frontend for interacting with a dataset.

 

A car maker such as Toyota, for instance, could employ Twigkit’s toolkit to aggregate technical documents from its various systems in a central portal where they may be easily accessed by engineers. Analytics teams in turn can use the software for various business intelligence activities. The company said its modules provide the ability to create a wide variety of graphs ranging from standard bar charts to heat maps depicting complex geospatial information.

Moreover, Twigkit provides the ability to do so with considerably less effort than traditional data visualization products. Grant Ingersoll, the chief technology officer of Lucidworks, indicated in a blog post that the toolkit’s ease of use was one of the main motivations behind the acquisition. He highlighted how the software enabled his team to build a financial news application with Thomson Reports in four days when previous attempts took three weeks.

Another big advantage of the Twigkit software is that it can handle data managed by Lucidworks’ Fusion search platform, which should help the acquisition go smoothly from a technical standpoint. Igersoll wrote that his company will work to “more tightly integrate the two applications together” and add new features over the coming months. Twigkit Chief Executive Stefan Olafsson is joining Lucidworks as chief strategy officer to help with the effort, along with Chief Technology Officer Bjarki Holm, who will assume the title of vice president of solutions.

The financial terms of the deal were not disclosed.

Read More

Signifyd raises $56 million for e-commerce fraud protection

  |   Allegis News, Portfolio News, The Latest

 

 

 

 

 

 

 

TechCrunch | Katie Roof | May 4th 2017

 

E-commerce fraud is a growing problem, but Signifyd thinks it has a solution to save businesses money.

Their company is growing fast and has closed a $56 million Series C investment led by Bain Capital Ventures. Menlo Ventures and American Express also participated in the round.

Signifyd counts big clients like Jet.com, Peet’s Coffee and Lacoste, where it uses its pattern recognition technology to warn them upfront about potential fraudulent charges. Signifyd is so confident in its assessments that it offers the companies a guarantee, so they don’t have to pay for errors.

The product “protects the merchants so they don’t have to bear the liability,” said co-founder and CEO Rajesh Ramanand. The team has been developing a “machine learning platform that makes these decision in real-time.”

E-commerce brands spend a lot of money paying back credit card companies after processing transactions that are criminal. That’s why 5,000 businesses are now paying for Signifyd’s technology — because its early warning system eliminates these frustrating reimbursement costs, known as “chargebacks.” 

Indy Guha, partner at Bain Capital Ventures said he invested in the company because his research shows that “fraud is growing faster than overall e-commerce growth.” He feels that “Signifyd is a really easy piece of insurance to turn on.”

Investors have been throwing a lot of money at Signifyd. In addition to the latest sizable round, Signifyd raised two rounds last year, totaling $39 million.

Ramanand says they are going to use the money to double their engineering headcount and continue to improve their machine learning platform. They also want to expand internationally, particularly in Europe and Australia.

The company has about 130 employees and is based in San Jose, California.

Read More

This company wants to build commercial cyber startups in Maryland

  |   The Latest

Baltimore Business Journal | Apr 28, 2017 | Morgan Eichensehr

 

Maryland has plenty of cyber companies, but very few of them are commercial operations. Data Tribe, a Fulton company, is trying to fix that, building commercial cyber companies through a combination of incubation and venture capital expertise.

 

Mike Janke, former CEO of cybersecurity startup Silent Circle, and a team of other entrepreneurs with backgrounds in cyber and venture capital are seeking to capitalize on the technology and ideas coming out of local cyber labs. Instead of creating a typical venture firm or a normal incubator to help build up that cyber entrepreneurial ecosystem, the DataTribe team created a kind of hybrid operating company.


The cyber ecosystem here is heavily government-driven .The Maryland and Washington, D.C., region has over three times more cyber engineers than the rest of the country combined, Janke said. But of the about 800 cyber companies in the area, only eight are purely commercial companies, selling products and services directly to customers. The rest are largely focused on government and contracting, he said.

“You don’t have the same ecosystem here of people that have done multiple startups, exited and built other companies, like you do in Silicon Valley,” Janke said. “We wanted to see more of these companies on the commercial side of cyber.”

DataTribe selects and coaches cyber startups, as an incubator would, and also provides seed financing of up to $1.5 million, like a venture firm. It will also contribute additional funding for each company when it launches an official Series A investment round. The startups are hand-selected teams of cyber professionals recruited from the National Security Agency and other local research labs.

“A lot of things researchers are working on in these government contexts are three or four generations ahead of anything that is commercially available today,” Janke said. “We want to leverage those teams and help them develop technology to introduce to the commercial market.”

Currently, DataTribe houses three fully-staffed startups at its headquarters in Fulton, with two poised to raise Series A rounds within the next couple of months .As teams cycle through – they stay in incubation for about 10 months to a year -and go off on their own, new cyber startups are chosen to replace them, and the building process restarts. The first startup to successfully exit DataTribe’s program was Dragos, an cybersecurity firm founded by experts from the U.S.intelligence community .

DataTribe builds on the experience of its 11 staff members and executives, including Bob Ackerman , founder of Silicon Valley-based cyber venture firm Allegis Capital, and Steven Witt, former CEO of cyber startup Onyara, which sold for $40 million in 2015.

“We don’t want to be just a group of advisors or just the people writing a check,” Janke said. “It’s the whole package. We’re a very different beast .”

Morgan is a reporter for the Baltimore Business Journal. She covers technology, education and health care.

 

Read More

The State of Cybersecurity Insurance Today

  |   Allegis News, The Latest

 

 

 

Xconomy | By Robert R. Ackerman Jr. | May 1st, 2017

 

 

Robert R. AckermanCyber incidents are considered the No. 1 emerging risk for enterprises long-term. No surprise, then, that cybersecurity insurance policy premiums are approaching $2.75 billion a year. Some experts believe this figure will grow to roughly $20 billion by 2025.

For scores of insurance companies cashing in on the booming corporate cybersecurity insurance market, it’s a great opportunity. Deductibles are high, lots of things are excluded from coverage, and policies are rife with tight-fisted caps – the maximum amounts a victim of a cyber attack can receive.

This is great for insurers but bad for the multitudes of companies that purchase their insurance – estimated at one in three companies. And there are far more of the latter.

This begs the question of whether cybersecurity insurance – an easy sell amid the backdrop of seemingly endless reports of successful cyber breaches – is worth the money. The market thinks so. But the market isn’t always right, especially when the herd instinct kicks in.

Debate aside, it’s probably fair to say that the current cybersecurity insurance is generally better than no cybersecurity insurance, if for no other reason than most companies seem unable to ward off every potential breach lurking in a cascade of attacks. The problem isn’t entirely the fault of insurers themselves, which are hamstrung by a vexing combination of poor visibility into the cyber risk exposure of the ensured and tight-lipped victims of cyber breaches. When they are struck, they hesitate to spill the beans more than necessary because it isn’t good for business. This means underwriters must struggle with insufficient visibility and actuarial data in developing policies and pricing them properly.

More Transparency Needed

What is the answer? Companies must open up more and insurers must work harder to get the facts they need, not just from the company itself but from all vendors with access to its computer systems – huge contributors to security lapses. What is needed is the development of an evidence-based method to assess and monitor a company’s cyber risk profile. This is the foundation of security ratings, enabling insurers to compare companies empiric data against one another and industry averages.

The vendor piece of the problem may eventually be mitigated, in part, by startups like CyberGRX, a digital clearinghouse for cyber risk and an investment of Allegis Capital’s.

The Genius of Hartford Steam Boiler

The corporate piece of the problem could be solved by a repurposed version of old-school Hartford Steam Boiler (HSB), a division of German reinsurance giant Munich Re and the 151-year-old kingpin of an engineering approach to the equipment breakdown insurance market.

HSB’s 1,200 engineering and inspection services workforce serve millions of locations in North America, carefully checking not only that a company’s gear is properly insured at a fair price but also implementing procedures to minimize the filing of claims.

The Roots of Cyber Insurance

The origins of cyber coverage date back more than 20 years. Back then, it wasn’t uncommon for technology companies to buy errors and omissions (E&O) insurance, which covered claims arising from technological errors while offering services. This was eventually extended to include other things, such as a software product bringing down another company’s network, unauthorized access to a computer system, destruction of data, or a virus impacting customers.

Later, policies were expanded to cover breaches of confidential information, helping companies in the event that customer information was stolen via the Internet. This appealed to retailers and hospitals with considerable consumer data but not in need of E&O insurance. These companies needed a standalone insurance policy covering only data breaches, heralding the specific birth of the cybersecurity insurance policy.

Today’s missing cybersecurity actuarial tables are a huge problem and clearly inflate insurance premiums while narrowing coverage. The tables comprise statistical records, allowing underwriters to assess the probability that a policyholder might file a claim. These are then used to build computerized risk models.

Why Actuarial Tables Matter

Ultimately, actuarial tables enable insurers to meet a twofold goal: (1) Price cybersecurity policies to sell, and (2) make sure claims filed over time are much lower than premiums collected. Insurers today are accomplishing the second priority but not the first. Almost every sizable company should have cyber insurance, not a minority, much like every homeowner needs homeowner insurance.

What underwriters need to have – and do not today – is a good grasp of how companies are being attacked. In addition, how are the best-defended companies repelling attacks? The more underwriters know, the better they can structure policies and set policy premiums. Today, guesses about exposure are rampant.

As illustrated by the colossal attack via a refrigeration contractor on Target Corp. in 2014, one of the hardest places for companies to protect from cyberattacks are the holes often opened by companies closest to them. CyberGRX has designed a software platform and business processes to guide companies in assessing their security risks and those of their partners. Assessments are compiled from member company reports, but also from a host of outside signals, such as news reports and threat reports from security companies.

A Cyber Cure-All Is Not Imminent

A cybersecurity panacea is not in the cards. That would suggest that the insurance itself is almost an afterthought, and that is ridiculous. Cybersecurity insurance, unlike many other kinds of coverage, does not insure against a natural force. It insures instead against very crafty criminal behavior, which is always evolving, purposeful, and even more dangerous.

Then, too, there are some key uncovered items, such as reputational harm and the lost value of intellectual property. The hope is that policies will continue to evolve for the better. If they do, these shortfalls will be only minor irritants, as least in comparison to today.

Robert R. Ackerman, Jr. is the founder and managing director of Allegis Capital, a Palo Alto, CA-based early stage venture capital firm that specializes in cybersecurity.

Read More