Small and medium-sized businesses have become an increasing target for malicious online hackers in recent years, currently representing between 43% and 61% of all security breaches and some $7 billion a year in related losses, according to various estimates. Today, a startup called Keep breaks away from stealth with a two-pronged offering aimed at protecting them: a SaaS set of low-code security tools for businesses using cloud services, designed to be implemented without specific security or advanced technical expertise; and insurance to help cover organizations in the event of disruption. The startup is initially launching in the United States, and alongside that, it announces $10 million in funding.
Funding comes on the heels of very early traction. In a closed beta, Guardz says it has already picked up 300 clients. The average number of employees in its current user cohort is 30-40 per company, and the plan is to target organizations with 10-250 people, with initial plans starting at $9/user/month.
The funding, meanwhile, comes in the form of a seed round, led by Hanaco Ventures, with participation from iAngels, GKFF Ventures and cybersecurity investor Cyverse Capital. Guardz is not disclosing an assessment at this stage.
Dor Eisner, the CEO who co-founded the company with and Alon Lavi (the CTO), have decades of security experience between them, starting with years of intelligence work in the Israel Defense Forces. Much of the work in cybersecurity tends to focus either on businesses – large organizations that have a lot to lose from security breaches – and on individual consumers, who have had a number of antiviruses and other security software designed to target their specific use cases.
Corporate security was really where Eisner and Lavi worked before founding Guardz. Eisner tells me he started thinking about the challenges for SMBs in particular through his work at Rapid7, where he was doing a lot of research into what was happening on the Dark Web.
“When we first started looking at the Dark Web, we first looked at what was being built and sold to attack businesses,” he recalls. But what they found, he said, was something else: a set of tools sold to hackers to “spray and pray” – launching large amounts of cyberattacks against a larger set of smaller targets, SMBs, which were generally not set up to protect themselves against this.
Eisner refers to this class of “software”, if you can call it that, as “Attack As A Service”. AaaS essentially “weapons” the SaaS model, in Eisner’s words. AaaS “products” are essentially sold online on the dark web to malicious hackers who want to target cloud-based organizations: they buy and use the services online, on-demand, like normal businesses might buy and use legitimate SaaS products.
“You don’t need to create complicated products to target SMEs. You just use the AaaS tools,” he said. Nowadays, SMBs are relatively easy and handy fruits for malicious hackers. “SMBs simply don’t have the budget or the expertise to understand what to protect. Over the past year, we have seen a sharp increase in these attacks and the use of AaaS. »
Examining and understanding what AaaS-based attacks aim to breach – primarily cloud-based perimeters and data – is the foundation of Guardz’s security tools. At the same time, it partners with insurance companies to provide cyber insurance to its customers. At this time, Guardz does not disclose who its insurance partners are and instead sells insurance as a white label service.
Coupling insurance with cybersecurity products is increasingly common these days. Others that build similar products together include ActZerowhich was launched in 2021 and also targets SMEs; Cowbellwhich raised $100 million last year and also targets SMEs; Stoik out of France ; At the bay, backed by Microsoft; and Coalitionwhich now has a whopping $5 billion valuation.
Their increase comes partly from the fact that, even with all the precautions in the world, the rate of malicious hacks and the fallibility of humans are such that an organization can still face a breach and lose valuable data or more as a result. malicious activity, not to mention lawsuits from partners or customers.
But it’s also an opportunity, because in many cases, organizations find that they don’t meet certain requirements to get competitive insurance rates, or in some situations, they’re not insured at all: sell cyber insurance policies with insurer-approved tools to secure those IT assets. becomes a logical way to package everything.
But Eisner emphasized to me that he views Guardz as a cybersecurity company – not an insurance technology – and therefore has no intention of creating its own insurance products, but will continue to work with third parties to provide them to their customers. bundles.
“With the rise of attacks as a service, the continued shortage of cyber talent, and the increasingly lucrative nature of targeting small businesses, the market is well-prepared for a holistic cyber solution that addresses the unique challenges and to the imminent threats facing these companies,” said Alon Lifshitz, founding partner of Hanaco Ventures, in a statement. high cyber vulnerability for small businesses around the world.”
“The rise and democratization of ransomware and phishing attacks hurts SMBs the most because they are currently the least protected, making them a huge and entirely underserved market,” added Shelly Hod Moyal, founding partner of iAngels. . “With their direct experience building and marketing successful cyber products, Dor Eisner and Alon Lavi are uniquely positioned to lead Guardz’s one-stop-shop for small businesses. We are delighted to partner with the Guardz team as they strive to give SMBs the tools to protect themselves.