Security News
Kyle Alspach
The company says that its product stands out from other data loss prevention tools when it comes to its technology for data classification.
Cyberhaven, which offers a data security product that aims to better protect against the theft of customers’ most important data, announced Wednesday that it’s looking to dramatically expand the percentage of deals that are sourced through channel partners going forward.
While Cyberhaven already has a channel partner involved on 100 percent of its deals, only 30 percent are channel-sourced at this point, according to CEO Howard Ting.
But Ting, a veteran of disruptive tech companies including Palo Alto Networks and Nutanix, told CRN that “we’d love to see that get up to 60-70 percent over the next few years.”
[Related: 10 Cybersecurity Companies Making Moves: January 2023]
Ting recalled that he was among the first 100 employees at Palo Alto Networks, and he saw a similar progression there, in terms of how the company expanded its channel-sourcing of deals. Early on, Palo Alto Networks “was finding a lot of its own deals, bringing them to the channel, they were fulfilling it. And then over time, the sourcing number just kept going up and up. And a lot of the sourcing today comes through the channel,” he said. “It’s a similar kind of journey that we want to go on.”
Ultimately, “we think that scaling with the channel is a huge part of how we’re going to be successful in the future,” said Ting, who previously held a top marketing role at Palo Alto Networks and served as chief marketing officer at Nutanix.
“I really want the channel to see us as one of their go-to data security partners, and we’re going to make sure that they’re really well-compensated for that,” he said.
Cyberhaven is seeing strong revenue growth and now has about 100 customers, with a focus on companies that have significant intellectual property in segments including tech and software, pharmaceuticals and biosciences, manufacturing and professional services such as consulting firms and law firms, according to Ting. Customers include Motorola, Deloitte, Sysdig, Harvard University and the Jackson Laboratory.
Cyberhaven’s approach aims to stand out from other data security products and the market with its focus on classifying data differently than other tools, such as data loss prevention (DLP), insider risk management and cloud access security broker (CASB).
To secure data, it first has to be classified, so the appropriate policy for protecting it can be applied. The way that most other tools classify data is primarily based on scanning the content, Ting said.
They’re “basically looking for patterns in the content — ‘Here’s a 16-digit number that looks like a credit card number. Here’s a bunch of digits that look like a date of birth,’” he said. “However, if you ask any organization today, ‘What are your crown jewels?’ It’s not that stuff.”
While protecting against the theft of sensitive information is important, companies also need a better way to protect the theft of IP, which is “really what makes these companies tick,” Ting said.
And yet, “all of that data cannot be scanned to be classified,” he said. And as a result, data classification is “a huge problem today.”
Cyberhaven addresses the issue by analyzing metadata and tracking the journey of the data as it moves through an organization. The technology looks at elements such as, “Where did it originate from? Who else has access to this? How has it been shared and used?” Ting said. “We look at these billions of elements around the data — the metadata, if you will — and how the data is moving throughout your organizations to classify it. And that gives us a much broader set of classification capability than the incumbent products.”
A second major differentiator is that Cyberhaven can track the movement of the copies and derivatives of data, he said.
“You’ve got remote workers, supply chain partners, SaaS apps — data is just flowing everywhere. And it’s very easy to copy, replicate data, take derivatives,” Ting said. “And so that’s another problem. Because if you can’t keep track of all those derivatives and copies, then it would be impossible to secure it, because you’re not securing just the data source. You’ve got to secure all the permutations, all the copies of it, as users work with the data.”
In a sense, Cyberhaven can be thought of as a GPS for data, since it tracks the data copies and then is able to apply the appropriate policy wherever the data goes, he said.
Cyberhaven’s product analyzes all the signals it receives through tracking the data, in order to detect risk, Ting said. The product is then able to enforce policies and take corrective action, by blocking user activities when they violate corporate policy, he said.
The need for new solutions to data security is growing amid increased concern about insider threats — such as the threat of a laid-off employee taking key corporate data with them when they leave — as well as external threats such as China’s propensity to use its hacking program to steal corporate IP.
“No one’s happy to see layoffs. No one’s happy to hear about espionage. But at the end of the day, what it all leads to is a lot more data risk for every organization,” Ting said. “And that’s a huge tailwind for a business like ours.”
At SHI, No. 13 on CRN’s 2022 Solution Provider Provider 500, the issue of “how do I keep my data from leaving” is among the biggest questions that customers are asking today, said Doug Wilfred, corporate security practice lead at SHI.
In addition to threats from insiders and hackers, many businesses are now being prompted to deploy DLP to get a better rate on their cyber insurance, Wilfred said. And ransomware also persists as a serious threat to data, he said, given that attackers will typically try to copy data before deploying ransomware and encrypting the victim’s systems.
SHI has been working with Cyberhaven for the past two years, and this year is expecting a surge in customer demand for the company’s data security solution, which could translate to a revenue increase from the solution of 3X to 6X compared to last year, Wilfred said.
Cyberhaven’s data classification and tracking capabilities are seen by customers as major advantages of the product, he said. “There’s just a lot of people that don’t even know what data is out there and where it lives,” Wilfred said.
The solution is also easier to set up than many other DLP tools, which are often “not an easy solution to configure and set up and manage,” he said. Cyberhaven’s solution, by contrast, can “get up and running and be able to start looking at data very quickly.”
Palo Alto, Calif.-based Cyberhaven is backed by $52 million in funding and currently has roughly 90 employees.