Mohan Koo, CEO and founder of cybersecurity company Dtex Systems, has spent 15 years battling the most insidious kind of cyber enemy a company can have—one of its own employees. And he has globe-spanning tales to tell.
In Australia, where Dtex was founded in 2000, Koo helped the government track officials suspected of leaking sensitive information. Banks in Asia then sought out Dtex because call center staffers were selling customers’ credit card information. Later in the United Kingdom, Dtex found that telecommunications company workers were helping their employers’ competitors lure away customers—for a commission.
Dtex is now moving its headquarters to San Jose, CA, and announced today that it has raised a $15 million Series A funding co-led by Norwest Venture Partners and Wing Ventures. The company will use the money to market its insider threat protection system in the United States. Dtex is building sales forces in Chicago and Boston as well as on the West Coast, Koo (pictured above) says.
Dtex has been profitable since 2013, when it began selling its software as a subscription, Koo says. The software is installed on every client company’s device used by an employee with access to data, and it scans for unusual patterns in the way a worker uses programs and files throughout the day. When that pattern changes suddenly, it can mean that an employee is getting ready to resign and take sensitive market information out the door.
“That is a big red flag,” Koo says.
As Dtex developed its system over the years, it ended up profiting from thorny challenges that arose in each new global market, Koo says. In Asia, Dtex had to pare down the amount of data it collected to avoid slowing down aging computer networks. Instead of capturing message content and keystrokes, Dtex now records an audit trail of the way individuals open programs and access data. The software now takes up less space in computer memories and hard drives, minimizing its impact on operations, Koo says.
In Europe, Dtex had to learn how to comply with stringent government safeguards for employee privacy, he says. Dtex now strips out the names of employees as it scans use patterns, and only delves more deeply into an individual’s work record when the scan reveals suspicious activity, Koo says.
Although privacy protections are less strict in the United States, Koo says that’s been changing since a famous insider, former National Security Agency contractor Edward Snowden, revealed that the U.S. government had been collecting records of Americans’ telephone calls on a mass scale.
At the same time, companies are more eager to guard against disloyal employees due to high-profile cases of alleged insider breaches, like the public exposure of Morgan Stanley’s data on thousands of wealthy investment clients, Koo says.
Dtex customers include NBCUniversal, T Mobile, Sanyo, and Vodaphone. After 10 years with an insider threat system in commercial use, Koo says catching miscreants is almost a daily occurrence at Dtex, even if the culprits are not all pulling off major data breaches.
“At one of the largest media companies in the world, an employee was selling company equipment on EBay,” Koo says. “At another company, we caught a handful of pedophiles using company equipment to transfer files of pedophilia.”