[Updated, 5/6/15. See below] Cyber attacks are so bad for business, they have made at least one rising tech company apply its broader data-analysis software to security problems.
Recorded Future got started about five years ago—originally to develop technology for helping defense and financial analysts track global events and try to predict when and where problems like civil unrest may occur. The technology is pretty interesting, but it sounds like the startup is just hitting its stride, business-wise, thanks to increased demand for cybersecurity products.
That demand has led Recorded Future, based in Somerville, MA (with offices in Sweden and the DC area), to raise $12 million in Series D funding, led by Reed Elsevier Ventures. MassMutual Ventures also participated in the round, along with the company’s previous investors, Google Ventures, In-Q-Tel, Atlas (FKA), IA Ventures, and Balderton Capital. The new money brings Recorded Future’s total venture haul to about $30 million.
More important, the company doubled its annual revenue in 2014, and is on pace to “do better than that this year,” says founder and CEO Christopher Ahlberg (pictured). He adds that his team started focusing on cybersecurity a year and a half ago, and now that sector is “90 to 95 percent of what we do.”
The upturn is a direct result of business from big companies that are dealing with getting hacked. Ahlberg says four of the five largest companies in the world are using Recorded Future’s software. (According to Fortune, the top five companies by 2013 revenue were Walmart, Royal Dutch Shell, Sinopec Group, China National Petroleum, and Exxon Mobil. Ahlberg may be working off a different list, but he declined to name them.)
Recorded Future typically sells its Web-based software and services for a “six-figure subscription” fee, he says, though it also offers a free, entry-level version that includes a daily e-mail.
The startup’s software scours the public Web for data and conversations that could point to an impending attack. That means everything from news and blogs to company filings to underground forums—Ahlberg calls them “weird, dark places”—where people might discuss how to carry out a cyber attack or even sell “attack kits.” One place the company says it does not look is at private Facebook data. There was speculation earlier this week that Recorded Future scans Facebook Chat messages, but a company spokesman said that’s not true and explained how its software found the information in question.
Big companies can use information gathered on technical attack methods or ongoing threats to do things like block certain types of Web traffic from coming in, or keep a closer eye on supply-chain partners. “It complements the data they collect from their firewalls and internal systems,” Ahlberg says. For example, an online discussion might mention a financial institution that’s vulnerable to a cyber attack. “If that’s a bank you do business with, you’ll want to know about that,” he says.
Ahlberg knows analytics and business intelligence, but he was not an expert in security. He previously co-founded Spotfire, which was sold to Tibco in 2007. He’s had to get up to speed on cybersecurity quickly—as have a lot of people—but Recorded Future’s software seems to have found a niche.
And that’s not too surprising—a technique such as natural language processing, which Recorded Future uses heavily, gets more accurate when it’s applied to a more specialized topic or sector. And companies in related areas such as sentiment analysis, social-media monitoring, and cognitive computing have been advancing as well.
Recorded Future is pushing 50 employees and looking to hire another 10 in sales and other areas, Ahlberg says. He adds that the company is trying to grow overseas and integrate its products with other security offerings.
“Most security companies are focused on the bits and bytes of what’s going on inside the company,” he says. That leaves room for customers to look outward at the Web (to detect threats), in addition to using traditional security software from the likes of FireEye, Palo Alto Networks, and IBM.
Outside security experts think the company’s general approach is interesting and credible. “This is a valid, important, and different way to think about the problem,” says Lior Div, co-founder and CEO of security startup Cybereason. He adds that “if you can learn from the outside world” to predict attacks, “that will be huge.” [This paragraph was added for context—Eds.]
Yet there’s also room for skepticism. Recorded Future will have to prove that its software makes a tangible difference for big companies trying to stay out of the daily headlines on cyber attacks. If it does, its approach should be welcomed—and probably will be emulated—by others in the security community.
It’s already in good company. Ahlberg’s startup shares common investors with several cybersecurity companies including Bit9, Veracode, Threat Stack, and Duo Security—with more on the way as the sector continues to heat up.
“It’s turned into a fantastic place to be,” he says.
