CyberArk Debuts $30M Venture Fund to Back Talented Startups

CyberArk Ventures Will Give Visibility Into Adjacent Markets and Offer Integrations
CyberArk Debuts $30M Venture Fund to Back Talented Startups
Clarence Hinton, chief strategy officer and head of corporate development, CyberArk (Photo: CyberArk)

CyberArk has unveiled a $30 million global investment fund to support early-stage startups with unique approaches to solving large problems in the cybersecurity industry.

See Also: 5 Requirements for Modern DLP

The Newton, Massachusetts-based privileged access management vendor says CyberArk Ventures will offer the company broader visibility into adjacent markets and provide the company with high-value integrations that can evolve over time, says Clarence Hinton, CyberArk's chief strategy officer and head of corporate development. CyberArk Ventures will serve companies seeking seed and Series A funding.

"We're really looking for companies that are solving emerging problems in very differentiated ways with highly talented teams," Hinton tells Information Security Media Group. "This isn't about tactical investments for an immediate integration need. This really is about looking toward the future, understanding how the market is evolving, and really helping some of those companies along."

Eying Investments Outside Identity

CyberArk Ventures out the gate announced investments in cloud data detection and response vendor Dig Security, application security posture management vendor Enso Security, and identity-based microsegmentation vendor Zero Networks. Hinton expects CyberArk will be able to make a couple dozen investments and offer follow-up support over the next several years with the $30 million allotted.

The fund is not intended to invest in CyberArk's core strength around privileged access management or identity security since gaps in those areas can be addressed through partnerships with established vendors or other strategic moves, Hinton says. Instead, CyberArk is looking one or two steps out from identity, in hopes of supporting companies that are addressing emerging use cases, he says (see: Identity and the New Role of Privilege).

"We never want to get too comfortable because everything's changing so rapidly and constantly in terms of the underlying infrastructure and the nature of the threats," Hinton says. "This is a great way for us to gain visibility and make sure that we're prepared and aligning with the right companies."

Some of the companies CyberArk has backed thus far, such as Dig, are attempting to create a whole new product category, while others, such as Enso, seek to address a problem that hasn't been fully solved yet. Some companies CyberArk invests in may converge with identity over time while others may not. The CyberArk fund follows in the footsteps of initiatives from other vendors, such as CrowdStrike's Falcon Fund.

CyberArk joined with Venrock, YL Ventures, Team8 Capital and Merlin Ventures for its first investments, and at least one of the venture capital funds - and sometimes more - were invested alongside CyberArk in Dig, Enso and Zero Networks. The venture capital funds can help CyberArk scope and understand candidates for investment to ensure the company is qualifying and separating top-tier talent from the rest, Hinton says.

What Startups Can Expect From CyberArk

CyberArk will work primarily with venture capital firms at the start to ensure high-value opportunities are being evaluated and will then bring in personnel from the company's IT, product and engineering teams once it is nearing the end of the vetting process. The company can also leverage corporate development and business development resources to evaluate and validate prospects, Hinton says.

Hinton says CyberArk can assist the startups it is supporting with both market coverage and breadth as well as integrations in specific use cases where it makes sense. CyberArk has hundreds of talented engineers who can lend the startups a hand around product development as appropriate, and the company plans to spend time with the founders and the team to provide mentorship, Hinton says.

"We've seen a lot and can provide guidance and advice that others who are pure professional VCs may not be able to," Hinton says. "That's definitely been something that the startups have been very interested in and some have begun to take us up on that already."

From a metrics standpoint, Hinton says CyberArk is tracking frontline figures around pipeline and conversion rates, operational metrics around annual recurring revenue and growth for startups getting money, and back-end metrics around value creation and return on investment when it comes time to exit. Hinton wants to ensure CyberArk is casting a wide enough net without spreading itself too thin.

"We do expect that over time this activity and these specific investments will improve our ability to secure our customers," Hinton says. "We're going to have the CISO in mind and understand what they're dealing with and how we can address the current near-term and mid- to long-term problems that will arise."

About the Author

Michael Novinson

Michael Novinson

Managing Editor, Business, ISMG

Novinson is responsible for covering the vendor and technology landscape. Prior to joining ISMG, he spent four and a half years covering all the major cybersecurity vendors at CRN, with a focus on their programs and offerings for IT service providers. He was recognized for his breaking news coverage of the August 2019 coordinated ransomware attack against local governments in Texas as well as for his continued reporting around the SolarWinds hack in late 2020 and early 2021.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.