Much like how getting in shape is sometimes as simple as shaping and positioning the fat, true cyber security is about re-positioning and looking good doing it.
Cal Leeming, the infamous sophomoric UK Internet “dabbler” since turned white hatter, has a lot to say about start-ups. He should, as his newest undertaking, ZeroGuard, is his third big venture into the technology sector. And while he has enjoyed various degrees of success, this newest pet project sits closer to his heart. “I’d had enough of the Silicon Valley culture, so this next start up was a choice between designing a video game or cyber security. My passion for proper security, and the lack of it out there, won out in the end.”
Cal sees the irony in him doing security but doesn’t ignore his past. “It’s what made me who I am. And while it’s not necessarily a badge of honour, it’s a badge nonetheless. Besides, it’s the first thing people see about me when they search Google, so I might as well embrace it.” It’s not that uncommon, either. A lot of top cyber talent eschews the corporate cubicle life for a chance to make their mark on the world. That extends into ZeroGurad team of engineers, who are proud that they’re known for both cutting edge and cutting heads. “We had one client who dealt with one of our Red Team engineers,” Cal recalls. “She said, ‘He’s a really nice guy and really knows his stuff, but he scares the shit out of me.’”
But don’t be fooled into thinking Cal has abandoned his rebellious ways. There are so many cyber security companies, too many some would say, Cal states. A lot of them follow the same basic model and offer the same approaches and solutions. We have the opportunity to disrupt the entire cyber security industry, turn it on its head and set a new modelling standard.
“EDR was always really disappointing. Lack of features, user interface problems, etc. It drove me insane.”
And it looks like things are working. Cal and his team have made an impressive start, landing over 2m USD in revenue within 18 months. Avoiding the VC trap, ZeroGuard has instead raised the revenue through an organic approach. As Call puts it, “After helping to build multiple startups in the valley, I’ve seen both sides of the fence. Raising capital can be both a blessing and a curse. This time we’re doing things differently.” Their approach is simple, they re-invest the earnings into R&D. By using self-generated capital, ZeroGuard can develop product on its own time without having to answer to some bottom-line-centric suit.
Of course this lone wolf approach comes with growing pains. Like any ambitious undertaking, there are bumps along the way. A balance has to be struck between maintaining operational costs and keeping your vision on the long-term focus. “You have to generate enough revenue to keep the lights on and to keep infusing income into R&D,” Cal deadpans, “but often that means taking on smaller projects, eating into the time available to put together the big projects.”
Additionally, putting out the product Cal envisions entails pulling top talent from a very shallow pool. “Every cent we make goes towards building our products and expanding our team. The difficulty is not finding cash, it’s finding people,” Cal explains.
Indeed, Cal and his team have made significant personal sacrifices to be where they are today. “Every second we spend on building this company is time we could be spending with our families. So we make sure every second counts.” With ZeroGuard, sweat equity is a rite of passage.
So with so many companies crowding the cyber security landscape, how does ZeroGuard plan to become a significant player in an industry that saw in excess of $5.3 billion in revenue in 2018, with an estimated annual growth rate of 19.7%, reaching $12.9 billion by 2023? Simple: a better product with better service.
“Leadership are fed up with the same old marketing BS. The cost of security has risen, but the number of breaches continues to soar.”
ZeroGuard’s approach from day one has been to focus on dramatically reducing cost and delivering higher value. To do that, the EDR/XDR products they are developing are built from the perspective of getting the basics right first and worrying about the bells and whistles later. This starts with things oft overlooked, like easy-to-use interfaces that don’t require IT experts to decipher, and tiered levels of security choices.
“The key first step is event and log collection from endpoints in a high-performance fashion,” Cal states. “On a business level, there is this sheer lack of care and love from the big vendors. We are looking at actually building something that will work for the long term and for general ease to ALL customers.”
Vision and execution at this level requires knowing that it’s a marathon, not a sprint. And at the finish line everyone wins. “I want every company in the world to have enterprise grade security out of the box, with a company they can trust and rely on,” says Cal, “So we are creating something truly exciting, something that will redefine the standard of what XDR should and can do!”