Securonix is a next-gen, cloud-based, SaaS solution for Security Information and Event Management (SIEM). Co-founded by CEO Sachin Nayyar, the company is enabling organizations to safely adopt cloud environments.
We discussed how a new type of security solution is needed as cloud adoption accelerates and what hyper growth has meant for him and his company.
This interview has been edited and condensed for clarity.
Karen Walker: What’s the origin story for Securonix? I know you founded it more than a decade ago.
Sachin Nayyar: Tanuj Gulati (our co-founder and current CTO) and I founded VAAU, an identity management company that was acquired by Sun Microsystems. After a role as Sun’s Chief Identity Strategist, I could clearly see the need for SIEM in the market. We are all worried about being hacked, and what most organizations have done is to direct the Chief Security Officer (CSO) or Security Operations Center (SOC) to protect them from hacks. The other business unit under the CSO is typically a risk division and they are generally focused on compliance and better systems hygiene.
Most attacks, when looked at from a high level, come when the attacker takes over your active directory – they are trying to compromise your credentials and elevate their rights. That’s a traditional identity and access management problem. But we tied it to compliance – not security. Because of our backgrounds in identity management, we looked at the problem differently than most. We looked beyond logs and analyzed patterns based on identity. It all comes together as the foundation for our platform – monitoring the context aware analytics of an organization.
We very quickly create a behavioral model for an organization, and now we can connect enterprises together using the power of the cloud to deploy new threat models within a matter of minutes across our entire network.
Walker: No surprise then that you’ve grow as quickly as you have, something on the order of 500% in three years, $100 million in ARR. Could you talk about how you’ve been able to scale and any leadership challenges?
Nayyar: We’re just getting started, the problem is bigger than ever. More than growing a company, it’s a responsibility to move the needle on this problem. We are cybersecurity professionals by trade.
We started on-prem because that’s where the customers were, then made the hard move about five years ago to move to the cloud. The data we’re seeing shows us that we can get to much better threat models and much better protection for customers when they have moved to the cloud.
Walker: What has it been like internally at Securonix?
Nayyar: It’s been exciting, but it has not been easy. We had to reinvent ourselves to think from a fixed on-prem perspective to an elastic cloud, where we now own the cost of the infrastructure. We’ve been doing it for a few years, and have added over a hundred people on our team to provide cloud service support, onboarding training, etc. with the mindset that the cloud solution is ready to use on day one, whereas on-prem solutions weren’t ready to use for maybe six months.
We’ve had to build several new business units, dev ops and a new operations team. What has been interesting is bringing these new delivery mechanisms close to our developers. We’ve moved our release cycle to every two weeks. The entire cloud mindset has been brought into the organization. It’s taken us a few years to get here, because we are dealing with security for a security company. We cannot have any holes there. Today, one-third of the Fortune 1000 companies use our technology in some form.
Walker: You recently announced a raise of $24 million and a strategic partnership with Capital One Ventures. It’s important to have the right partner when you take the money, because money always has strings attached. Good to have the strings aligned.
Nayyar: Cap One is the north star in migration to the cloud. They just closed their final data center. For their venture team to pick Securonix as a partner is huge, and we received one of their largest investments ever. Working with them is giving us a lot of insight into best practices in cloud security and opportunities to look at expanding our platform to IoT and fraud related use cases.
I was also excited when they agreed to be an observer on our board; it’s an excellent partnership.
Walker: You’ve also been recognized by Gartner as a Magic Quadrant company, and called out for your completeness of vision.
Nayyar: We were honored to be the most visionary company and number one in product critical capabilities.
Our vision is to be the number one monitoring analytics and response security organization. To have an offering for operational technology, IoT, and vertical industry fraud. Our platform is open architecturally. The customers own their data – we have to provide a storage mechanism which is open and that’s what we do.
Walker: You’ve led this company through a lot of growth, what has that been like for you personally?
Nayyar: It has been a journey of self-discovery. A friend of mine said it’s like going on a mountain, it’s tough but when you get to the summits, the milestones, you look back and it’s just an unbelievable feeling. We’ve had the opportunity to work with some of the best in the industry, like Chris Inglis, recently announced as the first National Cybersecurity Director. Also Mike McConnell, former Director of the NSA and former Director of National Intelligence, and many others.
Very few times in your life are you in the middle of something with such big global implications. Our team is able to make a dent in that. That’s what I am committed to and what I’m focused on each morning. Not to increase my share value because that will happen automatically, but to solve the problem for my customers.
Walker: Think about a 2×2 matrix, where we always want to be in the upper right hand quadrant – Gartner’s magic quadrant is a good example. If you think about your career, was there a moment when you knew that you were moving in that direction?
Nayyar: The day I started my company VAAU I knew I was moving up into the right, because I had taken charge of my life. All the energy and focus I have, I will be able to put in – 18 to 20 hours, or whatever I need to put in, per day. I can drive my own path without falling into any kind of template. And I really encourage that with my team. My goal is to create several CEOs out of this cycle. From my previous company, there have been at least three.