It is no secret that cybersecurity has fallen into the spotlight in the last few years. Whether it was concerns over election security or reported hacks of large, trusted companies, there has been a consistent stream of news outlining the deficiencies of cybersecurity postures in organizations worldwide. What is not as well known, is that 50% of attacks target the over 30 million SMBs in the U.S.
These attacks do not generate the front page headlines that the hackings of Equifax or Capital One did, but they are occurring at a greater rate and are costly to their victims. 68% of small businesses have experienced a cyberattack in the last 12 months. The most likely reason for these attacks is the simple idea that they are more likely to be successful and attackers know small businesses often store quite a bit of information including on and for their larger customers.
Cybersecurity is complicated and expensive, and small businesses often don’t know where to start. They generally do not have the budget to employ experts in cybersecurity to protect themselves adequately, and it is common to see smaller companies outsourcing all, or most, IT responsibilities. Additionally, most cybersecurity firms and products in the market are targeting enterprises that allocate the budget for their tools and services. With no in house expertise, and limited outside help, SMBs are left vulnerable and malicious actors are capitalizing. This is where our latest investment recommendation, Defendify, comes in.
Defendify has built an automated platform tailored for the SMB. It is simple to deploy and cost effective, allowing SMBs to protect themselves without interrupting business operations or breaking the bank. This will only become more important as cybersecurity regulation governing businesses increases and key vendors begin performing . Cybersecurity is no longer an option for the SMB and Defendify is well positioned to take advantage of this new market opportunity.
The Defendify platform is composed of proprietary technology, open source software, and 3rd party products through integration. The platform focuses on three pillars existing within any SMB’s cybersecurity posture.
First, is the foundation of the customer’s cybersecurity practices. Here the Defendify platform can be used to perform health checkups assessing the customer’s cybersecurity posture resulting in a letter grade that is accompanied by recommendations for improvement. Technology and data use policies, incident response plans, and ethical hacking (i.e. penetration testing) are also included in this part of the platform. Everything is predicated on alignment with leading cybersecurity frameworks from organizations like NIST and CIS.
The second pillar Defendify focuses on is the cybersecurity culture of the customer. Employees and human factors are, and will always be, one of the most vulnerable pieces of any cybersecurity posture. Defendify addresses this by supplying alerts to employees and management on emerging attacks, stories and patches as well as phishing simulations, awareness videos and posters, and web-based classroom-style training. By training employees and keeping them informed to improve their cybersecurity hygiene, Defendify is helping minimize the what is often regarded as the top vulnerability companies possess.
The final pillar addressed by the Defendify platform is the customer’s technology. This part of the platform is made up of stolen password scanning, vulnerability scanning, and website scanning. The true value of the Defendify platform is the consolidation of all these vital security technologies and practices into one automated, and easy to deploy platform enabling SMBs with minimal IT budgets to bolster the security of their organizations and comply with increasing regulations and 3rd party reviews.
Recent market studies show the cybersecurity market growing at a 12% CAGR will reach $300 billion in size by 2024. Most of this will be spent on products and services serving the enterprise customer, but with the increase of regulations and 3rd party vendor reviews mentioned earlier, the SMB portion of the market will be growing at a faster rate and compromise a healthy market opportunity. Defendify will not be without competition in this market as large players such as Kaseya, Proofpoint, Symantec, KnowBe4, Tenable and Fortinet all have solutions that compete with portions of Defendify’s platform. The advantage Defendify has over these competitors is that their platform addresses the entire spectrum of cybersecurity concerns an SMB will have instead of being a point solution. And it does it in a simplified manner, taking into consideration the actual SMB audience and user. The platform has also been built with the MSSP (Managed Security Service Provider) in mind. SMBs without internal IT resources commonly outsource their cybersecurity to MSPs and MSSPs, so by having a platform that is built for their target customer in contrast to the other firms where enterprise accounts makeup a significant portion of their sales, Defendify is poised to become a popular choice for MSP, MSSP and SMB customers.
Defendify was founded in 2017 by Rob Simopoulos and Andrew Rinaldi, and was originally a cybersecurity consultancy named, Launch Security. Through their consulting engagements Rob and Andrew determined that if SMBs truly wanted to protect themselves they needed an automated platform that was simple to understand and use and at a price point they could afford. They also believed that this need was so widespread that if they were able to build such a platform there would be a large market opportunity. These beliefs resulted in the rebranding and launch of Defendify. Rob and Andrew exemplify the traits York IE looks for in founders. They are both repeat founders with experience in the industry they are trying to disrupt. Rob has also served as the President and sales executive at an security managed service provider firm bringing with him knowledge in management and GTM strategy. Their combined experience along with their knowledge of the market they are attacking leads York IE to believe they will be successful in their mission.