Security

Auto Added by WPeMatico

Google unveils its proposed ‘safety section’ for apps on Google Play

In the wake of Apple’s advances into consumer privacy with initiatives like App Tracking Transparency and App Store privacy labels, Google recently announced its own plans to introduce a new “safety section” on Google Play that offers more information about the data apps collect and share, and other security and privacy details. Today, the company is sharing for the first time what the new section’s user interface will look like, along with other requirements for developers.

In May, Google explained the safety section would be designed to easily communicate to users how apps are handling their data so they could make informed choices. It said app developers would need to disclose to users whether their app uses security practices like data encryption, whether it follows Google Play’s Families policy for apps aimed at kids, whether users have a choice in data sharing, whether the app’s safety section had been verified by a third party, and if the app allowed users to request data deletion at the time of uninstalling, among other things.

In the user interface concept Google debuted today, developers are now able to see how this feature will look to the end user.

Image Credits: Google

In the safety section, users will be able to see the developer’s explanation of what data the app collects followed by those other details, each with its own icon to serve as a visual indicator.

When users tap into the summary, they’ll be able to then see other details like what data is collected or shared — such as location, contacts, personal information (e.g., name, email address), financial information and more.

They’ll also be able to see how the data is used — for app functionality, personalization, etc. — and whether data collection is optional. 

Image Credits: Google

Google says it wants to give developers plenty of time to prepare for these Play Store changes, which is why it’s now sharing more information about the data type definitions, user journey and policy requirements of the new feature. 

It notes that all developers will have to provide a privacy policy by April 2022. Before, only apps that collected personal and sensitive user data were required to do so. Developers will also be required to share accurate and complete information about all the data in their safety section, including how it’s used by the app’s third-party libraries and SDKs. This is in line with what Apple demands for its apps.

Image Credits: Google

In October 2021, developers will be able to submit their information in the Google Play Console for review ahead of the planned launch of the safety section in Google Play, which is scheduled for the first quarter of 2022.

The company also notes it’s offering some buffer time after the section’s launch before apps must have their safety section approved by Google. However, the company says apps will have to be approved by Q2 2022 or risk having their app submissions or app updates rejected. And if an app doesn’t provide an approved safety section, the app will say “No information available.”

The change will help highlight how many active developers are present on Google Play, because those will be the ones who will adopt the new policy and showcase how their apps collect and use data.

The question that remains is how stringent Google will be about enforcing its new guidelines and how carefully apps will be reviewed. One interesting note here is that conscientious developers will be able to submit their safety section for a third-party review and then be able to promote that to users concerned about app data privacy and security.

This could help to address some potential criticism that these safety sections aren’t factual. That’s been a problem for Apple since the launch of its App Store privacy labels. The Washington Post discovered that a number of apps were displaying false information, making them less helpful to the users whose data they aimed to protect.

When reached for comment, however, Google declined to share more details about how the third-party verification process will work.

Powered by WPeMatico

ActiveFence comes out of the shadows with $100M in funding and tech that detects online harm, now valued at $500M+

Online abuse, disinformation, fraud and other malicious content is growing and getting more complex to track. Today, a startup called ActiveFence is coming out of the shadows to announce significant funding on the back of a surge of large organizations using its services. ActiveFence has quietly built a tech platform to suss out threats as they are being formed and planned to make it easier for trust and safety teams to combat them on platforms.

The startup, co-headquartered in New York and Tel Aviv, has raised $100 million, funding that it will use to continue developing its tools and to continue expanding its customer base. To date, ActiveFence says that its customers include companies in social media, audio and video streaming, file sharing, gaming, marketplaces and other technologies — it has yet to disclose any specific names but says that its tools collectively cover “billions” of users. Governments and brands are two other categories that it is targeting as it continues to expand. It has been around since 2018 and is growing at around 100% annually.

The $100 million being announced today actually covers two rounds: Its most recent Series B led by CRV and Highland Europe, as well as a Series A it never announced led by Grove Ventures and Norwest Venture Partners. Vintage Investment Partners, Resolute Ventures and other unnamed backers also participated. It’s not disclosing valuation but I understand it’s over $500 million.

“We are very honored to be ActiveFence partners from the very earliest days of the company, and to be part of this important journey to make the internet a safer place and see their unprecedented success with the world’s leading internet platforms,” said Lotan Levkowitz, general partner at Grove Ventures, in a statement.

The increased presence of social media and online chatter on other platforms has put a strong spotlight on how those forums are used by bad actors to spread malicious content. ActiveFence’s particular approach is a set of algorithms that tap into innovations in AI (natural language processing) and to map relationships between conversations. It crawls all of the obvious, and less obvious and harder-to-reach parts of the internet to pick up on chatter that is typically where a lot of the malicious content and campaigns are born — some 3 million sources in all — before they become higher-profile issues. It’s built both on the concept of big data analytics as well as understanding that the long tail of content online has a value if it can be tapped effectively.

“We take a fundamentally different approach to trust, safety and content moderation,” Noam Schwartz, the co-founder and CEO, said in an interview. “We are proactively searching the darkest corners of the web and looking for bad actors in order to understand the sources of malicious content. Our customers then know what’s coming. They don’t need to wait for the damage, or for internal research teams to identify the next scam or disinformation campaign. We work with some of the most important companies in the world, but even tiny, super niche platforms have risks.”

The insights that ActiveFence gathers are then packaged up in an API that its customers can then feed into whatever other systems they use to track or mitigate traffic on their own platforms.

ActiveFence is not the only company building technology to help platform operators, governments and brands have a better picture of what is going on in the wider online world. Factmata has built algorithms to better understand and track sentiments online; Primer (which also recently raised a big round) also uses NLP to help its customers track online information, with its customers including government organizations that used its technology to track misinformation during election campaigns; Bolster (formerly called RedMarlin) is another.

Some of the bigger platforms have also gotten more proactive in bringing tracking technology and talent in-house: Facebook acquired Bloomsbury AI several years ago for this purpose; Twitter has acquired Fabula (and is working on a bigger efforts like Birdwatch to build better tools), and earlier this year Discord picked up Sentropy, another online abuse tracker. In some cases, companies that more regularly compete against each other for eyeballs and dollars are even teaming up to collaborate on efforts.

Indeed, it may well be that ultimately there will exist multiple efforts and multiple companies doing good work in this area, not unlike other corners of the world of security, which might need more than one hammer thrown at problems to crack them. In this particular case, the growth of the startup to date, and its effectiveness in identifying early warning signs, is one reason investors have been interested in ActiveFence.

“We are pleased to support ActiveFence in this important mission,” commented Izhar Armony, a general partner at CRV, in a statement. “We believe they are ready for the next phase of growth and that they can maintain leadership in the dynamic and fast-growing trust and safety market.”

“ActiveFence has emerged as a clear leader in the developing online trust and safety category. This round will help the company to accelerate the growth momentum we witnessed in the past few years,” said Dror Nahumi, general partner at Norwest Venture Partners, in a statement.

Powered by WPeMatico

Cyber risk startup Safe Security lands $33M from UK telco BT

Safe Security, a Silicon Valley cyber risk management startup, has secured a $33 million investment from U.K. telco BT. 

Founded in 2012, Safe Security — formerly known as Lucideus — helps organizations measure and mitigate enterprise-wide cyber risk using its security assessment framework for enterprises (SAFE) platform. The service, which is used by a number of companies, including Facebook, Softbank and Xiaomi, helps businesses understand their likelihood of suffering a major cyberattack, calculates a financial cost to customers’ risks and provides actionable insight on the steps that can be taken to address them.

This funding round saw participation from Safe Security’s existing investors, including former Cisco chairman and chief executive John Chambers, and brings the total amount raised by Safe Security to $49.2 million.

BT said the investment, which is its first major third-party investment in cybersecurity since 2006, reflected its plans to grow rapidly in the sector. Philip Jansen, BT CEO said: “Cybersecurity is now at the top of the agenda for businesses and governments, who need to be able to trust that they’re protected against increasing levels of attack. 

“Already one of the world’s leading providers in a highly fragmented security market, this investment is a clear sign of BT’s ambition to grow further.”

The startup’s co-founder and chief executive Saket Modi said he was “delighted” to be working with BT.

“By aligning BT’s global reach and capabilities with SAFE’s ability to provide real-time visibility on cyber risk posture, we are going to fundamentally change how security is measured and managed across the globe,” he said.

As part of the investment, which will see Safe Security double its engineering team by the end of the year, BT will combine the SAFE platform with its managed security services, and gain exclusive rights to use and sell SAFE to businesses and public sector bodies in the U.K. BT will also work collaboratively with Safe Security to develop future products, according to an announcement from the company.

Safe Security’s competitors include UpGuard, Exabeam and VisibleRisk.

Powered by WPeMatico

Breach simulation startup AttackIQ raises $44M to fuel expansion

AttackIQ, a cybersecurity startup that provides organizations with breach and attack simulation solutions, has raised $44 million in Series C funding as it looks to ramp up its international expansion.

The funding round was led by Atlantic Bridge, Saudi Aramco Energy Ventures (SAEV) and Gaingels, with existing vendors — including Index Ventures, Khosla Ventures, Salesforce Ventures and Telstra Ventures — also participating. The round brings the company’s total funding raised to date to $79 million. 

AttackIQ was founded in 2013 and is based out of San Diego, California. It provides an automated validation platform that runs scenarios to detect any gaps in a company’s defenses, enabling organizations to test and measure the effectiveness of their security posture and receive guidance on how to fix what’s broken. Broadly, AttackIQ’s platform helps an organization’s security teams anticipate, prepare and hunt for threats that may impact their business, before hackers get there first.

Its Security Optimization Platform platform, which supports Windows, Linux and macOS across public, private and on-premises cloud environments, is based on the MITRE ATT&CK framework, a curated knowledge base of known adversary threats, tactics and techniques. This is used by a number of cybersecurity companies also building continuous validation services, including FireEye, Palo Alto Networks and Cymulate.

AttackIQ says this latest round of funding, which comes more than two years after its last, arrives at a “dynamic time” for the company. Not only has cybersecurity become more of a priority for organizations as a result of a major uptick in both ransomware and supply-chain attacks, the company also recently accelerated its international expansion efforts through a partnership with technology distributor Westcon.

The startup says it’s planning to use these new funds to further expand internationally through its newfound partnership with Atlantic Bridge, which will also see Kevin Dillon, the company’s co-founder and managing director, join the AttackIQ board of directors. 

“AttackIQ has established itself as a category leader with a formidable enterprise customer base that includes four of the Fortune 20,” said Dillon. “We believe deeply in the company’s vision and potential to become the next billion-dollar cybersecurity software company and look forward to helping the company turn early traction in Europe and the Middle East into robust, long-term expansion.”

Brett Galloway, CEO of AttackIQ, said the round “reaffirms the strength” of its platform.

As well as enabling organizations to review the robustness of their security defenses, the startup also runs the AttackIQ Academy, which provides free entry-level and advanced cybersecurity training. It has accumulated 17,200 registered students to date across 176 countries.

Powered by WPeMatico

Quantexa raises $153M to build out AI-based big data tools to track risk and run investigations

As financial crime has become significantly more sophisticated, so too have the tools that are used to combat it. Now, Quantexa — one of the more interesting startups that has been building AI-based solutions to help detect and stop money laundering, fraud and other illicit activity — has raised a growth round of $153 million, both to continue expanding that business in financial services and to bring its tools into a wider context, so to speak: linking up the dots around all customer and other data.

“We’ve diversified outside of financial services and working with government, healthcare, telcos and insurance,” Vishal Marria, its founder and CEO, said in an interview. “That has been substantial. Given the whole journey that the market’s gone through in contextual decision intelligence as part of bigger digital transformation, was inevitable.”

The Series D values the London-based startup between $800 million and $900 million on the heels of Quantexa growing its subscriptions revenues 108% in the last year.

Warburg Pincus led the round, with existing backers Dawn Capital, AlbionVC, Evolution Equity Partners (a specialist cybersecurity VC), HSBC, ABN AMRO Ventures and British Patient Capital also participating. The valuation is a significant hike up for Quantexa, which was valued between $200 million and $300 million in its Series C last July. It has now raised over $240 million to date.

Quantexa got its start out of a gap in the market that Marria identified when he was working as a director at Ernst & Young tasked with helping its clients with money laundering and other fraudulent activity. As he saw it, there were no truly useful systems in the market that efficiently tapped the world of data available to companies — matching up and parsing both their internal information as well as external, publicly available data — to get more meaningful insights into potential fraud, money laundering and other illegal activities quickly and accurately.

Quantexa’s machine learning system approaches that challenge as a classic big data problem — too much data for a human to parse on their own, but small work for AI algorithms processing huge amounts of that data for specific ends.

Its so-called “Contextual Decision Intelligence” models (the name Quantexa is meant to evoke “quantum” and “context”) were built initially specifically to address this for financial services, with AI tools for assessing risk and compliance and identifying financial criminal activity, leveraging relationships that Quantexa has with partners like Accenture, Deloitte, Microsoft and Google to help fill in more data gaps.

The company says its software — and this, not the data, is what is sold to companies to use over their own data sets — has handled up to 60 billion records in a single engagement. It then presents insights in the form of easily digestible graphs and other formats so that users can better understand the relationships between different entities and so on.

Today, financial services companies still make up about 60% of the company’s business, Marria said, with seven of the top 10 U.K. and Australian banks and six of the top 14 financial institutions in North America among its customers. (The list includes its strategic backer HSBC, as well as Standard Chartered Bank and Danske Bank.)

But alongside those — spurred by a huge shift in the market to rely significantly more on wider data sets, to businesses updating their systems in recent years, and the fact that, in the last year, online activity has in many cases become the “only” activity — Quantexa has expanded more significantly into other sectors.

“The Financial crisis [of 2007] was a tipping point in terms of how financial services companies became more proactive, and I’d say that the pandemic has been a turning point around other sectors like healthcare in how to become more proactive,” Marria said. “To do that you need more data and insights.”

So in the last year in particular, Quantexa has expanded to include other verticals facing financial crime, such as healthcare, insurance, government (for example in tax compliance) and telecoms/communications, but in addition to that, it has continued to diversify what it does to cover more use cases, such as building more complete customer profiles that can be used for KYC (know your customer) compliance or to serve them with more tailored products. Working with government, it’s also seeing its software getting applied to other areas of illicit activity, such as tracking and identifying human trafficking.

In all, Quantexa has “thousands” of customers in 70 markets. Quantexa cites figures from IDC that estimate the market for such services — both financial crime and more general KYC services — is worth about $114 billion annually, so there is still a lot more to play for.

“Quantexa’s proprietary technology enables clients to create single views of individuals and entities, visualized through graph network analytics and scaled with the most advanced AI technology,” said Adarsh Sarma, MD and co-head of Europe at Warburg Pincus, in a statement. “This capability has already revolutionized the way KYC, AML and fraud processes are run by some of the world’s largest financial institutions and governments, addressing a significant gap in an increasingly important part of the industry. The company’s impressive growth to date is a reflection of its invaluable value proposition in a massive total available market, as well as its continued expansion across new sectors and geographies.”

Interestingly, Marria admitted to me that the company has been approached by big tech companies and others that work with them as an acquisition target — no real surprises there — but longer term, he would like Quantexa to consider how it continues to grow on its own, with an independent future very much in his distant sights.

“Sure, an acquisition to the likes of a big tech company absolutely could happen, but I am gearing this up for an IPO,” he said.

Powered by WPeMatico

Cloud security platform Netskope boosts valuation to $7.5B following $300M raise

Netskope, focused on Secure Access Service Edge architecture, announced Friday a $300 million investment round on a post-money valuation of $7.5 billion.

The oversubscribed insider investment was led by ICONIQ Growth, which was joined by other existing investors, including Lightspeed Venture Partners, Accel, Sequoia Capital Global Equities, Base Partners, Sapphire Ventures and Geodesic Capital.

Netskope co-founder and CEO Sanjay Beri told TechCrunch that since its founding in 2012, the company’s mission has been to guide companies through their digital transformation by finding what is most valuable to them — sensitive data — and protecting it.

“What we had before in the market didn’t work for that world,” he said. “The theory is that digital transformation is inevitable, so our vision is to transform that market so people could do that, and that is what we are building nearly a decade later.”

With this new round, Netskope continues to rack up large rounds: it raised $340 million last February, which gave it a valuation of nearly $3 billion. Prior to that, it was a $168.7 million round at the end of 2018.

Similar to other rounds, the company was not actively seeking new capital, but that it was “an inside round with people who know everything about us,” Beri said.

“The reality is we could have raised $1 billion, but we don’t need more capital,” he added. “However, having a continued strong balance sheet isn’t a bad thing. We are fortunate to be in that situation, and our destination is to be the most impactful cybersecurity company in the world.

Beri said the company just completed a “three-year journey building the largest cloud network that is 15 milliseconds from anyone in the world,” and intends to invest the new funds into continued R&D, expanding its platform and Netskope’s go-to-market strategy to meet demand for a market it estimated would be valued at $30 billion by 2024, he said.

Even pre-pandemic the company had strong hypergrowth over the past year, surpassing the market average annual growth of 50%, he added.

Today’s investment brings the total raised by Santa Clara-based Netskope to just over $1 billion, according to Crunchbase data.

With the company racking up that kind of capital, the next natural step would be to become a public company. Beri admits that Netskope could be public now, though it doesn’t have to do it for the traditional reasons of raising capital or marketing.

“Going public is one day on our path, but you probably won’t see us raise another private round,” Beri said.

 

Powered by WPeMatico

Opaque raises $9.5M seed to secure sensitive data in the cloud

Opaque, a new startup born out of Berkeley’s RISELab, announced a $9.5 million seed round today to build a solution to access and work with sensitive data in the cloud in a secure way, even with multiple organizations involved. Intel Capital led today’s investment with participation by Race Capital, The House Fund and FactoryHQ.

The company helps customers work with secure data in the cloud while making sure the data they are working on is not being exposed to cloud providers, other research participants or anyone else, says company president Raluca Ada Popa.

“What we do is we use this very exciting hardware mechanism called Enclave, which [operates] deep down in the processor — it’s a physical black box — and only gets decrypted there. […] So even if somebody has administrative privileges in the cloud, they can only see encrypted data,” she explained.

Company co-founder Ion Stoica, who was a co-founder at Databricks, says the startup’s solution helps resolve two conflicting trends. On one hand, businesses increasingly want to make use of data, but at the same time are seeing a growing trend toward privacy. Opaque is designed to resolve this by giving customers access to their data in a safe and fully encrypted way.

The company describes the solution as “a novel combination of two key technologies layered on top of state-of-the-art cloud security—secure hardware enclaves and cryptographic fortification.” This enables customers to work with data — for example to build machine learning models — without exposing the data to others, yet while generating meaningful results.

Popa says this could be helpful for hospitals working together on cancer research, who want to find better treatment options without exposing a given hospital’s patient data to other hospitals, or banks looking for money laundering without exposing customer data to other banks, as a couple of examples.

Investors were likely attracted to the pedigree of Popa, a computer security and applied crypto professor at UC Berkeley and Stoica, who is also a Berkeley professor and co-founded Databricks. Both helped found RISELabs at Berkeley where they developed the solution and spun it out as a company.

Mark Rostick, vice president and senior managing director at lead investor Intel Capital says his firm has been working with the founders since the startup’s earliest days, recognizing the potential of this solution to help companies find complex solutions even when there are multiple organizations involved sharing sensitive data.

“Enterprises struggle to find value in data across silos due to confidentiality and other concerns. Confidential computing unlocks the full potential of data by allowing organizations to extract insights from sensitive data while also seamlessly moving data to the cloud without compromising security or privacy,” Rostick said in a statement

He added, “Opaque bridges the gap between data security and cloud scale and economics, thus enabling inter-organizational and intra-organizational collaboration.”

 

Powered by WPeMatico

Extra Crunch roundup: CEO Twitter etiquette, lifting click-through rates, edtech avalanche

Yesterday, China ordered ride-hailing company Didi to stop signing up new customers after regulators announced a cybersecurity review of the company’s operations.

As of this writing, Didi’s stock price is down 5.3%. In today’s edition of The Exchange, Alex Wilhelm suggested that the move wasn’t a complete surprise, but it still “puts a bad taste in our mouths,” since the company went public days ago.


Full Extra Crunch articles are only available to members.
Use discount code ECFriday to save 20% off a one- or two-year subscription.


When Didi filed to go public, it listed several potential pitfalls facing Chinese companies that go public in the U.S., including “numerous legal and regulatory risks” and “extensive government regulation and oversight in its F-1.”

What does this news signify for other Chinese companies that are hoping for stateside IPOs?

We’ll be off on Monday, July 5 in observance of Independence Day. Thanks very much for reading, and I hope you have an excellent weekend.

Walter Thompson
Senior Editor, TechCrunch
@yourprotagonist

3 guiding principles for CEOs who post on Twitter

Did you hear about the CEO who made misleading claims about a funding round and got sued? How about that pharmaceutical executive whose taunts to a former Secretary of State led to a 4.4% decline in the Nasdaq Biotechnology Index?

In case it isn’t clear: Startup executives are held to a higher standard when it comes to what they post on social media.

“Reputation and goodwill take a long time to build and are difficult to maintain, but it only takes one tweet to destroy it all,” says Lisa W. Liu, a senior partner at The Mitzel Group, a San Francisco-based law practice that serves many startups.

To help her clients (and Extra Crunch readers) Liu has six basic questions for tech execs with itchy Twitter fingers.

And if the answer to any of them is “I don’t know,” don’t post.

The 2021 edtech avalanche has just begun

A report from Brighteye Ventures on Europe’s edtech scene shows that this year’s deal flow is on pace to meet or surpass 2020, when remote instruction exploded.

According to Brighteye’s head of Research, Rhys Spence, the average deal size is now $9.4 million, a threefold increase from last year. Still, “It’s interesting that we are not seeing enormous increases in deal count,” he noted.

How Robinhood’s explosive growth rate came to be

jagged line written by robinhood quill logo on graph background

Image Credits: TechCrunch

Trading platform Robinhood has attracted enough users and activity to change the conversation around retail investing — economists will likely be discussing the 2021 GameStop saga for years to come.

After the company filed to go public yesterday, Alex Wilhelm sorted through Robinhood’s main income statement to better understand how it scaled year-ago revenue from $127.6 million to $522.2 million in Q1.

“Those are numbers that we frankly do not see often amongst companies going public,” says Alex. “300% growth is a pre-Series A metric, usually.”

So: where is all that revenue coming from?

As EU venture capital soars, will the region retain future IPOs?

Given the valuation gap between U.S. tech markets and those overseas, it’s easy to see why some foreign startups would head to our shores when it’s time to go public.

But Anna Heim and Alex Wilhelm found that a record increase in European venture capital activity is picking up the pace of IPOs this year, and many of these companies are content to go public in their native markets.

To gain some insight into where European investors believe they have an advantage, Anna and Alex interviewed:

  • Franck Sebag, partner, EY
  • David Miranda, partner, Osborne Clarke Spain
  • Yoram Wijngaarde, founder and CEO, Dealroom

How VCs can get the most out of co-investing alongside LPs

A red and a green shoe tied together

Image Credits: Diana Ilieva (opens in a new window) / Getty Images

In a recent private equity survey, 80% of respondents said their co-investments with people outside traditional VC firms outperformed their PE fund investments.

Alternative investors are highly motivated, and because they’re seeking higher returns than are generally available in public markets, they are less daunted by risk. In return, they benefit from less expensive fee structures and develop close ties with VCs, enlarging the talent pool as they build investment skills.

These relationships have direct benefits for VCs as well, such as more flexibility with diversification and consolidated decision-making power.

“With the right deal structure, deal selection and deal investigation, co-investors can significantly increase their returns,” says C5 Capital Managing Partner William Kilmer, who wrote an Extra Crunch post for VCs considering an alternative path.

Dear Sophie: How can I bring my parents and sister to the U.S.?

lone figure at entrance to maze hedge that has an American flag at the center

Image Credits: Bryce Durbin/TechCrunch

Dear Sophie,

My husband and I are both U.S. permanent residents.

Given what we’ve gone through this past year being isolated from loved ones during the pandemic, we’d like to bring my parents and my sister to the U.S. to be close to our family and help out with our children.

Is that possible?

— Symbiotic in Sunnyvale

How to cut through the promotional haze and select a digital building platform

Modern city buildings on a printed circuits board. Digital illustration.

Image Credits: Andreus (opens in a new window) / Getty Images

Smart-building products include everything from connecting landlords with tenants to managing construction sites.

Given their widespread impact on the enterprise — and the novel nature of much of this new technology, selecting the right digital building platform (DBP) is a challenge for most organizations.

Brian Turner, LEED-AP BD&C, has created a matrix intended to help decision-makers identify the fundamental functions and desired outcomes for stakeholders.

“When it comes to the built environment, creating those comfortable, healthy and enjoyable places requires new tools,” says Turner. “Selecting a solid DBP is one of the most important decisions to be made.”

Demand Curve: 7 ad types that increase click-through rates

Use these seven ad types to improve CTR

Image Credits: Octavian Iolu / EyeEm (opens in a new window)/ Getty Images

One perennial problem inside startups: Because no one on the founding team has significant marketing experience, growth-related efforts are pro forma and generally unlikely to move the needle.

Everyone wants higher click-through rates, but creating ads that “stand out” is a risky strategy, especially when you don’t know what you’re doing. This guest post by Demand Curve offers seven strategies for boosting CTR that you can clone and deploy today inside your own startup.

Here’s one: If customers are talking about you online, reach out to ask if you can add a screenshot of their reviews to your advertising. Testimonials are a form of social proof that boost conversions, and they’re particularly effective when used in retargeting ads.

Earlier this week, we ran another post about optimizing email marketing for early-stage startups.

We’ll have more expert growth advice coming soon, so stay tuned.

To guard against data loss and misuse, the cybersecurity conversation must evolve

Locking down data centers and networks against intruders is just one aspect of an organization’s security responsibilities; cloud services, collaboration tools and APIs extend security perimeters even farther. What’s more, the systems created to prevent the misuse and mishandling of sensitive data often depend heavily on someone’s better angels.

According to Sid Trivedi, a partner at Foundation Capital, and seven-time CIO Mark Settle, IT managers need to replace existing DLP frameworks with a new one that centers on DMP — data misuse protection.

These solutions “will provide data assets with more sophisticated self-defense mechanisms instead of relying on the surveillance of traditional security perimeters,” and many startups are already competing in this space.

Powered by WPeMatico

To guard against data loss and misuse, the cybersecurity conversation must evolve

Data breaches have become a part of life. They impact hospitals, universities, government agencies, charitable organizations and commercial enterprises. In healthcare alone, 2020 saw 640 breaches, exposing 30 million personal records, a 25% increase over 2019 that equates to roughly two breaches per day, according to the U.S. Department of Health and Human Services. On a global basis, 2.3 billion records were breached in February 2021.

It’s painfully clear that existing data loss prevention (DLP) tools are struggling to deal with the data sprawl, ubiquitous cloud services, device diversity and human behaviors that constitute our virtual world.

Conventional DLP solutions are built on a castle-and-moat framework in which data centers and cloud platforms are the castles holding sensitive data. They’re surrounded by networks, endpoint devices and human beings that serve as moats, defining the defensive security perimeters of every organization. Conventional solutions assign sensitivity ratings to individual data assets and monitor these perimeters to detect the unauthorized movement of sensitive data.

It’s painfully clear that existing data loss prevention (DLP) tools are struggling to deal with the data sprawl, ubiquitous cloud services, device diversity and human behaviors that constitute our virtual world.

Unfortunately, these historical security boundaries are becoming increasingly ambiguous and somewhat irrelevant as bots, APIs and collaboration tools become the primary conduits for sharing and exchanging data.

In reality, data loss is only half the problem confronting a modern enterprise. Corporations are routinely exposed to financial, legal and ethical risks associated with the mishandling or misuse of sensitive information within the corporation itself. The risks associated with the misuse of personally identifiable information have been widely publicized.

However, risks of similar or greater severity can result from the mishandling of intellectual property, material nonpublic information, or any type of data that was obtained through a formal agreement that placed explicit restrictions on its use.

Conventional DLP frameworks are incapable of addressing these challenges. We believe they need to be replaced by a new data misuse protection (DMP) framework that safeguards data from unauthorized or inappropriate use within a corporate environment in addition to its outright theft or inadvertent loss. DMP solutions will provide data assets with more sophisticated self-defense mechanisms instead of relying on the surveillance of traditional security perimeters.

Powered by WPeMatico

Sources: SentinelOne expects to raise over $1B in NYSE IPO tomorrow, listing with a $10B market cap

After launching its IPO last week with an expected listing price range of $26 to $29 per share, cybersecurity company SentinelOne is going public tomorrow with some momentum behind it. Sources close to the deal tell us that the company, which will be trading under the ticker “S” on the New York Stock Exchange, is expecting to raise over $1 billion in its IPO, putting its valuation at around $10 billion.

Last week, when the company first announced the IPO, it was projected that it would raise $928 million at the top end of its range, giving SentinelOne a valuation of around $7 billion. Coming in at a $10 billion market capitalization would make SentinelOne the most valuable cybersecurity IPO to date.

A source said that the road show has been stronger than anticipated, in part because of the strength of one of its competitors, CrowdStrike, which is publicly traded and currently sitting at a market cap of $58 billion.

The other reason for the response is a slightly grimmer one: Cybersecurity continues to be a major issue for businesses of all sizes, public organizations, governments and individuals. “No one wants to see another SolarWinds, and there is no reason that there shouldn’t be more than one or two strong players,” a source said.

As is the bigger trend in cybersecurity, Israel-hatched, Mountain View-based SentinelOne‘s approach to combat that is artificial intelligence — and in its case specifically, a machine-learning-based solution that it sells under the brand Singularity that focuses on endpoint security, working across the entire edge of the network to monitor and secure laptops, phones, containerised applications and the many other devices and services connected to a network.

Last year, endpoint security solutions were estimated to be around an $8 billion market, and analysts project that it could be worth as much as $18.4 billion by 2024 — another reason why SentinelOne may have moved up the timetable on its IPO (last year the company’s CEO Tomer Weingarten had told me he thought the company had one or two years left as a private company before considering an IPO, a timeline it clearly decided was worth speeding up).

SentinelOne raised $267 million on a $3.1 billion valuation led by Tiger Global as recently as last November, but it has been expanding rapidly. Growth last quarter was 116% compared to the same period a year before, and it now has more than 4,700 customers and annual recurring revenue of $161 million, according to its S-1 filing. It is also still not profitable, posting a net loss of $64 million in the last quarter.

Powered by WPeMatico