Announcing 8VC’s Investment in SeeMetrics — April 2022
As SeeMetrics emerges from stealth, we are pleased to announce 8VC’s participation in their $6 million seed round, led by Workbench alongside Essence VC, AGP, and Verissimo Ventures. SeeMetrics has laid out especially ambitious goals and built a platform to match. Not only do they manage the security stack for the modern enterprise, but they are also equipping CISOs with executive visibility and decision-making capabilities befitting a true C-level function.
Fragmentation in the CISO Office
CISOs currently face a challenging reality. Their responsibilities are far-reaching, with direct bearing on the long term function of the business, yet their current technology stack makes it extremely difficult to see the forest for the trees. Each of their core functions is an emerging discipline in itself (e.g. cyber risk assessments, implementing security operations practices, data loss protection, adopting IAM organization-wide, etc.). It’s a new kind of leadership and CISOs need a new lens to manage the exploding complexity of a security organization.
There is no shortage of purpose-built tooling available — and the ensuing fragmentation and lack of interoperability & standardization forms part of the problem. To implement true Zero Trust (a North Star of security teams in large enterprises), CISOs are required to buy many individual point solutions across an increasingly expansive security stack, as Momentum Cyber has illustrated (if you wear glasses, give them a polish before clicking). Based on data collected by SeeMetrics, US enterprises with >10,000 endpoints manage, on average, between 80 and 200+ different security tools. Some of the buckets here include:
- Endpoint security (Crowdstrike, Fortinet, Ivanti, Sophos, etc);
- Email security (Barracuda, Proofpoint, Mimecast, etc.);
- Threat intelligence (Anomali, Webroot, Darktrace, etc.)
- Cloud workload protection, incident response, data loss prevention, application security, library security — and the list of categories goes on.
Lack of Security Observability
CISOs have countless cyber tools, but what they’ve lacked until now is observability around how these tools are being utilized, what high-level capabilities they have, and their overall state of security coverage. And, at least anecdotally, many CISOs report an inverse relationship between the number of tools deployed and the utility provided. This oversaturation constitutes its own threat landscape, because in addition to all the external actors CISOs must guard against, they’re creating their own matrix of assets that can easily become liabilities if they’re not properly directed.
Aggregating so many tools and creating dashboarding and analytics is painful and cumbersome. SeeMetrics CTO Mike Admon experienced this firsthand, building out metrics aggregation and capability-specific data model standardization himself in his past life as a CISO. Today, these kinds of analyses are still done at long intervals, which is insufficient and highly manual: ad hoc scripts to merge feeds; conducting entity resolution; correlating metrics across business outcomes and security risk factors. Then, security teams have to individually catalog each product across their organization to determine which capabilities are actually being used.
The Single SeeMetrics Pane of Glass
SeeMetrics aims to address this vicious cycle described above: tool fragmentation yielding challenges in observability, which results in repeated ad-hoc, cumbersome, and bespoke analytics exercises for the security team. It offers an elegant and comprehensive solution that CISOs have been waiting for — a single, unified view into every security tool and its operations, bucketing them into individual capabilities (e.g. malicious code protection) and providing instant dashboards and scorecards. For the first time, CISOs have total performance observability, and they have it in real time, which is a massive engineering coup in its own right. In terms of specific functions and workflows, SeeMetrics can:
- Determine the utilization of each product, identify which modules are adequately utilized or underutilized, and perform security coverage analysis.
- Translate the partitioned stack onto unified controls, and actively alert on control inefficiencies for risk reduction.
- Provide visibility into individuals and business assets across the enterprise and model how security decisions affect each of them.
- Share metrics across the organization in formats optimized for business users.
- Perform proactive cost monitoring and spend analysis.
Finally, SeeMetrics features 50+ out of the box integrations. Some highlights include IAM (Okta), endpoint protection (Crowdstrike, Palo Alto Cortex), phishing & cybersecurity training (Ironscales), and vulnerability management (Tenable, Qualys, Wiz).
In addition to these technical problems, it’s worth considering how the CISO office itself has traditionally been set up to succeed (or not). Certainly, CISOs need to set the tone for an organization’s security posture and instill best practices that each department can grasp and follow. Yet simply hiring CISOs and expecting them to deliver security on a silver platter, as too many organizations do, is technocratic at best and at worst, dangerously naive. If you’re running a salesforce, you don’t just send all your reps into the field and hope for the best — you need constant evaluation and visibility and the confidence to move and remove resources. And this is especially tricky for CISOs because many of their touchpoints with the outside world are tools, not people.
SeeMetrics addresses this gap, and in doing so, they’ve added an important layer to our Infrastructure thesis at 8VC. We’re big fans of horizontal platforms that target specific personae, understand their workflow deeply, and solve their data unification and standardization problems (see our investments in LightBeam and Acryl Data for some other examples). SeeMetrics has done this for an entire executive function, and probably the one most urgently needed.
As is often the case, we were won over by the SeeMetrics team as much as their technology, both their individual skill sets and how they work in concert with one another. CEO Shirley Salzman brings a deep reservoir of GTM, sales and marketing, and BD expertise developed in the thriving Tel Aviv startup scene. CTO/CISO Mike Admon is a 20 year cyber security veteran with deep technical and domain expertise from enterprises large and small. Shay Haluba, VP R&D, was an information systems expert in the IDF for 6 years before becoming an accomplished private sector engineering lead.
In conclusion, CISOs may have multiple stained glass windows worthy of Notre Dame, but these are of limited, perhaps even negative value without a single, unified pane to provide visibility into the performance of their security apparatus as a whole. SeeMetrics solves this enormous problem, and we look forward to partnering with them as they rise to meet an increasingly challenging landscape.