Our Investment in Theom: Backing a World-Class Team that is Reimagining Cloud Data Security
A-Level Capital participates in Theom’s $16M Seed Round led by Ridge Ventures and M12, Microsoft’s Venture Fund
The migration to the cloud is in full swing. Today, organizations can process, store, and move unprecedented amounts of data in record time and at accessible prices. Cloud platforms like AWS, Azure, and GCP are growing at 40–50% YoY at massive scale, and the pandemic-driven shift to remote work has unlocked a new wave of digital transformation and data growth.
This large-scale cloud migration has generated a new set of challenges, particularly in data security. With increased flexibility comes a loss of visibility and an expansion of enterprise “attack surfaces” — the number of all possible points, or attack vectors, where an unauthorized user can access a system and extract data. CISOs now face the daunting task of tracking where data resides across multi-cloud environments and differentiating critical security threats among thousands of unprioritized security alerts.
More data, more problems
Existing solutions are not doing enough to address cloud-specific security vulnerabilities. 2021 was a record year for data breaches, with the number of breaches increasing by a third as employees worked remotely. Companies that fail to protect cloud data also risk significant compliance fines and reputational damage. IBM recently reported that the average breach costs rose from USD 3.86M per incident in 2020 to 4.2M in 2021, the highest average total cost in the report’s 17-year history. High-profile “mega-breaches” can quickly reach hundreds of millions of dollars.
Governments and institutions have responded to this explosion in data and attacks by introducing new data privacy and regulatory laws (GDPR, HIPAA, NIST, etc.). Earlier this year, the SEC proposed rules to enhance and standardize disclosures regarding cybersecurity risk management, strategy, governance, and incident reporting by public companies. More stringent regulatory landscapes present compliance challenges across the IT spectrum, especially for organizations hosting their data in complex hybrid or multi-cloud environments. Enterprises, meanwhile, are grappling with a persistent and widening cybersecurity talent shortage — leaving them woefully unprepared and under-resourced to combat shifting regulatory and data security landscapes.
The takeaway: today’s wave of digital transformation and data growth calls for an urgent rethinking of data security. Traditional approaches must be adapted to the current reality of complex cloud environments and heightened security threats.
Enter Theom, the cloud data bodyguard
Most security products take an “application first” approach to data security, protecting a specific ‘physical’ location like endpoints, cloud, and SaaS applications. Theom, by contrast, has adopted a “data first” approach focused on data and the identity of entities accessing data.
Theom is a Cloud Data Protection Platform that secures critical business data in the cloud (like AWS), SaaS data warehouses (like Snowflake), message queues (like Kafka), and APIs (like Nginx or Envoy). The product maps cloud data environments, offering a unified view of a customer’s most sensitive data, its financial value, and associated security risks; it also automates remediations to prevent data loss from ransomware, data breaches, and misconfigurations.
We group the offering into three main categories:
- Provide agentless situational visibility of data, for a deep understanding of what data exists and where this data is located both at rest and in transit.
- Automatically establish the sensitivity of data and rank data risk based on business criticality, accounting for the probability of a data loss event (how easy it would be for an attacker to infiltrate the data) and the potential impact of this loss on a customer’s business (measured in terms of financial liabilities and the associated dollar-value of the data).
- Flag high-priority risks to data and drive remediation actions to address vulnerabilities, remediating security threats before they’re exploited. Theom enables security teams to quickly prioritize alerts based on data risk, and integrates with SIEM/SOAR and ticketing systems to drive automated remediation.
We love that Theom’s product is proactive rather than reactive — the goal is to prevent data leaks, ransomware, and breaches before they happen. The Theom team has also done an exceptional job of obscuring all technical complexity. Deployment is agentless and happens in minutes: customers simply grant Theom read-only access to their cloud data stores and data warehouses, and thousands of data stores are auto-discovered within a few hours.
The result? High return on investment and remarkably fast time to value.
Meet the team
When we met Theom, we knew we’d found one of the strongest cyber teams in the industry. The Theom team lives and breathes data security. Their combination of unparalleled technical expertise and deep senior leadership experience leaves them uniquely qualified to deliver on the ambitious mission of protecting data in the cloud.
Co-founder and CEO Navindra Yadav has more than 30 years of experience in cyber security, networking, and big data processing, at companies including Google, Tetration, Insieme, Cisco, Lockheed Martin, Bell Labs (Lucent), and Siemens. A proud Johns Hopkins alum, Navindra earned the title of “Cisco Fellow” (the highest level achievable by an engineer) and holds over 193 US patents. Before founding Theom, he was the founder, CEO, and CISO of Tetration Analytics — a cyber-security start-up that was acquired by Cisco and became the company’s flagship cloud workload security product.
Co-founders Supreeth Rao and Ravi Sankuratri were both engineers and leaders at Tetration, working with Navindra for over six years to build cybersecurity products at scale. We would be hard-pressed to think of a stronger trio to take on the challenge of reinventing cloud data security.
Building the next frontier in Cloud Data Security
We’re excited to announce our participation in Theom’s $16M Seed Round led by Ridge Ventures and M12, Microsoft’s Venture Fund.
A-Level’s investment rests on our conviction in the exceptional founding team capable of delivering on both product and sales, the innovative and differentiated underlying technology enabling automated risk detection and ranking, the strong industry tailwinds surrounding cybersecurity, and the existing revenue-generating customer contracts. We are incredibly proud to back Theom as they enter this next phase of growth and spearhead a new generation of cloud data security.
Thank you Navindra and team for the opportunity to partner with you on this journey!
The A-Level Capital team
To learn more, read Theom’s announcement and the VentureBeat coverage of the round. Check out open positions here to get involved!
