The Rising Cost of Cybercrime and a New Approach to Security

Cybercrime is projected to cost an astounding $6 trillion this year, prompting organizations to significantly increase their investment in security measures. A growing need exists to effectively evaluate the return on these security investments.

Cymulate Secures $45 Million in Series C Funding

Cymulate, a startup specializing in security investment stress-testing, has announced $45 million in funding. This capital will be used to further develop its platform and expand operations, building on last year’s revenue doubling and a client base of 300 enterprises and mid-market companies.

The funding round was led by London-based One Peak Partners, with participation from existing investors including Susquehanna Growth Equity, Vertex Ventures Israel, Vertex Growth, and Dell Technologies Capital.

Automated Security Validation and Optimization

According to Cymulate’s CEO and co-founder, Eyal Wachsman, the company’s core technology aims to optimize existing security investments through an automated, machine learning-driven system.

Wachsman playfully envisions Cymulate as the “largest cybersecurity ‘consulting firm’ without consultants.”

While the exact valuation remains undisclosed, One Peak’s managing partner, David Klein, anticipates Cymulate reaching a $1 billion valuation within two years, given its current growth trajectory. The startup has now raised a total of $71 million, suggesting a valuation in the mid-hundreds of millions.

How Cymulate Works: A Comprehensive Approach

Cymulate is a cloud-based platform that functions across both cloud and on-premises environments. It’s designed to complement the work of security teams and enhance the effectiveness of existing security IT investments.

The platform doesn’t replace security experts; it empowers them by validating security controls and ensuring optimal functionality to strengthen an organization’s overall security posture. Often, Cymulate finds that customers are only utilizing a fraction of their security capabilities.

Leveraging the MITRE ATT&CK Framework

Cymulate’s tools are partially based on the widely recognized MITRE ATT&CK framework, a knowledge base of threats and techniques. This places Cymulate within a competitive landscape alongside companies like FireEye, Palo Alto Networks, Randori, and AttackIQ, all offering continuous validation services.

Despite its focus on optimizing existing tools, Cymulate isn’t intended to eliminate the need for other security applications, although it may lead to reduced reliance on them over time.

A Shift in Security Philosophy: Stop Buying, Start Optimizing

Wachsman advocates for a shift in security strategy, urging organizations to prioritize optimizing existing security products over continually acquiring new ones. He believes that proper configuration is key to effective defense.

Cymulate functions as a “black box” within the network, integrating with existing security software to conduct simulations. It then generates a network map, a threat profile, an executive summary, and detailed recommendations for remediation.

Addressing Modern Security Challenges

Beyond validating and optimizing security applications, Cymulate offers specialized tools for contemporary security concerns. These include:

• Evaluating remote work deployments
• Assessing security post-merger and acquisition
• Analyzing supply chain security risks
• Ensuring compliance with privacy regulations
• Facilitating “purple team” exercises for organizations lacking dedicated “red teams”

A Massive Market Opportunity

Cymulate’s comprehensive infrastructure positions it for future expansion as the threat landscape evolves. The market opportunity is substantial, with Gartner estimating $170 billion in enterprise information security spending for 2022.

“The increasing pace of global cyber security attacks has resulted in a crisis of trust…and a realization that security testing needs to be continuous,” stated David Klein. “We expect Cymulate to grow very fast.”