China's Growing Cybersecurity Needs and ThreatBook's Response

A significant shift is occurring in China, with an increasing number of economic and public functions migrating to the internet. This digital transformation involves the transfer of substantial amounts of data – both citizen and governmental – to cloud-based servers, consequently heightening concerns regarding information security.

The Rise of Cybersecurity Awareness

ThreatBook, a burgeoning startup, recognizes this evolving landscape as a key opportunity. The company is dedicated to providing robust protection for both corporations and governmental organizations against increasingly sophisticated malicious cyberattacks.

While antivirus and security software have been available in China for decades, Xue Feng, founder and CEO of ThreatBook, explains that, until recently, procurement was largely driven by compliance requirements. He shared this insight with TechCrunch during a recent interview.

Around 2014, a period of rapid internet expansion commenced in China, leading to an unprecedented surge in data volume. Previously stored on physical servers, information began transitioning to the cloud. This prompted organizations to acknowledge the potential for significant financial losses resulting from cyberattacks, leading to increased investment in security solutions.

Cyberspace as a Modern Battlefield

Simultaneously, cyberspace is becoming a critical arena for geopolitical competition. Nation-states may target an adversary’s essential digital infrastructure or attempt to steal valuable research data from academic institutions.

Xue, who previously led information security at Amazon China and served as the director of internet security at Microsoft in China, notes that the frequency of cyberattacks between countries often mirrors their existing geopolitical relationships.

He elaborates that countries with strong alliances are less prone to engaging in cyber warfare against each other. China, due to its unique geopolitical position and existing tensions with major global powers, also faces frequent cyberattacks originating from smaller, neighboring nations.

ThreatBook's Business Model and Funding

ThreatBook operates as a Software-as-a-Service (SaaS) provider, offering software solutions and charging an annual subscription fee. Currently, over 80% of its clientele consists of large corporations spanning the finance, energy, internet, and manufacturing sectors.

Government contracts represent a smaller portion of its revenue. The company recently secured 500 million yuan ($76 million) in Series E funding in March, bringing its total funding to over 1 billion yuan, with investments from firms like Hillhouse Capital.

While Xue refrained from disclosing specific revenue figures or the company’s valuation, he stated that 95% of its customers choose to renew their annual subscriptions. He also indicated that ThreatBook has fulfilled the “preliminary requirements” for listing on the Shanghai Exchange’s STAR board – China’s equivalent of the Nasdaq – and intends to pursue an IPO when market conditions are favorable.

Xue estimates that the typical timeframe for similar companies to go public is 7-10 years.

Technology and Competitive Landscape

ThreatBook positions itself as a competitor to CrowdStrike, a Silicon Valley-based cybersecurity firm that went public in 2019. Both companies employ a strategy of detecting threats by monitoring a company’s endpoints – encompassing employee laptops and mobile devices connecting to the internal network from outside the corporate firewall.

ThreatBook’s software suite is deployed on employee devices, automatically identifying threats and generating a list of potential solutions.

“This is akin to installing a comprehensive network of security cameras within a company,” Xue explains. “However, the crucial aspect lies in the actionable intelligence we provide to our customers following threat detection.”

Market Education and Monetization

SaaS companies in China are still actively engaged in educating the market and convincing enterprises to prioritize cybersecurity spending. Of the 3,000 companies served by ThreatBook, only 300 currently pay for its services, indicating substantial potential for increased monetization.

Spending willingness varies across industries, with financial institutions readily allocating several million yuan annually, while tech startups may opt for more modest investments.

Global Expansion Plans

Xue envisions expanding ThreatBook’s reach internationally. Plans for overseas expansion were initiated last year but were temporarily delayed due to the COVID-19 pandemic.

“We have received inquiries from companies in Southeast Asia and the Middle East,” Xue stated. “Opportunities may also exist in established cybersecurity markets like Europe and North America, provided we can offer a differentiated solution that complements existing security infrastructure.”

He believes that a compelling value proposition can attract customers even if they already have a security solution in place.

• Key Takeaway: ThreatBook is capitalizing on the growing need for cybersecurity in China's rapidly digitizing economy.
• Future Outlook: The company aims for global expansion and a potential IPO.