Cylance, an Irvine, California-based cybersecurity startup that taps machine-learning and artificial intelligence (A.I.) to thwart malware, has raised $100 million in a Series D round led by Blackstone Tactical Opportunities and Insight Venture Partners, with participation from existing investors.
The company was founded in 2012 by Stuart McClure, who sold an Internet security firm to McAfee for $86 million eight years ago and came on board as McAfee’s chief technology officer (CTO). Prior to this round, Cylance had already raised about $77 million, including a $42 million round last July and $20 million the previous year.
McClure has an interesting background — his venture into the security realm was influenced by a deadly plane crash he was involved in back in 1989, one which resulted in the death of nine passengers. The event was apparently caused by a flaw in the Boeing 747’s locking mechanism — a known fault that the company ignored. This episode resonated with McClure’s view of cyber attacks: Many of them are the result of known weaknesses.
Cylance claims that 1,000 customers are using Cylance’s smarts to protect themselves from zero-day attacks and other advanced security infiltrations, but it isn’t the only company using A.I. to improve online security. Israel-based Fortscale uses machine learning and big data analytics to detect malicious user behavior, while Jask and Darktrace are using similar smarts.
As for Cylance, its platform entails a suite of algorithm-based security protocols — a “breakthrough mathematical process,” as the company calls it — that inspect networks for weaknesses and shuts them down if any are detected. By combining human-generated code with a system that learns the psychology of a hacker Cylance promises to help companies and governments predict and prevent advanced threats.
The company plans to use the additional $100 million to support growth by expanding its sales, marketing, and engineering programs. “We founded Cylance almost four years ago with a singular mission: protect those who cannot protect themselves, and empower those who can,” said McClure. “Our goal of reinventing endpoint security by using machine learning to think like a cyber hacker has been achieved, and we now must ensure that it is put in the hands of security leaders inside enterprises, organizations, governments and small businesses as quickly as possible.”
Meshing machine learning with cybersecurity makes a great deal of sense. Last month, when Facebook open-sourced its Capture the Flag competition platform to teach developers about cybersecurity, one of the reasons it cited was that the cybersecurity industry will be short 1.5 million people by 2020. If the industry can lean a little more on A.I. systems, that could go some way toward alleviating the demand for human experts.