Securiti.ai is taking on the growing cybersecurity market — projected to be worth $300 billion by 2024 — with its security and compliance process automation platform. After emerging from stealth last August with $31 million in funding, Securiti.ai today announced that it has secured $50 million in a series B round led by General Catalyst, with participation from Mayfield. This brings the San Jose, California-based startup’s total raised to $81 million.
President and CEO Rehan Jalil — who founded the company in 2019 with a team hailing from Symantec, Blue Coat, Elastica, and Cisco — said the capital will lay the groundwork for a freemium data subject request (DSR) fulfillment product and a self-service portal that will streamline onboarding of privacy compliance solutions. Jalil added that this will enable Securiti.ai to scale its reach by expanding into Latin American and Asia-Pacific markets just as new privacy regulations — such as Brazil’s General Law for the Protection of Personal Data (LGPD) and Australia’s Consumer Data Right (CDR) — go into effect.
Securiti.ai also announced that three new executives will join its management team, following the growth of its workforce from 130 people to just over 185. Matt Gilbo, Eric Andrews, and John Cunningham have been appointed vice president of sales, vice president of marketing, and vice president of the Asia-Pacific division, respectively.
“[There are] a dozen state-level privacy regulations in the works, and we look forward to scaling our team and expanding our product capabilities to ensure businesses stay prepared as new regulations go into effect,” said Jalil in a recent statement. “We look forward to making privacy compliance simple, automated, and cost-effective for our customers.”
In 2009, Jalil sold network equipment maker Wichorus for $165 million, and he headed Symantec’s cloud security division after his company Blue Coat was acquired for $4.7 billion, following a merger with his previous startup, Elastica. During his tenure at Symantec, he led the company’s fastest-growing division, with triple-digit growth over seven quarters.
It was around this time that he got the idea for Privaci, Securiti.ai’s debut product. Jalil describes it as a “PrivacyOps” solution that combines best practices with cross-functional collaboration, automation, and orchestration.
To this end, Privaci features a number of configurable modules aimed at operationalizing data management and compliance. A personal data owner identifier taps AI to discover personal info (and its owners) from “hundreds” of structured and unstructured sources, while a data subject request automator and portal help fulfill and collect requests by compiling systems and data-containing objects into a report for review and approval.
Those components join third- and first-party privacy assessment models that serve as cross-organizational systems of record. A complementary third-party privacy module provides independent ratings of enterprises to determine privacy risk based on publicly available information about their data collection and handling practices. And a consent lifecycle manager records consent from various points within an organization and centralizes the files in a single unified, searchable place.
It’s a lot to keep straight, but fortunately there’s a robotic assistant dubbed Auti to walk users through the ins and outs. Auti can parse questions about various aspects of an organization’s privacy compliance in plain language, in addition to handling questions about sensitive data, personal information risks, and more. Moreover, it’s able to assist in tasks like DSR fulfillment, and it works in conjunction with a dashboard for multi-channel team collaboration designed to prevent breaches resulting from shared sensitive data.
The goal is to ensure clients — which collectively manage over 100 identities — remain compliant with new privacy laws and regulations globally. Spurred on by legislation like California’s Consumer Privacy Act (CCPA), which will soon require enterprises handling personal data of California residents to comply with a number of data requirements or face a $7,500 fine for each violation, the vendor risk management market was worth an estimated $3.29 billion in 2017 — two years before the data protection market hits an anticipated $120 billion.
Cybercrime never sleeps. Juniper Research pegs the number of digital records that will be stolen in 2023 at 33 billion, compared with the 12 billion stolen in 2018. As recently as 2017, the U.S. outranked all other countries in the volume of ransomware attacks, according to Symantec. And analysts elsewhere estimate that the cybercrime economy has grown to $1.5 trillion in annual profits and that damages will reach $6 trillion by 2021.