Cyberhaven raises $13 million to thwart trade secret theft

For obvious reasons, trade secrets are highly valuable — they’re the innovations that confer competitive advantage. The damages sought and obtained in trade secret cases are predictably high, in some instances exceeding hundreds of millions of dollars. And plaintiffs not uncommonly estimate that theft costs hundreds of jobs and billions in combined shareholder equity.

Five security researchers hailing from Stanford, MIT, the Swiss Federal Institute of Technology, and the University of California, Berkeley — Cristian Zamfir, George Candea, Radu Banabic, Vitaly Chipounov, and Volodymyr Kuznetsov — made protecting trade secrets their mission when they founded Cyberhaven four years ago. The Palo Alto-based firm, which has offices in Boston and Lausanne, Switzerland, provides an analytics solution capable of observing data’s behavior while delivering context — like which users accessed what information and when.

Cyberhaven has already achieved a measure of success, with customers including Motorola, the U.S. Defense Advanced Research Projects Agency (DARPA), ServiceSource, Deloitte, and IDA. And it has won over investors such as Vertex Ventures and Costanoa Ventures, which co-led the company’s $13 million series A funding round, with participation from Alex Stamos, Facebook’s former chief security officer; Jeff Rothschild, Veritas’ cofounder and Facebook’s former VP of infrastructure engineering; and Kamal Shah.

The capital infusion brings Cyberhaven’s total raised to $15 million, and Kuznetsov, who serves as CEO, said it will bolster development of the company’s eponymous product, which launches publicly today.

Cyberhaven is designed to protect against negligent and offboarding users, as well as repeat malicious insiders, who steal data with the intention of brokering it later. Admins use a dashboard to create policies protecting trade secrets, intellectual property, and client data, as well as connectors to integrate Cyberhaven with endpoints, servers, email, apps, databases, and software-as-a-service products. In the background, Cyberhaven indexes and reconstructs the flow of data across all assets, offering real-time visibility into all on-premise and cloud locations.

According to Kuznetsov, Cyberhaven’s patented approach — which builds on research that in 2016 was awarded more than $1 million in grants from DARPA and the Swiss Federal Government — doesn’t require any changes to existing apps or infrastructure. Helpfully, it traces data incidents to their source, enabling security teams to uncover the exfiltration path before and afterward.

“A recurring theme we’ve heard … is that when a data incident occurs, it takes too much manual work to understand what happened with the data — and this wasted time turns small incidents into costly data breaches,” said Kuznetsov. “With Cyberhaven, analysts no longer have to manually reconstruct data flows from bits and pieces of evidence in multiple tools to discern the root cause of a breach. Instead, Cyberhaven enables companies to detect and contain data loss, theft, or misuse at machine speed.”

While Cyberhaven’s solutions are more narrowly tailored than those of its data-shielding competitors, it has rivals in startups like Egress, which offers a full range of services, including email and document classification and accidental send prevention. But with its impressive client roster and heavy-hitting angel backers like Stamos, Rothschild, and Shah, Cyberhaven appears to be well-positioned for growth in a cutthroat market.