SecurityBrief New Zealand - Technology news for CISOs & cybersecurity decision-makers
Story image
Microsoft-backed security firm SpyCloud amplifies enterprise protection
Thu, 5th Dec 2019
FYI, this story is more than a year old

Cybersecurity firm SpyCloud is an up-and-coming star in cybersecurity – and with US$21 million from Microsoft's venture fund behind it, SpyCloud's future is almost limitless.

Founded in 2016, SpyCloud's specialty lies in account takeover (ATO) prevention. It does this by identifying exposed employee and customer accounts and passwords in the earliest stages possible. It then notifies affected companies and helps those companies remediate the companies – all through automation.

This process prevents cybercriminals from committing fraud, or causing major damages to organisations' finances, data, intellectual property, and reputation.

Earlier this year SpyCloud announced the $21 million new capital, backed by Microsoft's venture fund M12 and investors Altos Ventures, Silverton partners, and March Capital Partners.

It was a momentous occasion for SpyCloud, which disclosed that the funding will be used to grow its security research team, expand its database of recovered assets, extend R-D and product development, and ultimately increase the company's global footprint.

M12 managing director Leo de Luna comments, "SpyCloud is changing the way modern businesses identify and address cybercrime stemming from account takeovers.

“We look forward to helping SpyCloud and its outstanding team accelerate protections for both its customers and their users from this fraudulent activity."

As of February 2019, SpyCloud's database held 60 billion assets, which the company claimed was the ‘largest and highest quality database in the world' at the time.

In 2018, the company analysed and recovered 3.5 billion credentials sources from breaches, the dark web, and other sources.

SpyCloud CEO and cofounder Ted Ross says that account takeovers are generally caused by reused passwords across personal and work accounts.

"As criminals use more complex, scalable methods to collect and weaponize compromised passwords, organisations need to take proactive measures to prevent, detect and remediate exposures. SpyCloud meets that immediate need."

The company explains that its product is designed to protect employee and customer accounts across many different sectors such as financial services, retail, travel and hospitality, and more.

Enterprise security teams and government agencies also look to SpyCloud for fraud investigations. Furthermore, SpyCloud enables strategic partners to build industry-leading identity monitoring and security solutions for corporate and consumer clients, extending the power of SpyCloud to hundreds of millions of third-party users.

In December 2019, SpyCloud also published data points from some of its key findings in 2019:

  • Total Ingested breach data assets: 78.60 billion
  • Recovered credentials: 18.13 billion
  • Recovered PII assets (DOB, SSN, etc.): 20.32 billion
  • Number of email addresses: 23.75 billion

SpyCloud also raised US$2.5 million seed funding in 2017, and $5 million Series A round in 2018.