Why did I join Cyberhaven?

Why did I join Cyberhaven?

After four amazing years at Netskope, where I led a portfolio of key products in cloud security (CSPM, SSPM, CASB for IaaS), I recently decided to join as Chief Product Officer a disruptive Series B security startup, Cyberhaven, that is re-imagining and modernizing enterprise data protection and insider risk management.

Since updating my LinkedIn profile, I have received a lot of questions about Cyberhaven and thought I would share a quick summary about what got me so excited about this opportunity. Also, I wanted to share that I will be at RSA next week and would look forward to connecting at the Cyberhaven booth or over a coffee or drink.?

The first question I typically get is “Why focus on Data Protection”?

1. Protecting enterprises' most valuable data is one of the top C-Level security concerns for every organization.
2. However, most organizations are unsatisfied with their DLP programs, or are unable to initiate a program due to the following challenges: (a) Large teams of experts are required to manage DLP programs due to super complicated policies, manual classification, and huge volumes of False Positives, (b) Most tools have critical visibility gaps, particularly around unstructured data like Intellectual Property as well as certificate pinned and end-to-end encrypted apps, (c) Legacy endpoint agents are known for poor end user experience (performance issues, crashes, blocking legitimate workflow).
3. I believe Cyberhaven has game-changing technology and the right team to modernize and re-imagine enterprise data protection. In my first two weeks on the job, I have really enjoyed working with top-tier technical talent and industry experts working together to get things done at a lightning-fast pace.

The next question is “What is unique about Cyberhaven and their approach to data protection”?

Cyberhaven’s Data Detection and Response (DDR) platform transforms how organizations protect their data from IP theft and insider threats.?

Cyberhaven’s unique advantages include:

1. Data tracing. Cyberhaven’s data tracing technology tracks and connects all user interactions with data over time and across the enterprise, which is enabled through a purpose-built and highly scalable graph database. Data tracing enables a modern approach to data protection in three ways: (a) Expands coverage (b) simplifies policies & minimizes False Positives , and (c) accelerates investigation & response. Data tracing effectively classifies and protects critical unstructured data such as intellectual property, which does not work with traditional DLP approaches limited to scanning content at egress. Policies are simplified and false positives are minimized by leveraging business-relevant context such as lineage, application, and creator, as well as content…enabling organizations to safely enable their employees to collaborate? while protecting sensitive data. Investigations are greatly simplified by tracing data from its source through every action taken by any user including attempts to exfiltrate the data.

2. Modern, light-weight endpoint software. Cyberhaven’s talented engineering team led by three PhDs have developed a modern endpoint data protection agent that delivers unparalleled visibility and protection without the limitations of legacy endpoint agents. Key benefits include: (a) Full visibility into all activity from managed endpoints, (b) Visibility into data before it is encrypted (95% of Internet traffic is encrypted) [data point on % traffic encrypted], and (c) Data tracing requires endpoint visibility. Expanding on the visibility point, many of the most valuable applications (Google Drive, One Drive, Adobe Creative Cloud) are certificate-pinned or employ end-to-end encryption (Whatsapp, Git, SSH). Cyberhaven’s visibility is not impaired by this like other solutions that either don’t have visibility at all into encrypted traffic, or require customers to implement complicated work-arounds that often break certificate-pinned apps resulting in users being unproductive or turning off the protection.?

Cyberhaven’s modern endpoint agent effectively avoids the limitations of legacy DLP endpoints via a few key innovations. We primarily focus on monitoring the user space, which consumes < 1% of system resources and avoids conflicts between competing kernel agents. Our data tracing technology reduces the need for content scanning. Furthermore, our engineering team carefully considers (and measures) the performance impact of each endpoint feature. While almost every endpoint agent today relies on a risky code injection technique known as "hooking", which often causes conflicts between agents or crashes, Cyberhaven takes advantage of the latest APIs as well Cyberhaven’s proprietary non-invasive monitoring techniques. Finally, Cyberhaven is easily deployed onto Windows machines, Macs, and Virtual Desktops via leading Mobile Device Management (MDM) platforms.

The Cyberhaven endpoint agent is the most critical data source for Cyberhaven, enabling data tracing to connect the dots on all user actions with data from their primary endpoint. With that said, Cyberhaven’s endpoint visibility is complemented by other data sources (such as Directory context and SaaS logs) and seamlessly linked together via Cyberhaven graph database.?

3. Exceptional Team, Cyberhaven was founded by five PhDs who lead the technical team and who are complemented by a seasoned management team of security industry veterans and some of the leading investors in Cybersecurity. Cyberhaven was created in 2016 after the three PhD Co-Founders received funding resulting from the Cyber Grand Challenge which showcased the initial version of Cyberhaven’s data tracing technology. Our management team’s experience includes Cybersecurity leaders such as Palo Alto Network, Zscaler, Netskope, Skyhigh, RSA, Cisco, Symantec, and Digital Guardian. Our Series B investment was led by Redpoint Ventures with participation from new investors Forgepoint Capital and Wing as well as existing investors Vertex Ventures US, Costanoa, and Crane. Most importantly, the team has a mission-driven culture with no bureaucracy, just a laser focus on our customers and moving super fast to innovate and solve problems. https://www.cyberhaven.com/about-us/

Learn more

https://www.cyberhaven.com/data-detection-and-response/

https://www.cyberhaven.com/how-it-works/