The firm has a portfolio of threat intelligence products to help its clients — largely enterprise customers, the tech industry and the government sector — reduce the risk of cyber incidents and learn how to handle them more efficiently. It also counts managed software security partners that license its software as a service for mid- and small-market customers that don’t have their own security teams.
ThreatQuotient previously raised a $30 million Series C in 2017, a $12 million Series B in 2016 and a $10.2 million Series A in 2015. This new raise included investment from Chevy Chase, Maryland-based New Enterprise Associates (NEA), which led its Series A; Adams Street Partners and Cisco Investments, both investors since 2017; and new investors Escalate Capital, Vienna, Virginia-based Blu Ventures and Gaingels.
CFO Lenn Kurtzman, who joined ThreatQuotient in 2015 when the company raised its initial NEA financing, told Technical.ly on Friday that the funding is earmarked for product development and expanding its global go-to-market strategy. The firm has clients in seven countries outside the U.S., and plans to open another headquarters in Spain.
“There’s a lot of growth opportunities in front of us,” Kurtzman said. “We have some new products that are under development right now that you’ll be seeing some announcements on in the next several months, and it’s kind of time to go.”
The pandemic has resulted in a boost in awareness of the importance of cybersecurity, as attacks increase for vulnerable remote workers and organizations. ThreatQuotient has seen that on the enterprise level, too.
“We grew the business really nicely last year, despite COVID. Some of our opportunities accelerated because you had customers who [said] security became higher on their priority list,” the CFO said. “COVID has benefited us as a result of a bigger demand for security products pretty much across the globe.”
The timing of the raise also made sense because of recent activity in the venture capital space — including SPACs, with the local example of McLean, Virginia’s IronNet Cybersecurity going public via merger with a blank check company — advancing the cyber market, said Jonathan Couch, ThreatQuotient’s SVP of strategy. Given the interest, ThreatQuotient saw an opening to bring its platform to new markets.
“We see this as our opportunity to develop some new capabilities, put it out there into the market, work better with our partners, and really make an impact on how companies and organizations approach cybersecurity from here on forward,” said Couch, who joined the company in 2016 following an operational career that included time in the military and federal government, as well as cofounding FireEye-acquired iSIGHT Partners.
ThreatQuotient is also planning hiring for its engineering and software development teams, which are based in their own offices in Mount Airy, Maryland. The company currently counts 120 employees, with 60 in the DMV region and 20 working internationally., with others around the U.S. It plans to grow by 25 to 30% in the next year; check out its current open roles.
With the pandemic-prompted rise of remote work, companies — especially those in the tech space — are considering when and how they’ll return to the office, or whether they’ll abandon coworking altogether. Kurtzman said the company has always been flexible and will continue using a hybrid model.
“The home office is not changing,” he said. “Reston is still going to be our headquarters. Mount Airy is still going to be our Engineering Center of Excellence. We recognized a long time ago that folks can work remotely and that’s what we’ve been doing very effectively for the last year. That’s not going to change. You’re going to see some people come to the office. Some people who live remotely are going to stay remotely.”
“We’re going to go after talent wherever it’s located,” Couch added.
In the next few years, Kurtzman expects growth in number of international clients, which currently make up half of ThreatQuotient’s business, as well as continued hiring. Couch also pointed to growth in the threat intelligence platform and extended detection and response (aka XDR, which helps different cyber capabilities better communicate with each other) markets as being beneficial. The company is not yet profitable, and the execs didn’t say whether there are plans to go public yet.
P.S. It was important for this reporter to know: Is the company still adopting rhinos?
Indeed, it’s up to three now, and “a big part of our culture,” per Couch. “A group of rhinos is called a crash, because they crash into things, and so every time we send out an email companywide, it’s always addressed to ‘the crash.'”
Sounds like this crash is about to get louder.