Companies (and VCs) spend billions of dollars on cybersecurity, but mostly focus on protecting infrastructure or endpoints. That’s not always the right approach in a world where data is increasingly distributed across clouds, software-as-a-service applications and storage systems, thanks to the pandemic. In the year According to a 2021 survey, 61% of security leaders in the organization believed their cybersecurity teams were understaffed.
“Businesses and government agencies are looking for new ways to keep their data secure, no matter where it is, especially in the cloud,” Ambuj Kumar told TechCrunch in an email. He is the CEO and co-founder of Fortanix, which aims to decouple security from network infrastructure to keep data secure even when the infrastructure is compromised. Their sensitive and controlled data needs protection throughout its lifecycle – at rest, in motion and in use.
As a vendor, Kumar describes Fortanix as one of the more comprehensive solutions to data security challenges. Some investors agree. Fortanix today closed a $90 million SIRC funding round led by Goldman Sachs Growth Equity with participation from Giantlip Capital, Foundation Capital, Intel Capital, NeoTrib Ventures and In-Q-Tel (a strategic investor in the US intelligence community non-profit). A total of $122 million has been raised, and Kumar said it will be used primarily to expand sales and marketing operations and open new offices in Eindhoven, the Netherlands.
Amidst the broader market slowdown, growth rounds have slowed significantly. At the same time, investors have a lot of dry powder and companies with strong revenue profiles and profitable business models attract a lot of attention, Kumar said. “We are fortunate to be one such company. History shows that great companies are built in tough economic conditions because competitors lack funding, talent is more available and customers flock to stronger products.”
Kumar co-founded Fortanix with Anand Kashyap in 2016. Kumar was previously the hardware design lead at Nvidia and chief architect of the Rambus cryptography division. Before becoming a staff engineer at VMware, Kashyap was a principal security researcher at Symantec.
Fortanix sells software that protects data in public, hybrid, multicloud, and private cloud environments and encrypts databases, as well as manages application secrets (such as usernames and passwords) in the cloud and on-premises. In addition to cryptographic services, Fortanix offers Secret Computing, a cloud computing technology that encrypts data in an encrypted CPU enclave at runtime so that the enclave’s contents are accessible only to authorized program code.
Fortanix’s secret computing technology is built on Intel’s well-established SGX platform. Hardware-based security technology uses trusted hardware in the CPU to create the aforementioned fence, for example, allowing data groups to anonymize personal data in regulated industries such as financial services and healthcare.
With those use cases, at least one firm estimates that the stealth computing market will be worth $54 billion by 2026. The adoption of secret computing technologies has increased in recent years with technology companies such as Intel, Google, and Microsoft. Forming an ARM and Red Hat organization – the Secret Computing Consortium – to advance data protection standards. Startups with competing cryptographic solutions include Opaque Systems, Edgeless Systems, and Decentriq.
To best protect sensitive data, it’s important to think about it in multiple dimensions throughout its life cycle — whether it’s at rest, in transit or in service,” Kumar continued. “Too often, the third dimension, when data is used, is neglected due to inadequate safeguards or misconceptions about security. There have been a number of recent serious malware attacks against the state in use, including the Triton attack and the Ukraine power grid attack. [Fortanix’s] Technology protects applications and ‘sensitive in-service’ data from unauthorized access and tampering at high-risk times, extending security already at rest and protecting data in motion across the network.
Fortanix says it has more than 125 customers, including Adidas, Google, PayPal, GE Healthcare, the US Department of Justice and the Centers for Disease Control and Prevention. Its partners include Elastix and Alibaba Cloud, which run Fortanix’s key management services on their platforms, and Equinix, which leverages Fortanix’s responsive security services. IBM Cloud is another partner – paired with Fortanix on a service that protects data in use.
“In most cases, it becomes clear that our core business is not enough to try to keep our customers safe, and it is not enough to educate them on the benefits of information-first security. In a few respects, we compete with legacy data security providers such as Thales and HashiCorp.
Kumar declined to disclose revenue figures when asked. But Fortanix has assured me that it will continue to grow and plans to increase its headcount by 50% to 225 next year.
“We are certainly aware of macroeconomic conditions. However, data security and privacy are central to business globally and we continue to see strong demand for our offerings,” Kumar said.
