Cybersecurity high-flier answers with invisible multi-factor authentication
Melbourne, Australia – May 13, 2022
Ask Thomas Jermoluk what the biggest problem with today’s security is, and he’s unlikely to even pause for a breath before answering.
“Passwords,” he told Cybercrime Magazine. “Over 85 percent of the issues today with account takeover, ransomware, and supply chain attacks all emanate from this single problem.”
“Passwords are a fundamentally insecure, shared secret mechanism that has been a plague on our industry for 30 years now — and it’s getting worse and worse with the hybrid workforce and remote workforce that has gone on due to COVID.”
Reliance on passwords, he continued, “has created more and more vulnerabilities because every tool that you use has, at its core, a password as part of the login.”
With such a clear definition of the problem, Jermoluk’s success in finding a solution for it has spawned a revolution in an industry that has — along with notable fraudsters, vendors like Microsoft and other entrepreneurs — been crying out for an alternative to time-tested, insecure passwords.
Beyond Identity, the company Jermoluk co-founded in 2019 and is now CEO of, developed that alternative by using industry-standard Secure Sockets Layer (SSL) technology, as well as X.509 digital certificates, to enable passwordless logins that completely do away with the password problem.
“The technology was actually created at Netscape in 1993,” Jermoluk explains, “but at the time nobody knew how to extend that technology to personal usage. But here, 25 years later, we finally figured it out.”
“We figured out how to extend it and put these key technologies onto computers so that all users can participate in the same security system.”
Gartner, for one, flagged the benefits of such a solution years ago in predicting that 60 percent of large and global enterprises, and 90 percent of midsize enterprises, would be using passwordless authentication methods in more than half of their use cases by this year — up from just 5 percent of use cases in 2018.
“Passwordless authentication, by its nature, eliminates the problem of using weak passwords,” Gartner noted. “For organizations, there’s no longer a need to store passwords, leading to better security, fewer breaches and lower support costs.”
The right support to change the world
Yet as always, there is a long way between developing viable technology and building a business around it.
Beyond Identity found out quickly that it had struck a nerve in the industry, after a Series A funding round raised $30 million in April 2020 — just as the COVID-19 pandemic was causing an explosion of credential theft as employees were sent home all over the world.
Beyond Identity’s revenues exploded, growing by 330 percent from 2020 to 2021 and growing its customer base by 640 percent.
Late in 2020, the company secured another $75 million in a Series B round that reflected the steep rise in compromises as cybercriminals tested the defenses of overwhelmed companies that welcomed the promise of passwordless authentication.
Yet it wasn’t the only company pushing hard on the passwordless front: passwordless security “is an exploding market,” Jermoluk said. “There are new companies with new technology, and new ways of doing things are popping up all the time.”
“And how do you navigate that? That’s what venture can provide: they’re invaluable to a company like ours at this stage, in this kind of market.”
Elgamal — who served as chief scientist of Netscape Communications from 1995 to 1998 and was involved in the creation of now-ubiquitous SSL security — currently works as CTO, Security at Salesforce.com after helming a string of security startups on the back of his work at Netscape.
With Evolution having invested in some of the companies that Beyond Identity’s senior leadership team had previously worked with, Elgamal was well-regarded — and once Jermoluk met him, it was clear that Evolution was the right venture capital partner.
Elgamal’s reputation “was what led me to make a decision that we wanted to explore this with them,” Jermoluk recalled, “and we sort of fell in love with each other; I think it’s going to be a great relationship.”
That relationship soon paid off, with a February 2022 Series C fundraising — led by Evolution — raising a further $100 million, making Beyond Identity a unicorn with a valuation of $1.1 billion, and putting Elgamal on Beyond Identity’s board of directors as the leadership team worked to “further accelerate its growth”.
The support of Evolution may be helping Beyond Identity go gangbusters, but Jermoluk warns other entrepreneurs to do their homework before choosing the best venture capital partner for their own business.
“I would advise other cybersecurity startups to do a lot of diligence on who it is that you’re going to hook yourself to,” he said.
“Try and understand what you need: do you need help building your company, in team building and sourcing leads? Or do you need help with your go-to-market strategy and need more sales-y kind of knowledge?”
“Understand what your needs are,” he continued, “and try and map those well against the VCs that are out there. Try and get to know them well so you can understand if they’re going to be a great partner for you on a long-term basis.”
– David Braue is an award-winning technology writer based in Melbourne, Australia.
Go here to read all of David’s Cybercrime Magazine articles.
Evolution Equity Partners is an international venture capital investor partnering with exceptional entrepreneurs to develop market-leading cyber-security and enterprise software companies.
Based in New York City and Zurich, Switzerland, the firm is managed by investment and technology entrepreneurs who have built companies around the world and leverage their operating, technical and product development expertise to help entrepreneurs win.
Evolution has interest in companies utilizing big-data, machine learning, artificial intelligence, SaaS, mobile and the convergence of consumer and enterprise software to build leading information technology companies.
Link: Read More
Source: cyber crime