Cybercrime is on the rise globally, with $2,900,000 lost to attacks every minute. While many companies believe they are prepared for an attack, very few are prepared to recover. As for the ones that are preparing? In a lot of cases, they’re preparing in the wrong way. Fresh out of stealth, BreachQuest is a startup re-engineering the way companies across industries can prepare for these potentially crippling cybersecurity breaches.
With a recently announced $4.4 million in seed funding and helmed by renowned cybersecurity experts, BreachQuest is building a cybersecurity platform and offering world-class services designed to elevate company’s security protocols with an outside-the-box approach that embraces the notion that attackers will succeed. The key is empowering companies to know what to do when it happens.
We sat down with co-founder and CEO Shaun Gordon (ODF8) and Senior Account Executive Jake Davidson (OD50-2) to discuss how their paths crossed at On Deck, and how BreachQuest plans to leave their mark on the cybersecurity landscape.
What drew you both to the cybersecurity space and how did you find each other?
Shaun: If you were to rank the industry as an economy, cybercrime would be the third-largest economy in the world. It's the US, China, cybercrime. And that's just a huge, huge number.
Cybersecurity is at this interesting intersection of different political and national security elements, as well as all kinds of social and financial elements.
There were two moments in my career that I remember very clearly where we had some form of a cybersecurity incident. The first time was a near miss. The second time we got hit. Fortunately, the damage and impact was extremely limited, but it was very scary.
After that, I started looking to acquire cybersecurity companies in 2019. I explored a lot of opportunities, but in each case the stars did not align and couldn't close a deal. As frustrating as it was, it opened the opportunity for my cofounders and i to come together. At the same time I heard about On Deck and joined. The connection between going through the On Deck Founder Fellowship and discovering the BreachQuest opportunity makes this all the more special.
Jake: I went to school to get into tech sales... No, I'm kidding, I don't think anyone does that!
What drew me to cybersecurity is tough to narrow down to a single key point. I will say, the things I enjoy most about the industry are its challenges, and being a part of the community that's banded together to make everyone's world a more secure place.
The industry moves quickly, meaning tech advances very quickly. Things are very fluid, and it makes every day different from the last. It’s an exciting industry to be in.
Even though I was always passionate about cybersecurity, I wasn’t technical enough to just build my own cybersecurity product. I started looking for very early stage companies and was having trouble with it. My buddy Alan, who just sold his company, had gone through the On Deck Founder Fellowship and said their network is great and that I should go check it out.
Right out of the gate at On Deck First 50, I started doing research by just typing “cybersecurity” into the On Deck Directory. That’s how I found Shaun. I reached out to five or six people and had really good conversations, but I ended up joining Shaun at BreachQuest. I had two or three weeks of OD50 left when I started full-time. I would not have found him without On Deck, because the company was in stealth.
Cybersecurity is such a competitive industry, and your competitors are giant organizations. What has been the prevailing trend in this legacy industry that you’re setting out to change?
Jake: Historically, companies have always been slow to respond to breaches.
It’s because the process isn’t streamlined at all. It can take 48 to 72 hours just to gather the information needed to start forensically piecing together what happened. It takes much longer to get your systems back to a state where the company can operate. And that's the attackers’ goal.
Your company is losing money every minute it's down. So, our mission is to help companies better prepare. There are new companies in this industry every single day, and a lot of them are trying to do similar things with minor tweaks. But the cybersecurity industry has become incredibly fragmented.
It’s not uncommon for companies to have to work with five or more vendors to address various issues across their cybersecurity program. While large companies like Microsoft and VMware are making strides towards a more intrinsic approach to technology in this space, there are big gaps on the services side. What BreachQuest is doing differently is aiming to build a solution that's really never been built before.
Shaun: A lot of the cybersecurity spend out there is focused on protection, this wall they keep building higher and higher, and attackers keep finding cracks, drilling through, going under, going over. And while organizations have backups, there is a gap in the middle where preparedness should be.
We start from the position of embracing attacker effectiveness. With our team’s expertise, we're coming at it from both sides—attacker and defender—and we embrace the outcome that attackers will succeed.
Like Jake was saying, it could take weeks to get back to a point where the company is operational again. In some cases, months. If we can take that down to hours, or maybe someday minutes or seconds, and have that transformation, by being better prepared, and providing a better response, that's the reimagination of the whole space that we're trying to do. Other players in the landscape are trying to do that through a number of other ways, but not really fundamentally transforming it. Some of them are trying to reduce costs by outsourcing. That is not really what we believe in. It does not represent a technological leap forward or materially elevate defensive capabilities against threats.
A lot of our competitors will do forensic work and help identify vulnerabilities, but won't work with you to better prepare ahead of the next incident. We're unique in that we're offering an end-to-end solution from incident response and forensics, to response and recovery; and further on into advisory services and incident preparation.
How did BreachQuest start and how big is it today?
Shaun: When we started — we didn't even have the name BreachQuest yet, but we knew we wanted to work in incident response — we started getting some phone calls. One night, it was 2 AM on a Sunday, we got a call. It’s an international case, at a major company. They tell us they had four servers that were infected, and they were getting extorted.
Of course, that became 40 servers infected, then 400, then 4000. This ended up being one of the largest financial services data breaches in this particular country. We didn't have, at the time, a full-time team that could service this, but due to the quality of our founding team and their connections within the industry we assembled a best in class team and resolved the situation — basically trial by fire. And that's how this company was born.
That first major call came from Overseas— can you give more examples of the customer profile you’re working with now? Is there anything different about approaching cybersecurity on the international level?
Shaun: We have one of the world’s biggest financial services, one of the biggest laboratories in the world, and many healthcare companies.
I'm very proud to say we have Fortune 100 customers already on our list. We also work with medium-sized companies.
However, I will say — a lot of the companies that get breached are small mom and pop shops, and they don't have any security programs. We can come in and be their virtual Chief Information Security Officer (CISO) and do security engineering work for them that they otherwise could not have done.
Jake: When it comes to working with international companies, there is not much difference. Yes, they may need to adhere to different compliance regulations, work in a different time zone, or speak another language, but at the end of the day, they’re facing all the same challenges as domestic companies.
What’s next for BreachQuest now you’ve secured your raise and come out of stealth?
Shaun: We've got a services business, and we've got a product called PRIORI in the works. We want to develop and get the product out there.
An average breach takes 280 days to detect, 334 days to contain, and costs organizations an average of $3.9 million. We’re designing PRIORI to improve the scoping of response, remediation and recovery efforts associated with a breach. Currently, incident responders are doing most of their work on spreadsheets, which means important data can and will fall through the cracks. With PRIORI, we’ll be able to automate a lot of this and address the challenges around visibility and tracking. Essentially, PRIORI completely redefines and reorients the cyber incident response process.
Many cybersecurity companies are challenged by their customer acquisition costs. Our business model was intentionally designed to mitigate customer acquisition cost while minimizing recovery time and breach cost.
Today, we have almost 40 people full-time. I'm very proud of the team we have assembled and we've grown a lot. I love to tell people as an entrepreneur that big things start small.
Hiring more talent from On Deck is also something that is on my radar. I've recommended two or three people that have now signed up for On Deck Scale and, and of course, most of all, I think it's meeting people like Jake and the others that we're going to meet through On Deck that I'm excited about.
---
If you want to be at the forefront of disrupting the cybersecurity industry, take a look at BreachQuest’s open roles here.
Investor's note
Note: This is part of a series where we talk to On Deck Founders alumni about the companies they’re building and what it will take to propel them to the next level. Consider joining our incredible community of founders who have launched over 1000 companies worth over $9B. Apply here.