It seems like every week there’s some new high profile data breach. Credit card numbers, addresses, nude photos, Democratic National Committee emails—you name it, hackers have stolen it.
Amit Saha, the CEO of Saviynt Inc, the El Segundo-based security vendor, said the problem has only gotten worse during the pandemic, with so many people working from home and using their personal computers to access corporate networks.
For Saha and his company’s 750 employees, that’s created a lot of work—and an opportunity. Saviynt announced Monday that they’ve secured $130 million in capital financing from HPS Investment Partners and PNC Bank to expand their cybersecurity SaaS technology. It’s a big bet that the pandemic-fueled demand can help them build a more global company.
The principle behind the tech: trust no one. “Whenever someone is presenting an identity—claiming who they are—we do not trust the credentials they provide,” said Saha. “Rather, we factor in all the different attributes. Where are they logging in from? How frequently are they accessing? What are they trying to access? Based on all those factors we decide what is the right level of trust we need to impart.”
This concept of verifying identities and controlling who has access to what is paramount to maintaining network security.
Data breaches can start, he said, with something as simple as a contract HVAC worker clicking on a suspicious link and inadvertently installing ransomware on his home computer. Suddenly, hackers have a portal to a corporate network.
“That contractor’s access got compromised and that compromise, in turn, leads to compromise on some other access,” said Saha. “The hackers are able to hop from one system to another until they got to the right set of resources, which in turn leads to breach of sensitive data or in some cases breach of your IP. The IP could be a movie…without naming names,” he said in what seemed to be a nod to the infamous 2014 hack of Sony Pictures.
Saha said the funs will help the company expand to new geographic markets. The company has a strong presence in North America and India, and much of the new cash is earmarked to help them build up a presence in other countries.
Additionally, some of the funds will be used to invest in system integration partners like Deloitte, who help to install Saviynt’s technology on corporate networks, many of which are cloud-based and require extremely fast response times and greater degrees of scalability than traditional on-premise networks.
The rest of the money will go towards research and development as the company seeks to bring new products to market that allow the company to verify human and machine identities across networks.
If the company has its way, their “Zero Trust” philosophy could help companies like Sony, or Facebook, or LinkedIn, or Yahoo, or Alibaba, or Marriott, or AdultFriend Finder, or Adobe, avoid another embarrassing breach.
“We are all about, ‘how do we secure the person’s access?’” Saha said. “How do we assure that people accessing that resource are the right people and that they’re behaving the right way?’”