China is advancing an Internet society where economic and public activities increasingly take place online. In the process, tons of citizen and government data is transferred to cloud servers, raising concerns about information security. A startup called ThreatBook sees an opportunity in this revolution and is committed to protecting businesses and bureaucracies from malicious cyber attacks.
Antivirus and security software has been around in China for several decades, but until recently companies bought it simply to meet compliance demands, Xue Feng, founder and CEO of ThreatBook, six, told TechCrunch in an interview.
From 2014, Internet accessibility began to develop rapidly in China, ushering in a data explosion. Information previously stored on physical servers was migrating to the cloud. Companies realized that a cyber attack could lead to substantial financial loss and began to pay close attention to security solutions.
In the meantime, cyberspace is emerging as a battleground for competition between states. Malicious actors can target a country’s critical digital infrastructure or steal key research from an academic database.
“The number of cyber attacks between countries reflects their geopolitical relationships,” observed Xue, who oversaw information security at Amazon China before founding ThreatBook. Previously, he was Director of Internet Security at Microsoft in China.
“If two countries are allies, they are less likely to attack each other. China has a very special position in geopolitics. Besides its tensions with other superpowers, cyber attacks from smaller and neighboring countries are also common. “
Like other emerging SaaS companies, ThreatBook sells software and charges subscription fees for annual services. Over 80% of its current customers are large companies in finance, energy, the internet industry, and manufacturing. Government contracts are a smaller slice. With its Series E funding round that closed 500 million yuan ($ 76 million) in March, ThreatBook increased its total capital raised to more than one billion yuan from investors, including Hillhouse Capital.
Xue declined to disclose the company’s revenue or valuation, but said 95% of the company’s customers chose to renew their annual subscriptions. He added that the company has met “preliminary requirements” of the STAR board of the Shanghai Stock Exchange, the Chinese equivalent of NASDAQ, and that it will go public when the conditions are met.
“It takes 7-10 years for our peers to go public,” Xue said.
ThreatBook compares to CrowdStrike from Silicon Valley, which filed for publication in 2019 and detects threats by monitoring a company’s ‘endpoints’, which could be an employee’s laptops and mobile devices. that connect to the internal network from outside the corporate firewall.
ThreatBook also has a suite of software that goes to the devices of a company’s employees, automatically detects threats and offers a list of solutions.
“It’s like installing a lot of security cameras in a business,” Xue said. “But what matters is what we tell customers after we identify the issues.”
SaaS providers in China are still educating the market and pressuring companies to pay. Of the 3,000 businesses served by ThreatBook, only 300 pay, so there’s plenty of room for monetization. Willingness to spend also differs from industry to industry, with financial institutions happy to shell out several million yuan ($ 1 = 6.54 yuan) per year, while a tech startup might not want to spend. pay only a fraction.
Xue’s vision is to take ThreatBook to a global level. The company intended to expand overseas last year, but was held back by the COVID-19 pandemic.
“We have received a handful of inquiries from companies in Southeast Asia and the Middle East. There may even be room for us in mature markets [cybersecurity companies] like Europe and North America, ”Xue said. “As long as we are able to offer differentiation, a customer can still consider us even if they have an existing security solution.”