Encryption & Key Management , Security Operations

Fortanix Raises $90M in Goldman-Backed Funds to Secure Data

Cash Will Enable Fortanix to Extend Its Data Security Across the Public Cloud
Fortanix Raises $90M in Goldman-Backed Funds to Secure Data
Ambuj Kumar, co-founder and CEO, Fortanix (Image: Fortanix)

Large enterprises have been moving applications to public cloud in record numbers over the past few years, but they're faced with managing hybrid environments that straddle clouds and data centers. For highly regulated businesses such as banks, investment firms and hospitals, encrypting sensitive data is an imperative. A single breach from any database could lead to fines and class action lawsuits.

See Also: Fighting The New DDoS Threat

Silicon Valley-based startup Fortanix is looking to capitalize on that demand by offering security and encryption across all major cloud providers through a $90 million Series C round of funding led by Goldman Sachs' equity arm.

The funding will allow Fortanix to add APIs to secure data in Google Cloud, Amazon Web Services, ServiceNow and Snowflake, says co-founder and CEO Ambuj Kumar. Kumar says Fortanix can keep data secure even if hackers have physical access to a network or compromise a machine (see: Confidential Computing: Beyond the Hype).

"The money gives us dry powder to accelerate our growth," Kumar tells Information Security Media Group. "In difficult macroeconomic conditions, some companies win while other companies struggle. History is proof that great companies like Amazon get built during difficult times. We hope to be one that takes that path."

Fortanix has more than 125 enterprise customers including GE Healthcare and Goldman Sachs, and Kumar says getting financial support from the investment banking giant provides credibility and will fuel more customer and business development. The $90 million should allow Fortanix to become cash flow positive and pursue acquisitions of smaller startups that are struggling to weather the economic storm.

Kumar says Fortanix is eyeing acquisition targets with technology in adjacent areas such as data security posture management, post-quantum cryptography or regional or country-specific encryption algorithms. Companies who've completed their Series A, Series B or Series C funding would be the ideal size and maturity level for Fortanix, according to Kumar.

The money will also enable Fortanix to pursue the predictability and scale needed to become a publicly traded company, Kumar says. The markets typically look for $150 million of annual sales by the time a company files for an initial public offering, which Kumar considers a "medium-term goal" for Fortanix.

The Need for Continuous Encryption Key Control

Fortanix's customers have shifted over the past four years from on-premises data centers to cloud, even in heavily regulated industries such as financial services and healthcare, Kumar says. As a result, customers have data in data centers as well as Google Cloud, AWS or Microsoft Azure. Clients thus want to secure their data across these different environments from a single control plane.

Kumar says Fortanix is looking to use part of the $90 million to go deeper with providers such as AWS, evolving from simply being in the marketplace to implementing relevant APIs across the 100 different services offered by the public cloud giant. This would require Fortanix to understand how data is being used by each of those services and build intelligence around them to detect if there's unauthorized access.

Kumar's vision would allow clients to encrypt data across cloud services such as ServiceNow and Snowflake with the single click of a button and be in full control over who's allowed to decrypt that data. The firm today allows customers to generate keys inside Fortanix and bring those keys to the public cloud provider for encryption or decryption, but he says that's a one-time rather than a continuous control.

Fortanix currently has continuous encryption key control across many - but not all - of the services available through Google Cloud, Kumar says. Organizations don't have as much control over data in the cloud as they do over data residing in their own data center, and Kumar says Fortanix can help clients satisfy regulations enacted in 2020 around what organizations putting data in the public cloud must do.

'We Need More Feet on the Street'

From a go-to-market perspective, Kumar says Fortanix is looking to double the size of its salesforce over the next 12 months and increase its headcount across the organization by 50%. The biggest increases in personnel will be in sales and marketing, Kumar says, followed by research and development.

"We have perfect product market fit," Kumar says. "We know exactly what verticals to go after, what customers to go after and with what kind of messaging. So now we need more feet on the street to actually execute that plan."

As far as metrics as concerned, Kumar says Fortanix will closely track annual recurring revenue growth, net promoter score and net dollar retention, with an emphasis on increasing wallet share with existing clients. The world has over-invested in infrastructure security, he says, and Fortanix can help swing the pendulum back and give companies more visibility into where their data resides and how to secure it.

"The time is now right for data-first security because CISOs find their data all over the place," Kumar says.


About the Author

Michael Novinson

Michael Novinson

Managing Editor, Business, ISMG

Novinson is responsible for covering the vendor and technology landscape. Prior to joining ISMG, he spent four and a half years covering all the major cybersecurity vendors at CRN, with a focus on their programs and offerings for IT service providers. He was recognized for his breaking news coverage of the August 2019 coordinated ransomware attack against local governments in Texas as well as for his continued reporting around the SolarWinds hack in late 2020 and early 2021.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.asia, you agree to our use of cookies.