- 15 hours ago
Category
🗞
NewsTranscript
00:00What were some of the challenges that Darktrace faced in being not only a publicly traded company,
00:04but a publicly traded company in London? Yeah, great question, Jordan. Hi, everyone.
00:08Nice to be with you today. So first of all, Darktrace is a brilliant company, an incredible
00:13product. It grew really quickly just on that foundation of a really strong product that
00:18served customers really well. We're AI native, and so we were AI before it was cool, if you will,
00:22to protect customers, their networks. Specifically in the beginning, we were network detect and
00:27respond, then email, and then cloud. And so when Toma Bravo made the purchase, it was really on the
00:33foundation of that product strength. What challenges did we face before? That's really in the other
00:39parts of the business, which is we'd grown so quickly that we didn't have foundational systems
00:43to support future scale. And the nice thing about Toma Bravo is that they have the resources that
00:49help us create those foundational systems in scale, not just financial reporting, but also people that
00:54have experience with growing small companies into larger companies and creating that ability for
01:00companies to grow into the billion, $2 billion, $3 billion range. The other thing that it gives us
01:05is access to capital. And so it allowed us really to look at creative acquisitions. And as you know,
01:11we acquired a UK company recently called Cato. It's a cloud forensics company. And that's absolutely
01:17where the majority of total addressable market is today is in this cloud space.
01:20Were there particular challenges being publicly traded here in London? We've talked before about
01:25access to capital and the ability to recruit people, like the ability to recruit and offer
01:31stock options is just different here in the UK than it is in the US. Can you talk about some of those
01:35challenges the company face? It is different. There are limitations on how much equity you can provide
01:40an employee in a UK company when you're regulated here in the UK. Those limitations don't exist in the
01:45US. And so we have a lot more ability to share equity with our employees, which is nice.
01:49Right. Right. And another question on this topic is, so one of the aspects of private equity's
01:56ownership of cyber companies that we've done a lot of reporting on is the fact that the leverage buyout
02:00is still the preferred vehicle for private equity. Dark Trace is no different. The purchase price was
02:075.3 billion. The debt reporting agencies noted after the deal that 2.1 billion of that deal was debt.
02:15That debt is rated highly speculative, right? I mean, that's what the rating agencies say. What do you
02:22think about that kind of brand, right? I mean, this is the PE. This is the way PE companies are evaluated
02:28by the markets. Do you agree with that kind of label or? Well, I think the rating agencies are rating
02:35the private equity companies in general across all of their investments. And so, you know,
02:43debt is an interesting conversation topic because for a CEO, I'm trying to run the business, right? And
02:49I know that Dark Trace has a debt structure. I know that Tom and Bravo is very careful with how they do
02:54that. We actually have a very high amount of equity. The composition of debt to equity is actually
03:00debt very low in the Dark Trace case, which I think is actually very positive.
03:05And day-to-day, I don't think about it. I don't think about it at all. I'm creating a profitable
03:10business with a team of incredibly brilliant people here in Cambridge and the UK, right,
03:14in London as well. And we have a growing team around the world. We're all focused on growth
03:18and on creating a profitable business, driving EBITDA. And then we use that to pay the interest
03:23on the debt. So it's really not something that impacts the business on a day-to-day basis.
03:27Have you had to make any changes to the business structure because of the debt? Have you had to cut
03:31back in any areas? No. I mean, Dark Trace was already an extremely efficiently run business
03:35because we are an AI native company. Our cost for R&D, and again, all of that space in Cambridge,
03:40is exceptionally low comparatively. Perfect. One more question here and we'll get to
03:44Evgeny. Have you talked with Toma Bravo about a timeline for an exit? At this point, we're in year
03:50two of the acquisition. PE firms typically like to hold companies for three to five years. What is your
03:56what is your expectation for in terms of timeline? There are a number of dynamics that go into any
04:00exit, right? And TV will keep an eye on that and watch it for us. Again, my focus is truly like
04:05growing the company, ensuring that we're taking care of our 10,000 customers, growing that billion
04:09dollars in revenue to an even bigger number. And as long as I do that well, I have confidence that,
04:13you know, together we'll make the right decision at the right time. Perfect. And if you listed again,
04:18if you went public again, would you consider listing in London again or would it be somewhere else?
04:22I think there's all sorts of considerations. I mean, Orlando has been here in Europe quite a
04:26bit and in London specifically. And he's talked about, you know, really appreciating the market
04:30that we're in today and, you know, his involvement in it. Terrific. Evgeny, I want to get to you as
04:35well. I mean, this private equity idea is also relevant to Armas. Bloomberg reported earlier this
04:40year that Toma Bravo, you know, was in discussions with the company to, you know, about a potential
04:44acquisition, valuing the company potentially, you know, as much as $5 billion. Are you able to confirm
04:50that those talks are ongoing? Are you able to confirm the talks and whether they're ongoing?
04:55First, great to be here. Great to see everybody. Armas is growing really, really fast. We're growing
05:02consistently over 50% across the 300 million ARR mark right now. A lot thanks to the great demand,
05:10the great demand that we are witnessing right now because of attacks on critical infrastructure.
05:15Basically, like all the geopolitical tensions, Russia, Iran, and North Korea, everybody, you see a lot of
05:25targeting infrastructure, targeting national infrastructure, the most critical areas from
05:30airports to grids to manufacturing in the US, in EMEA, we see a lot, UK as well. And that's why there is a lot
05:39of interest in the company. What I can share is that there are a lot of offers on the table
05:44at Armas. I think that recently when Bloomberg reported, there were like 10 different offers,
05:51rounds of funding from 100 million to billions. And what we are focusing is to continue and grow fast.
05:59We set a goal of a billion in ARR in three years that we are growing fast into that. But I can say that
06:05we are going to continue to be an independent company. I want to be in the Hall of Fame of cyber,
06:11grow to a billion in ARR, two billion and more. We have an opportunity. We are the leader in cyber
06:16exposure management and security space. Super unique opportunity and couldn't be more excited about
06:22the future. And are you still, you'd spoken before about plans for an IPO next year. Is that still
06:28your plan? So we believe that end of 26 or early 27 can be a good time. It's all
06:35depends on the market, of course. But our most important metric for me as a CEO is, again,
06:42the growth and the leadership across all our products and to grow to a billion and more,
06:47of course, in ARR in the same ratios of winning and also the percentage of growth. Super unique. No
06:55other public cyber company right now does it. And we have a unique opportunity to go out and
07:01be that leader from that perspective as well. But we'll always align with the market conditions.
07:08We'll do what's best for the investors. And we're not in a rush. It will be one great milestone on the
07:15way to the billion and to billion in ARR and to building a generational business.
07:20Something we've talked about before as well as the idea that most cybersecurity companies don't go
07:25public. Most cybersecurity companies are acquired. And the reason for that tends to be that cybersecurity
07:31products are very narrow. They perform one specific function very, very well. You talk about plans for
07:38an IPO potentially next year. Why do you think Armist will be different?
07:42So from the very beginning, we were solving a really, really big problem. Basically, the explosion of
07:49connected devices, assets in a variety of different environments, the gaps around operational technology
07:56security, medical device security. Everybody knows. Basically, those are things that we all see,
08:02manufacturing plants, retail stores, distribution centers. They're at the core of the business of
08:08companies that, I mean, imagine in CPG, airlines, and basically the business depends on it. Being able to
08:15protect those is top priority for all organizations. We've seen that gap. We've expanded more also into
08:21the asset management space, what Gartner would call chasm. We expanded also into remediation and
08:27prioritization of issues, finding vulnerabilities in cloud, code, not just in the OT and IT world.
08:34We continue to do more and more, all per the feedback of our customer advisory board. I can share that
08:41myself personal. I'm spending time with at least 10 customers a day, basically five prospects,
08:47five existing customers, and listening to them about what's next, what is the most important for
08:53them for us to build. And this is how we are growing. So it always aligns with what customers
08:58really need, where real budgets are. And customer expects us to build that platform. And what we see in
09:06cyber, and you mentioned all the acquisitions, our customers, they want to rely on 10 to 15
09:13main vendors, not on 70 or 80, or sometimes I heard one that 140 vendors, cyber vendors for one company.
09:22They want those 10 to 15 that can perform a lot of different things for them, protect the different
09:29areas, protect different types of environments, expand more. They want to trust those specific
09:34real platforms. And this is where we have grown to be. We have customers that are using four products
09:41from Armis and growing more. And the new products that we are releasing in the next few quarters will
09:47be also the core of our cyber exposure management. It really does appear that if you want to be a
09:52publicly traded cyber company, and you would know this, you know, you have to be a lot of things to
09:57a lot of people. You can't just be one thing to a lot of people. You have to be a lot of things,
10:01a lot of people. Just to give you a sense of what some of these technologies actually do,
10:04you know, the core of dark trace technology is machine learning. Machine learning applied
10:09to your network to figure out what is normal, and then ideally, what is abnormal. In the
10:13case of Armis, we're talking about a lot of things. Vulnerability management, understanding
10:17what's on your network, understanding what should be there, what shouldn't be there, things
10:20like that. And these capabilities become increasingly important with the advent of generative AI.
10:25And in our earlier conversations, you know, I mean, I've spent a lot of time as a cybersecurity
10:29reporter for Bloomberg trying to figure out how are hackers actually using generative AI?
10:34Not machine learning, not, you know, AI as we would typically think of it, you know, a few
10:38years ago, but generative AI. And Joe, you've got a great story about both the use of the
10:44technology, the use of generative AI by adversaries, and also the human role, human vulnerabilities
10:51that so often lead to attacks. I mean, we've been, we wrote a lot in the past few months
10:55about cyber attacks on M&S and co-op and Jaguar Land Rover. These were devastating cyber attacks
11:01that were caused by human fallibility, call center operators letting somebody into a network
11:06when they shouldn't. Do you want to tell your story about the job applicant that Darktrace
11:10had that kind of embodies a lot of these threats and use of generative AI by hackers?
11:15Sure, I'd love to. And, you know, we talk about deep fakes, and then we also talk about novel
11:21social engineering. And that's like a lot of big fancy words for new human manipulation, like,
11:26finding new ways to manipulate humans around the world with AI, right? So in this case,
11:33Darktrace had an applicant for a role, an engineering role, and we were interviewing some remote
11:38candidates. We got a CV, a resume in. Resume looked pretty good. We said, okay, we're interested
11:44in this candidate. Can we also get some examples of your work? GitHub does a nice job of providing
11:48a profile and a portfolio of those engineering experiences, like some code that you've written.
11:55And so we got the GitHub profile. We're able to look through that, and that all looked right.
12:00And so this candidate made it into a Zoom interview. And the Zoom interview was done from one of
12:05our other lead engineers, really sharp people working at Darktrace, right? And he looked
12:10at the window in the back, and he thought, you know, this candidate should be awake right
12:15now, and yet it's dark out their window.
12:17The candidate was supposed to be in Ireland, right?
12:19The candidate was supposed to be in Ireland. Quickly after, he said, wait, is it dark outside?
12:24The interview ended. Okay. And so then we started to look, and that candidate somehow
12:29disappeared. And what your investigation later uncovered
12:33was that all of the background on this person, the LinkedIn, multiple GitHub repositories-
12:39Were AI generated. Were AI generated, and part of the way you're able to, how were you able
12:43to tell that? Was it the amount of time that it took to create these sites, like the succession
12:48in which they appeared? Is that how you were able to tell that Generative AI was used for
12:51it? Exactly. It was too short. It was too short from when we saw each of these things. The
12:55LinkedIn profile was relatively new. The GitHub profile had actually shown up to be relatively
12:58new. So the bottom line of this is, you know, you have really effective, convincing, persuasive
13:05background stories of people, right? Their profiles, LinkedIn pages, GitHub repositories,
13:10showing how you write code, which was the type of job that they were applying for. Well, and
13:14Jordan, this is why it's so important that everybody here hears the stories, because we all have
13:19to be aware, right? We can all be exploited in different ways if you're not kind of aware
13:23of what's going on. Yeah. We had a guest on a panel earlier
13:25from Palo Alto Networks who described an attack that they investigated recently where it was
13:30a North Korean IT worker who was, this is an increasingly common scam where you'll have
13:36IT workers gain access to a company through the recruitment process and through jobs. And
13:42the case that they investigated, this worker got a job, was employed, was doing the job,
13:48but was using a Gen AI deep fake visual every day on their video Zoom calls to trick their
13:57co-workers into believing that they are someone that they are not. And that is to gain access
14:00and get deeper in the network and escalate, you know, your privileges. Now, Yevgeny, how are
14:05you guys seeing, I love the story of the recruitment because that is such a human vulnerability that
14:09is very easy to exploit. One of the other things that we've learned is that generative AI, hackers
14:16are using it to shrink the amount of time between when a vulnerability is disclosed in critical
14:22software and when that software is exploited. Used to be that gap would be 24 hours, 48 hours.
14:28Now we understand it's as little as four. So you've got a vulnerability that comes out at
14:33midnight by 4 a.m. You've got active exploitation on your networks. Is this a trend that you're seeing
14:38as well? So definitely it's a it's a great point and we've been in our labs team have been working
14:45a lot specifically on how can we provide an early warning to our customers in terms of
14:51vulnerabilities that actually exploited because you have so many vulnerabilities and like vulnerability
14:56management teams are small. So the ability to really prioritize and focus on what's really exploited is
15:02something that we really help our customers and focus with our labs team. Focus on how can we do
15:08it as fast as possible and definitely when we are seeing with the AI that that time really shrinks
15:15and we need to move faster. This is something that we are working very hard. Amazing amazing team of
15:20cyber security researchers and analysts that are doing a great job and being able to deliver
15:26faster for our customers. So do your analysts and defenders do you have to use generative AI
15:33to also shorten the the time that you take to respond because it's not just the hackers that are using
15:38it. Yeah so on one hand the hackers are using it and we talked also in the past about the scale right
15:44hackers are leveraging like the simplest tools they can leverage AI to get a much bigger scale in general
15:51with the same tools even. On the other hand as a defender we have one we know our environment we know
15:58our environment better than anyone else so if we do the right things we can map it we can understand put
16:04the right traps put the right compensating controls in the environment to make sure that to prevent a lot
16:11of these attacks even before they happen some of these exploits as well if you know let's say a camera
16:17that is being exploited and it doesn't have any access to the internet or any access to specific
16:23IP addresses in specific countries I've already reduced the risk significantly from the very beginning
16:29so a lot of these things we are we would do in the beginning in the first you know several days that
16:35we work with the customers so compensating controls in the era of AI are super important because we know
16:41the environment better than the attacker and that's something that is very significant we definitely
16:47invest a lot in their R&D product I think that we have a lot of conversations about AI replacing
16:53humans I think that there is no replacement for human talent but what can happen is we can be
16:59much more efficient same you know 200 300 R&D and product developers can be way more efficient and
17:06AI will will really drive it and we are seeing it already in terms of productivity and another another
17:12thing I want to touch on quickly we only have a couple more minutes left is you know ways that
17:17this is a question that I ask a lot of people that I interview how are your organizations using
17:21generative AI independent of fighting hackers and things like that and Jill you had a great example of
17:26you know product demos I didn't know that product demos can be so long can you tell me how you're
17:32using generative AI to help you with your product demos sure so let's think about product demos not
17:37just as a sales tool but also as a way to train our customers right so we're often videoing scenarios how
17:44you'll use the tool that could be an hour long hour and a half long demo to show every detail of the
17:48tool and how to use it right so whether it's sales or training it's it's a lot of work to go in and recreate
17:55that demo when there's a product upgrade so okay dark trace has product upgrades all the time and
18:01honestly with the way that our innovation schedules are running right now that's at least quarterly
18:06well we don't want to re-record each of our product demos every time now we can use
18:11uh voice generators to type in that code and match the voice that is on the demo so that if you just
18:17want to replace a small segment maybe it's a 15 second segment of that hour-long demo you can go
18:22do that relatively easily rather than setting up a production studio again setting up the demo and
18:27completely re-recording because the idea being you know if you've got to re-record a two-hour product
18:32demo that's a lot of people's time you have to book a studio right I mean that's so it's a small use
18:36case but I like that because that solves a problem right it's a very focused use case and it's a great
18:41productivity enhancer for our teams and as you mentioned enterprise software makers now are
18:45releasing code every week this isn't like every month or every quarter like it used to be it's
18:49every week Evgeny we got you know 20 seconds left is there uh is there a use case as well for generative
18:54ai within armis that uh that you want to mention so one like this is a great use case on the on the
18:59product demo side definitely a great idea which are one of like my favorite one is that right now when you
19:06go to the armis console for as a customer you can just ask like what are the top you know three
19:13things that i can do today that will reduce my risk the most and get an answer from from armis like one
19:20two three and go and continue and reduce risk this is super significant customers love it and it was
19:28great work by our teams leveraging ai
Recommended
1:22
|
Up next
1:58
19:15
1:57
19:04
9:42
6:50
6:23
5:51
4:37
0:28
2:18
6:03
5:42
3:58
19:43
14:52
6:26
11:44
5:43
17:49
2:58
15:17
3:35
14:55
Be the first to comment