Interview with Rita Gurevich, Whose Hoboken-Based Cybersecurity Startup SPHERE Received a $10 Million Series A Investment
News came Thursday that SPHERE Technology Solutions, a woman-owned cybersecurity governance company in Hoboken, had secured $10 million in a Series A round led by ForgePoint Capital (San Mateo), a well-known VC firm specializing in early-stage cybersecurity companies.
The other participating investors included Omkhar Arasaratnam (former executive director, head of data protection technology at JPMorgan Chase), Joel Caminer (former global head of technology risk management and information security at TD Securities), Adnane Charchour (former president and CEO at Scivantage) and Sounil Yu (former chief security scientist at Bank of America). Don Dixon and Will Lin, managing directors at ForgePoint Capital, will join SPHERE’s board of directors.
NJTechWeekly.com has been following SPHERE and the career of Rita Gurevich, founder, president and CEO of the startup, who had bootstrapped the company since its beginning in 2010. Gurevich founded the company after working at Lehman Brothers, and after identifying a niche opportunity to help big, globally regulated companies get better control of their information, Gurevich told NJTechWeekly.com in 2012.
We actually are their first fully virtual investment, which was pretty interesting. Also, I am their first female founder, also equally interesting.Rita Gaurevich, SPHERE
SPHERE’s solutions focus on “entitlement creep,” when more and more employees accumulate permissions to access data they might not need to use over time; this makes it more difficult to safeguard the data from those who shouldn’t be entitled to see it at all. The company started out with a service that Gurevich often described as a “ninja” or “data janitor,” which would clean up the client’s governance messes. Later, the company productized its services into a purpose-built automation platform, SPHEREboard. With the current investment, SPHERE will be introducing SPHEREsoftserve, a managed services operation combined with the company’s SPHEREboard product offering. SPHEREsoftserve combines automation and expertise, Gurevich told us.
It’s a twist to see a startup with solutions that require boots on the ground attract venture capital, but Gurevich noted that the company’s products enhance automation and make the governance exercises the client has to perform more repeatable. She believes that ForgePoint came to the same conclusion that she did: There is no substitute for expertise when helping customers, especially those implementing a solution for the first time. And she added that SPHERE has been doing this, day in and day out, for over a decade.
Our interview starts here:
- How did you raise money during a pandemic?
It started very organically. I wasn’t out there fundraising, but in my travels I had definitely come across many firms that were interested in and understood my business. And ForgePoint Capital was one of those. There were a lot of mutual relationships that existed, and over the years we would casually check in to let them know how everything was going. Last year, towards the beginning of the year, one of those touch points came up, and I caught up with one of the managing directors. I started to realize that we probably had reached the capacity of what we could do on our own organically.
[I] decided that, in order for me to really focus and be able to execute on some very critical strategic initiatives that we had set up, to get our brand awareness out, and to get advice from a tried-and-true partner, going with ForgePoint was the right decision. So, we started to talk to them before the pandemic took hold. Once we started to get deep into the conversations and really peeling back the onion on what we see out there and what we want to execute, we knew it was the perfect marriage of capabilities and expertise.
We actually are their first fully virtual investment, which was pretty interesting. Also, I am their first female founder, also equally interesting.
- Had you taken angel investment earlier in the company’s history?
We’ve been fully bootstrapped, even through a transformation that we focused on [during] a handful of years ago to productize all of our services. Our services practice essentially funded the R&D for our product.
- Going through this process, whom did you rely on for advice?
We have some exceptionally talented people in the company that I relied on already. Also, I’ve made some close relationships with advisers who have guided me on various initiatives and whom I’ve relied on well before I ever contemplated partnering with an organization like ForgePoint. …Adnane Charchour, who is now on our board of directors, was an adviser to our company for a number of years before ForgePoint came into the fold. So, we had a good network of people we could ask for advice. ForgePoint is just so attuned with our industry, and their advisory network is vast and massive. The other companies they have invested in, and I’ll now call them our sister portfolio companies, are very well known as true innovators in the space, so we know we are surrounded by good people who know this space, know what the customers need and have the right level of empathy for the challenges the customers encounter.
- How did your business fare during the pandemic?
At the beginning of the pandemic, the number-one goal of our customers, who were primarily large financial services organizations, was to get everyone working remotely. The only thing that mattered was making sure that the network could handle it and that there were remote connectivity capabilities to make them operational off-site. Everything else went on the side burner, either temporarily or permanently, and no one seemed to know when they would refocus. Luckily for us, when it came to security and understanding and implementing the right access controls, our customers started to focus on that space more than they did before. While everyone had privileged access and zero trust on the forefront of their security minds, that was when people were in an office. … Now with people working at home, and a lot of people uncomfortable in their personal lives, the security departments saw their concerns from a risk perspective grow exponentially.
- What will you use the funds for and what is your strategy going forward?
During the pandemic, all of our customers greatly accelerated their cloud journey, which was interesting to watch. These are big, large global banks who were initially hesitant to give the keys to the kingdom away to the cloud providers. So, what we’re focusing on with the investment is to stay true to what we do in terms of analyzing and securing access controls, but to expand coverage to not just their on-premises systems, servers, applications and identities, but now to all the cloud platforms that they’re starting, or are well on their way to finishing things with their migration. Office 365 is the first platform that we decided to focus on. And now we are building out connectors, reporting and remediation capabilities for clouds like Amazon . That’s one area that the capital will be used to accelerate,
We are also building out a proper managed service desk. What we’ve learned is that there is a massive shortage of cybersecurity talent and thought leadership who have executed the programs, experienced all of the edge cases and roadblocks and nuances that come along with these programs.
Will you be hiring, and will you hire in New Jersey?
We will be hiring a lot of really smart subject matter experts. We’ve been focusing on bringing on a product manager for all the different silos of solutions for which we provide access control management. We’ve brought on all sorts of developers that focus on workflow automation, to make the product even more seamless to the end user.
I would say, we’re still focusing heavily on local talent. We cater to big, regulated industries mainly — at the moment, financial services — and you can’t get any closer to Wall Street than the area that we’re in right now. It’s important for us to stay true to where the customers are deployed. But obviously, with our focus not just on the local area, we are strategically looking at other cluster cities as well.
