Portfolio News

Our Investment in RiskRecon: Addressing Today's Cybersecurity Blindspot

First published on August 7, 2018

Today we’re excited to announce our Series B investment in RiskRecon, and shine some light on a team that has quietly been addressing one of today’s biggest blind spots in cybersecurity — risk from third-party vendors.

Platform shifts in technology often have an unintended side-effect of opening new exposures to sensitive data. At Accel, we’ve followed this trend for years, backing companies that cover emerging attack surfaces like Tenable (cyber exposure), Airwatch (BYOD), Netskope (cloud apps), Sysdig (cloud-native microservice apps), and Lookout (mobile), as well as new attack methodologies, like CrowdStrike to protect endpoints against advanced threats. Today’s investment in RiskRecon continues this theme. More specifically, RiskRecon is the security tool for the interconnected enterprise.

As the modern enterprise has become a collection of third-party services, the security team’s responsibility has extended beyond their own networks. Security teams now have exposures from any vendor who can access data, networks, or facilities — which has created an entirely new problem for them: how do they extend their security practices to someone else’s network? We’ve now moved to a world where protecting your own network is necessary but not sufficient: you’re only as secure as your vendors.

RiskRecon allows security teams to extend beyond their firewalls, offering a transparent view into vendor security practices. In addition to precise identification of risk, RiskRecon provides a way to automatically prioritize and act on third-party cyber risk. With RiskRecon, teams continuously monitor their vendors and catch security holes in vendor environments before they result in a security problem. It’s by far the best approach we’ve seen to one of the fastest growing problems in cybersecurity.

After spending the last few months with RiskRecon’s founders, Kelly White and Eric Blatte, it became clear to our team at Accel that we had found the product-focused team in this emerging security category. Throughout the security community, Kelly and Eric are respected as the thought leaders on managing third-party risk at scale. On behalf of Accel, we’re honored they’ve invited us on board for the next stage of the journey.