Former Amazon exec gives Chinese firms a tool to fight cyber threats
China is pushing forward an internet society where economic and public activities increasingly take place online. In the process, troves of citizen and government data get transferred to cloud servers, raising concerns over information security. One startup called ThreatBook sees an opportunity in this revolution and pledges to protect corporations and bureaucracies against malicious cyberattacks.
Antivirus and security software has been around in China for several decades, but until recently, enterprises were procuring them simply to meet compliance requests, Xue Feng, founder and CEO of six-year-old ThreatBook, told TechCrunch in an interview.
Starting around 2014, internet accessibility began to expand rapidly in China, ushering in an explosion of data. Information previously stored in physical servers was moving to the cloud. Companies realized that a cyber attack could result in a substantial financial loss and started to pay serious attention to security solutions.
In the meantime, cyberspace is emerging as a battlefield where competition between states plays out. Malicious actors may target a country's critical digital infrastructure or steal key research from a university database.
The amount of cyberattacks between countries is reflective of their geopolitical relationships," observed Xue, who oversaw information security at Amazon China before founding ThreatBook. Previously, he was the director of internet security at Microsoft in China.
If two countries are allies, they are less likely to attack one another. China has a very special position in geopolitics. Besides its tensions with the other superpowers, cyberattacks from smaller, nearby countries are also common."
Like other emerging SaaS companies, ThreatBook sells software and charges a subscription fee for annual services. More than 80% of its current customers are big corporations in finance, energy, the internet industry, and manufacturing. Government contracts make up a smaller slice. With its Series E funding round that closed 500 million yuan ($76 million) in March, ThreatBook boosted its total capital raised to over 1 billion yuan from investors including Hillhouse Capital.
Xue declined to disclose the company's revenues or valuation but said 95% of the firm's customers have chosen to renew their annual subscriptions. He added that the company has met the preliminary requirements" of the Shanghai Exchange's STAR board, China's equivalent to NASDAQ, and will go public when the conditions are ripe.
It takes our peers 7-10 years to go public," said Xue.
ThreatBook compares itself to CrowdStrike from Silicon Valley, which filed to go public in 2019 and detect threats by monitoring a company's endpoints", which could be an employee's laptops and mobile devices that connect to the internal network from outside the corporate firewall.
ThreatBook similarly has a suite of software that goes onto the devices of a company's employees, automatically detects threats and comes up with a list of solutions.
It's like installing a lot of security cameras inside a company," said Xue. But the thing that matters is what we tell customers after we capture issues."
SaaS providers in China are still in the phase of educating the market and lobbying enterprises to pay. Of the 3,000 companies that ThreatBook serves, only 300 are paying so there is plentiful room for monetization. Willingness to spend also differs across sectors, with financial institutions happy to shell out several million yuan ($1 = 6.54 yuan) a year while a tech startup may only want to pay a fraction of that.
Xue's vision is to take ThreatBook global. The company had plans to expand overseas last year but was held back by the COVID-19 pandemic.
We've had a handful of inquiries from companies in Southeast Asia and the Middle East. There may even be room for us in markets with mature [cybersecurity companies] like Europe and North America," said Xue. As long as we are able to offer differentiation, a customer may still consider us even if it has an existing security solution."