Ron Gula on cyber investing: Can't ride all the rides, have to find your 'sweet spot'
Former Tenable CEO and investor Ron Gula said he is happy to see more funding rounds worth $2-4 million for local commercial cyber companies. But Maryland firms may still be several years away from seeing another nine-figure round.
Gula Tech Adventures finished 2017 with 25 investments in its portfolio, including two that remain in stealth mode.
Gula and his wife and investment partner, Cyndi, focus their investments on cybersecurity firms that are headquartered or have a significant presence in the region. And though he views the cyber space as kind of an "investment amusement park," he tries to stay focused on working only with the companies where they can really make an impact.
"There are some really great companies around here doing cool things and it's hard not to look at all of them and want to ride all the rides," Gula said. "But we've found that our sweet spot is really the first-time entrepreneur, helping them get through all those early issues startups face, all the things we dealt with with Tenable."
The companies already seeing some good traction or that have already raised big rounds may not be the best fit for Gula Tech Adventures and what the firm is aiming to do, he said. Gula's goal with his investments is to push young cyber product companies forward and help them grow to a point where they can get the kind of attention his former company has gotten.
Tenable continues to see big growth in Maryland, posting record billings of over $250 million, and raking in $189 million in revenue for 2017.
Gula often says he wants to help grow the "next 10 Tenables" in the region. But there are few companies — so far — that seem to have the clout to become one of those ten. Tenable is backed by more than $300 million in venture funding, including a $250 million Series B round raised in 2015.
Most young Maryland cyber firms are raising capital rounds of a few million at most. For example, Gula Tech Adventures participated in two recent rounds for cyber firms Bandura Systems in Columbia and Automox in Colorado, totaling $3.5 million and $2 million respectively.
Gula pointed to Northern Virginia's Confense, recently acquired for $400 million, and Baltimore's ZeroFox, which is backed by $88 million, as examples of companies that have shown big potential. But he said there is a lot more work to be done in the ecosystem to bring Maryland to the forefront in commercial cyber.
"The list of cyber companies with big revenue is few and far between. That's one of the reasons we got involved here," Gula said. "We're not going to see those major funding rounds for our cyber companies as they are now. But if we keep working to grow them, three to five years down the line, we could start seeing those payoffs."
Meanwhile, Gula said the firm may make a few new investments if the right opportunities arise, but he doesn't expect the Gula Tech Adventures' portfolio to grow much in 2018.
"We're not looking to double, we're looking to double down," Gula said.
The firm is focused on reinvesting in several of its existing portfolio companies and continuing to serve in a hands-on advisory role as they move through new growth phases. For example, Gula said he helped Bandura find and hire its new CEO. That company hopes to grow its marketing efforts and double its staff of 25 by next year.
This article originally appeared in the Baltimore Business Journal.
Facing growing threats and a rapidly expanding attack surface, understaffed and alert-fatigued organizations need more efficient ways to eliminate their exposure to vulnerabilities. Automox is a modern cyber hygiene platform that closes the aperture of attack by more than 80% with just half the effort of traditional solutions.
Cloud-native and globally available, Automox enforces OS & third-party patch management, security configurations, and custom scripting across Windows, Mac, and Linux from a single intuitive console. IT and SecOps can quickly gain control and share visibility of on-prem, remote and virtual endpoints without the need to deploy costly infrastructure.
Experience modern, cloud-native patch management today with a 15-day free trial of Automox and start recapturing more than half the time you're currently spending on managing your attack surface. Automox dramatically reduces corporate risk while raising operational efficiency to deliver best-in-class security outcomes, faster and with fewer resources.