Trusted Internet Overview
Every technology dating back to the invention of the wheel can be used to help or to hurt, and DARPA’s TCP/IP protocol is no exception. So in 1993, at the dawn of the commercial Internet, Bessemer mapped out an investment hypothesis that demand would explode for defenses from cyber-crime.
Since then, we’ve hosted the founders of many successful data security companies as entrepreneurs-in-residence— Jeff Smith (Tumbleweed), Chris Risley (ON Technology), Mark Jung (Worldtalk), Peter Watkins (MacAfee), Schwark Satyavolu (Yodlee), Chini Krishnan (Valicert) and Liad Agmon (founder of Onigma, acquired by McAfee). In other instances – such as VeriSign, Determina and SiteAdvisor – we started the companies in our offices based on internally developed business plans and subsequently recruited the management teams. Today our security team includes the former GM of Broadcom’s security division (Devesh Garg), the co-founder of both VeriSign and Good Technology (David Cowan), and the founder of Valicert (Chini Krishnan).
To assess security solutions, we’ve subscribed to the principles of security experts such as Bruce Schneier, Ron Rivest and Dan Farmer. We value open, peer-reviewed security methodologies, simple deployments, a service orientation and a clear return on investment. We are wary of security through obscurity, brittle secrets and “strongest chain” solutions. For these and other reasons, we’ve steered clear of security startups in biometrics, hardware, cryptographic protocols, single sign-on and DRM.
Phase 1: Network Security
Our first generation of our trusted-Internet companies set out to fortify enterprise and carrier networks. We’ve funded security startups that sell software licenses (Worldtalk, ON), appliances (Altiga and Sarvega) and semiconductors (Tilera). But the majority of our startups (like Counterpane and Perimeter) sell security as a service, since security solutions must constantly adapt to evolving threats, and it takes highly specialized knowledge to monitor and maintain an effective defense.
The most notable example, VeriSign, was incorporated from our Wellesley, MA office in January 1995 under its original name Digital Certificates, Inc. The company’s operations commenced in March of that year, when David Cowan executed a technology-for-equity deal with Jim Bidzos of RSA, and Bessemer led the Series A financing with Visa and Intel.
Phase 2: Online Identity
Around 2003 we shifted our focus from securing enterprises to protecting consumers and small businesses from threats such as spam, malware and credit card fraud. So we funded startups like Cyota (protects online bank accounts), Postini (filters spam), Intego (secures Macs), SiteAdvisor (fights malware and phishing) and BillGuard (prevents credit card fraud).
As we embrace online activities in so many aspects of our lives, we also expose ourselves to a growing set of risks – not only to our computers and our bank accounts, but to our reputations. How can we protect and promote our good names among lenders, employers, clients, friends, romantic prospects and family? So we led the first institutional rounds in the consumer service startups Lifelock and Reputation.com.
Phase 3: Cyber Defense
Governments now confront large new challenges around data security that startups can help meet. We are partnering with the most innovative security teams (such as Nominum) to help nations secure their infrastructure and to protect internet access and privacy around the world.
Bessemer’s Internet Trust investment practice ranks among our most successful, and we’re proud to have funded more leading innovators in data security and trust than any other venture capital firm (as far as we know). At last count we’ve made 22 investments that have led to five IPOs and ten acquisitions by public companies. At the time we exited these investments, they accounted for over thirty billion dollars of enterprise value and nearly 20,000 jobs.