A growing wave of tech layoffs have given rise to remorseful CEOs’ lamentations that they hired too quickly during the pandemic. At startup Material Security, Ryan Noon says he faces no such problems; if anything, he says, he’s hired “probably a little slower” than he needed to. “I think the last couple years of Silicon Valley will be remembered as an especially wasteful age,” says Noon, who is cofounder and CEO. “You don’t need a lot of people to do a lot if you have the right people.”
Material Security employs less than 40 people, but has kicked above its weight class to sign on enterprise customers like Mars, Stripe and insurance giant Chubb for its security software that can protect emails even if they are hacked. “We’re significantly outnumbered by our customer count by at least a binary order of magnitude or two,” Noon says, adding that he hasn’t lost a single customer yet.
Now, as others reckon with oversized payrolls, Noon thinks the time has come to grow his staff. Investors agree and have poured $100 million in fresh funds announced Wednesday into the Redwood City, California-based startup. The Series C fundraise, which values the company at $1.1 billion, was a mostly insider round, led by existing investors Founders Fund, with participation from past lead backers Andreessen Horowitz and solo investor Elad Gil.
In the pandemic era alone, Russia-backed hackers breached the Microsoft Office 365 email accounts of various U.S. government agencies, while hackers suspected to be linked to China accessed the Gmail accounts of journalists employed by News Corp. Material Security’s idea is that even if these hackers are able to break into an organization’s email accounts, they can still be blocked from stealing the valuables. The premise came to Noon in 2016 while on sabbatical in Berlin after a stint as an engineering manager at Dropbox. Obsessed with the storylines of the U.S. presidential election that year, Noon says he became particularly drawn to the email leak from Clinton campaign chair John Podesta’s personal Gmail account.
To pull off the idea, Noon returned to the U.S. to team up with former Dropbox colleagues Abhishek Agrawal and Chris Park. They launched their startup in 2017 (Agrawal serves as chief technology officer, Park as vice president of engineering) with an initial product that identifies important emails within an inbox—for example, a message containing a sensitive financial document—and obfuscates them so that if a hacker tries to download one such email, they are unable to see the sensitive information. An extra step, like confirming a multi-factor authentication prompt on Duo or Okta, reopens access to the email for the genuine user.
Realizing that the same technology for personal email accounts could be applied to their enterprise counterparts, the founders made a business decision to target large companies, instead of individuals. “An Office 365 account is just a really expensive Hotmail account, and a Google Workspace account is just a really expensive Gmail account,” Noon says. “We have all the time in the world to go and protect grandma, but we decided to start with the actual businesses first.” (Customers do include a handful of “VIP” individuals, such as billionaires and professional athletes, according to Noon.)
Material Security has since added more features, such as detecting hackers’ attempts to access a user’s other non-email accounts by attempting to reset their passwords through email. The company’s net revenue retention is more than 150%, with customers often paying more money to access more features over time. The new funding round will go towards expanding engineering efforts in order to build more features around email security, but also beyond email. Some of the same principles used to protect email documents can be used to protect other content stores, such as files in Dropbox or Google Drive, says CTO Agrawal. “All of our patents are written fairly generically,” Noon adds.
Ready now to bolster head count—the rough plan is to double in size over the next 12 months, Agrawal says—Material Security intends to build out a go-to-market team to complement its primarily technical staff. The company currently has nearly no marketing employees, and the bulk of sales have been spearheaded by the founders. “Usually, founder-led sales stop way earlier than where they are now” because the company would be better served to hire a sales lead seasoned in selling to big customers, says Founders Fund partner Trae Stephens, who led the latest round. “It’s been really cool to see them have that much momentum at this stage.”
The founders and investors were tight-lipped on what exactly that momentum means from a revenue standpoint (Noon only offers up that revenue more than doubled year-over-year). “Growth VCs will take every data point and they’ll extrapolate and then they’ll fit some public [stock comparison] curve and you’ll wish that you hadn’t said anything,” Noon says.
Still, Noon is confident enough to say that he thinks Material Security can carve out an independent space for itself in the cybersecurity world. “There’s a lot of fake innovation and snake oil and all these things in our industry that are very hateable,” he says. Material Security’s customers, he adds, have complained to him about past security software firms that promised exciting products, but ultimately sold their businesses and cashed out before getting there.
“There haven’t been that many really big cybersecurity companies because entrepreneurs play it safe,” Noon says. “I’ve sold a company before. It’s not awesome; it kind of sucks. So, I want to fulfill the promise we made [to our customers]. It’s pretty obvious and pretty personal.”