Impact of the Cloud: A CISO’s Point of View – Guest Post This blog post was authored by Amit Karp, Bessemer Venture Partners CloudLock secures data in the cloud Being the Chief Information Security Officer…

Impact of the Cloud: A CISO’s Point of View – Guest Post


This blog post was authored by Amit Karp, Bessemer Venture Partners

CloudLock secures data in the cloud

Bessemer Venture PartnersBeing the Chief Information Security Officer (CISO) is a difficult and lonely job. As a CISO, you are in a constant battle between the business need to push forward and the necessity to keep security intact and adhere to regulations.

This difficult job has become even tougher in recent years as corporate data begins to live on the cloud. Companies continue to see the economic, technical, and collaborative benefits of pushing their data to public cloud services such as Salesforce, Google Apps, Box and others, which have become too valuable to ignore. Yet IT departments now struggle to gain the visibility and control they once had when data and applications lived on-premise. Moreover, the proliferation of BYOD and cloud services has created a new world in which the users have become the new perimeter when it once was the enterprise firewall.

As a CISO, you now have two options:

  1. Live in denial: Prohibit deployment and usage of cloud services and keep the data on premise. This approach will not only hinder collaboration and productivity but will also cause employees to go behind IT’s back and adopt “shadow IT” systems (like sharing files on Dropbox). This is definitely not a viable long-term option.
  2. Embrace the cloud: Allow usage of cloud services and live in constant fear of not knowing what data is stored, accessed and shared outside the enterprise perimeter.

CISOs who selected to embrace the cloud are now struggling with questions such as: how do I manage the outflow of sensitive data now that it lives beyond its on-premise perimeters? How do I adhere to data compliance laws, secure sensitive documents, and prevent data loss? These questions become even more relevant for regulated enterprises that are required to meet compliance requirements around personally identifiable information (PII) and payment card industries (PCI).

This is where CloudLock, the newest member to the BVP family, comes into play. CloudLock offers a cloud-based SaaS suite that helps enterprises protect their data assets that are stored on 3rd party cloud services. The company helps the answer questions like where is my sensitive data? Who can access it? What are they doing with it? What 3rd party apps have access to my domain? Suddenly, the CISO gets back the control he had in the old world while embracing the cloud and the collaboration the enterprise so much desires. Moreover, this is all possible in just a few minutes (or sometimes even seconds) of deployment, without breaking any of the existing functionality of the cloud services, without adding any additional latency or inconvenience to the end user and without even changing the traffic flow!

As investors, part of the due diligence we conduct before entering into an investment includes calls with existing customers. The CloudLock calls stand out for the level of enthusiasm that greeted us from the other end of the line. One customer even described finding CloudLock this way:

“We were like a guy in a desert dying of thirst when he suddenly sees water.” [CloudLock was the water]. Gil Zimmerman and the incredible CloudLock team have done an incredible job building a company that has immense promise. The company’s great SaaS metrics and rate of growth make this even more evident. (For more on what BVP looks for in SaaS metrics read our “10 Laws” here).

At BVP, we are strong believers in our roadmap-driven investment strategy, a strategy that requires us to dive very deeply into a sector so that we can identify opportunities early. CloudLock, interestingly, sits at the intersection of two of our strongest roadmaps Cloud/SaaS and Cyber Security. (As you can imagine, when an investment sits in the Venn diagram overlapping two areas of interest we get really excited.) Both Cloud and Cyber Security companies will continue to get BVP focus in 2014. Already BVP boasts one of the best and largest Cloud/SaaS portfolios in the venture capital industry. We also publish the “BVP Cloud Index” and the “10 Laws of SaaS Computing“. As for Cyber Security, BVP is one of the most established investors in the cyber security sector with a 20-year track record and more than 30+ investments in the space (17 exits so far, including 7 that went public).

We welcome the CloudLock team to the BVP family.

Read more posts at the Bessemer Venture Partners Blog

Browser Not Supported

Your browser version is outdated.

We would recommend you upgrade to a recent version to ensure that you have a good experience on the CloudLock site. Outdated browsers also increase your security risk. So please update your browser and come back later!

Click on the icon below to download the latest version of your browser