As part of our Meet the Entrepreneur event series, last Thursday we were thrilled to hear the extremely inspirational story of a real-world entrepreneur from the one and only Jamie Graves, founder of ZoneFox and now VP of Security Analytics at Fortinet. Jamie told our captivated audience exactly how it was. He shared the ups and downs of his entrepreneurial experience from the challenges of raising capital and managing expectations, to the thrills of scaling a product, and the long and rewarding process of preparing for exit.
A bit of background
Jamie Graves is a data security and enterprise software entrepreneur who founded and grew ZoneFox into an award-winning product that provides customers with visibility into human behaviour to help protect their data. In October 2018, ZoneFox was acquired by Fortinet Inc. His new mission as VP of Security Analytics is to continue to help organisations around the world monitor, detect, and respond to insider risks.
Jamie has a PhD in Computer Science from Edinburgh Napier, extensive security and digital forensics experience, and was recently recognised as the ‘Champion of Champions’ at the inaugural Scottish Cyber Security awards for his contribution to the industry. He also attended the prestigious Ignite course at Cambridge University’s Judge Business School, and the Entrepreneur Development Programme at MIT.
How it started
Jamie started exploring the world of cybersecurity at Edinburgh Napier’s Merchiston campus back when he started his doctorate,with Bill Buchanan as his supervisor. Out of Jamie’s research ZoneFox was born. To put it simply, which is relatively hard to do, the company offered a complicated technology that aimed to prevent malicious attacks on a company’s IT network.
The data thief
One of the most interesting and impressive things about Jamie’s talk was the case study of one of their first clients. The team at ZoneFox were tasked with protecting the networks of a company that had created an extremely expensive and valuable (not to mention top secret) product, and were adamant at protecting their Intellectual property from attacks – both external and internal.
Once on site, and after a few days, Jamie and the team noticed some interesting activity. That being said, an interesting activity in cybersecurity usually means something bad is about to happen.
One of the company’s engineers had installed an unauthorised software on their computer – a programme that accesses different parts of the system and makes copies of the files that it gets its cyber tentacles on. At first the files copied were nothing out of the ordinary – charts and graphs, which an engineer could be expected to have a backup of. But as the night progressed, the software started copying files in the early hours of the morning, andthe team at ZoneFox noticed that there were contracts, cost and profit sheets, and all sorts of sensitive information being cloned and saved on the machine the engineer was using.
Big red flag.
The management team were alerted once the engineer copied all of these files on a flash drive and attempted to leave the building. Turns out that employee had given his notice and was planning on presenting his new employer with a nice present of over 10,000 files containing sensitive information.
The theft was averted, the client was happy, but ZoneFox did not win a permanent contract, which Jamie reflected on in his talk. A lesson was learned – listen to what your customer needs and be sure to meet their specific requirements – a straightforward enough statement in theory but one could argue that it is an art to implement.
Up, up and away – how do we scale?
After the first client, the team got a number of other contracts but realised that their clients were looking for their service at scale. ZoneFox could work on up to 20 machines, and there came the question: “how do we get to service 500 machines, and not compromise our process?”. ZoneFox needed to raise capital in order to scale their operations.
Before going on to that part of the journey, Jamie told us more about their client base. One would expect that big corporations would be extremely interested in an offering such as the one ZoneFox provided. Instead their client base was mostly made up of start-ups, and small to medium sized enterprises, which were all organisations that had gone through the excitement of starting up a business and could relate to the passion and commitment of Jamie and his team.
Raising the big bucks – keeping the Angels happy
Depending on the stage of the enterprise and its offer, when it comes to raising finance there are a number of different ways one could go about it. By consulting their board and having a coffee meeting, one that would prove to be pivotal in ZoneFox’s journey, the team got their first Angel investment. From there, the journey was turbulent with many milestones hit before the next round of cash would enter the business.
Exit – should we?
Are you for sale? A question that a lot of entrepreneurs can only dream of being asked, once they set out to create a business with the idea to exit in a decade. ZoneFox were asked that very question by Fortinet.
I won’t go into much detail about that process in this blog, butwhat I will mention is that the company acquired both ZoneFox and the team – something that, according to Jamie, was paramount to the success of any future operations.