22 Jul Dave DeWalt: Win The Government, Win The Cybersecurity Market
NetAbstraction’s CEO leads the charge
Melbourne, Australia – Jul. 22, 2021
Ask any CISO what one of their main strategic goals is, and their answer is likely to be “reduce the attack surface.” But Gordon Lawson’s team at NetAbstraction has taken the idea and run with it — delivering a platform that not only reduces the attack surface, but makes it disappear altogether.
The company’s patented cloud-based network filtering technology provides an “obfuscation layer” that allows companies to hide their own networks from the Internet at large — disguising and mixing up network pathways to prevent cybercriminals from using them to trace a path back to the company.
It’s an idea that emerged from the company’s founding in the intelligence community, Lawson, NetAbstraction’s CEO, told Cybercrime Magazine, “and our goal is really to bring some of those techniques — obfuscation is a large part of that — into the corporate realm.”
Obfuscation offers particular appeal for applications like malware-protected browsing, threat-intelligence sandboxes for security operations teams, and others who need to go online reliably and secretively.
Operating under the mantra “if they can’t find you, they can’t attack you,” NetAbstraction has secured seven patents for the techniques developed by COO Michael Sever — a 33-year CIA veteran who is responsible for the company’s technical development.
“Think of us as the nexus of SASE, zero trust, and cloud security,” Lawson explained. “We’re touching all of those areas by obfuscating the network.”
The company’s protections can be managed at the individual employee level — making it easier for employees to hide their IP address, geographical location or information about their browser — and can also make user browsing sessions “malware-protected.”
“We will actually spin up VMs that won’t be tied back to the company,” Lawson explained. “It’s a totally separate environment, and folks can go about their work and be more confident that things like ransomware are not going to affect their day-to-day business continuity.”
Obfuscation is becoming increasingly important for companies that have developed increasing security analysis capabilities in-house, where threat researchers and incident responders are regularly conducting their own investigations into current and possible threats.
“We view that as a fundamental liability that needs to be addressed,” Lawson said, “so we set up a controlled, obfuscated, anonymized environment that will never be tied back either to that company, or to NetAbstraction.”
Yet for all the value of its technology, Lawson admitted, the company still has a long way to go before it becomes a household name. “We have some amazing world-class clients, but a lot of the industry has never heard of us,” he admitted.
“We are continually maturing our product development and engineering teams, and we’re going to hire aggressively for those in coming months.”
Eyes on the blue sky
That growth strategy also includes the introduction of new outside expertise at the board level, with the company recently welcoming the board appointment of Dave DeWalt and Spencer Tall of AllegisCyber Capital — which invested $9 million in NetAbstraction during a recent Series A fund-raising.
“While NetAbstraction is a relatively young company, it’s actually a much more mature company from a technology standpoint than you might believe,” DeWalt — who also works as managing director of cybersecurity investment house NightDragon — said in explaining AllegisCyber’s interest in NetAbstraction.
“Having its roots in government, and being able to work with the intelligence community on missions and operations, it had to be an incredibly scalable product. It’s not a small-p product; it’s a big-p Platform — and it’s ready for prime time from a go-to-market point of view.”
“Every single web and cloud gateway should have an abstraction layer in front of it so that you can reduce the attack surface,” he added. “The biggest vulnerability is the idea of source IPs because you actually have an anchor IP, and everybody can figure out your IP address; if you don’t try to obfuscate that and reduce that attack surface, it becomes a problem.”
One condition of AllegisCyber’s investment was that the company add “a very professional CEO to drive us to the next level,” DeWalt said, with Lawson brought on to help propel NetAbstraction onto a growth trajectory.
Healthy growth trajectories are nothing new for DeWalt, a former McAfee president, CEO and director who was appointed as CEO of fast-growing security firm FireEye in 2012 — and led the company from $10 million in revenues to $1 billion in a three-year period.
“I knew I had a window I could execute in where we were just a go-to-market problem versus a technology problem,” DeWalt explained, “and that’s what I see here with NetAbstraction: I see technology and a team there. Now it’s a go-to-market problem about how we create partnerships and customers, and expand what we’re doing.”
Having DeWalt on the team has proved helpful for Lawson, who said “the way that he connects the dots on trends — not only in cyber, but across national security and across public policy — is very, very interesting and helpful to us.”
As a new CEO, Lawson has been working across a range of areas including building out the company’s Board of Advisors — whose first members were announced in late June.
“Sometimes a CISO who I may not know very well isn’t necessarily going to return my call,” Lawson said. “But when I say that Dave DeWalt is on the board, the probability of that call being returned goes up quite a bit.”
DeWalt’s advice is indispensable to a CEO, and telling for anyone following the space: “My strategy as a CEO previously and now as an investor is win the government, win the market.” NetAbstraction’s founder and chairman of the board, Barbara Hunt, has more than 20 years of experience in the intelligence community — one more reason to keep an eye on this fledgling company.
– David Braue is an award-winning technology writer based in Melbourne, Australia.
Go here to read all of David’s Cybercrime Magazine articles.
NetAbstraction, Inc. is an Internet and cyber security firm that offers services that lower your organization’s systems “visibility” as a target on the Internet.
NetAbstraction’s extensive expertise is rooted in the U.S. Intelligence Community. Our backgrounds are in offensive and defensive cyber, protection of user identities, as well as innovative engineering to implement networks in support of clandestine communications.