We started Theom in late 2020 to pioneer a new way to secure data in the cloud. Our solution is like a bodyguard who closely follows and protects a high-value asset. Theom ensures controls follow the data regardless of how it is stored, replicated, or accessed in the cloud. We have built our SaaS product, grown our customer base, and expanded our team to bring new capabilities to market. To fuel our progress further, we recently secured USD $16.4 million in Seed funding in a round that was oversubscribed. Ridge Ventures led the round along with M12, Microsoft’s Venture Fund. You can read our press release here.
Supreeth Rao, Ravi Sankuratri, and I founded Theom to help organizations answer the question, “Is my data really secure?”. The genesis of this question came from our experience in building planet-scale products for data, security, and cloud at Cisco, Google and Yahoo. While managing over 200 petabytes of data ingest into SaaS applications for many organizations, we observed that existing approaches for securing data were ineffective – especially in the cloud. Two challenges that we faced convinced me that we had to solve data security differently for the cloud.
The first challenge was the over-provisioned access to data for users–especially with cloud stores such as managed data warehouses and data lakes. Initially when the stores are set up, users might have the right level of access to data. However, over time, more access and privileges are granted, and they are almost never revoked. Access exploits are a common cause of data breaches. An anti-fragile, robust, Zero Trust strategy requires creating a minimal protection surface. Further, a minimal protection surface only comes from understanding data and applying the principle of least privilege to data access.
The second challenge was the ease with which we could copy and move data in the cloud – a security problem that increases as data store technologies proliferate and data grows in volume. The protection surface must cover both at rest and in motion, in cloud native stores, analytical stores, APIs and message queues. For example, it’s all too easy for someone to make a replica of sensitive data to train machine learning engines. However, the security controls do not automatically follow the copied data even though the first and second copies of the data are exactly the same–this security gap increases the risk of breach. This was our aha moment – if data moves, security controls should also move to ensure data is always protected. This insight led us to envision Theom as a data bodyguard in that cloud that helps customers prevent data breaches by protecting their high-value asset – data. A real-world example that helps explain the idea is the Secret Service which protects the president by gaining situational awareness of threats and then adapting security for every situation.
Theom generates intelligence about the data by understanding where data is in the cloud, understands the data sensitivity, and the risks to the data in every environment. Theom also looks at access to the data, including from vendors, and determines if the access is abnormal. Theom then prioritizes the top risks to data stores and drives automated remediations to mitigate the risks via native integration with the customer’s SIEM/SOAR tooling. Like a data bodyguard, Theom follows the data wherever it moves, gets copied or shared in the cloud and ensures that it is always secured regardless of the environment or underlying store type. Security teams can focus on the handful of top risks that truly impact data security without being worn down by thousands of alerts. Our goal is to help security teams answer the question, “Is my data secure?” in the affirmative.
With this new funding, we will continue to expand our product to cover new data store technologies and solve more use cases that our customers bring to us. We are also expanding our go-to-market function.