One of the biggest issues facing today’s companies is third-party cyber breaches forcing companies to scramble to find innovative security solutions. Adopted by companies like PNC, BlueCross BlueShield, and L Brands, NormShield is the only cyber rating system that accurately measures the cost associated with a potential third-party cyber breach on a real-time basis. NormShield’s proprietary software can help Chief Information Security Officers quantify the severity of a cyber threat in a way that other colleagues can understand- financially.
Boston TechWatch caught up with CEO Paul Paget to learn more about
Who were your investors and how much did you raise?
$7.5M in Series A funding led by Moore Strategic Ventures, LLC (MSV). The financing round also includes participation from existing investors, Glasswing Ventures and Data Point Capital.
Tell us about the product or service that NormShield offers.
NormShield is the only cyber rating system that accurately monitors your ecosystem from a three-dimensional perspective. By eliminating false positives and providing tools to fix risk levels across their externally facing digital footprint, our platform makes organizations more resilient.
Our patented rating technology uses open-source intelligence to compare vendor cybersecurity to industry standards and evaluate risk in financial terms. NormShield’s technical depth and unparalleled level of detail make it a preferred platform over legacy cyber rating companies.
What inspired the start of NormShield?
NormShield saw an opportunity in the cyber ratings market to provide more accurate data on an automated and continuous basis. More than 63% of cyber breaches are caused by third parties, and our founders saw a solution to this increasing problem in third-party risk management.
How is NormShield different?
NormShield reduces the uncertainty around your cyber risk with a high-quality platform that does the work for you.
Scalable, all-encompassing, and tailored to identify your problem areas, our platform isn’t just another cyber rating tool. It tells you which vendors pose the highest risk to your company, without creating more work for you.
NormShield is also the only cyber risk rating system that can measure the cost associated with a potential third-party cyber breach, so you can know the risk every organization in your ecosystem poses in dollars and cents.
What market does NormShield target and how big is it?
NormShield targets all industry verticals including, but not limited to finance, healthcare, retail, technology, and hospitality.
What’s your business model?
SaaS model with annual and monthly subscriptions.
How has COVID-19 impacted the business?
Mixed impact – some near-term budgets were delayed, others accelerated as supply chains became more critical. It is very dependent on the industry. Overall the market for Third-Party Risk Assessment is growing rapidly despite the pandemic.
What was the funding process like?
It was relatively smooth. Despite the market uncertainty investors are active. We are fortunate to already have two outstanding seed investors, Glasswing Ventures and Data Point Capital – both based in Boston. They were very instrumental in identifying options, including Moore Strategic Ventures.
What are the biggest challenges that you faced while raising capital?
Doing my day job! Raising capital is a full-time undertaking.
What factors about your business led your investors to write the check?
Market opportunity, customer traction, strong technology, and an outstanding team.
What are the milestones you plan to achieve in the next six months?
Keep making progress in terms of new accounts and creating very happy customers that help us grow.
What advice can you offer companies in Boston that do not have a fresh injection of capital in the bank?
This is a loaded question, but to keep it simple, have a plan that makes sense and get lots of input to it. Talk to investors that are market and/or stage-specific and get their advice. Getting capital requires a lot of things to line up. It all sounds logical but getting there is brutal. Early-stage is the most difficult. If you are developing a product, get input at every stage from idea to prototype to minimum viable product.
This is a loaded question, but to keep it simple, have a plan that makes sense and get lots of input to it. Talk to investors that are market and/or stage-specific and get their advice. Getting capital requires a lot of things to line up. It all sounds logical but getting there is brutal. Early-stage is the most difficult. If you are developing a product, get input at every stage from idea to prototype to minimum viable product.
Potential investors need to be part of that journey and will follow your progress before making a decision. Later stages require different things – obviously, traction from buyers speaks volumes to investors.
Where do you see the company going now over the near term?
The company will stay hyper-focused on helping customers deal with the challenge of third-party cyber risk. As organizations rely more and more on connected service providers, vendors, and suppliers; their exposure and risk increases. Understanding how to deal with this is an increasing priority and a major challenge for most organizations today.
What is your favorite restaurant in Boston?
Rondo’s Submarine Sandwiches on West Broadway in South Boston.
You are seconds away from signing up for the hottest list in Boston Tech! Join the millions and keep up with the stories shaping entrepreneurship. Sign up today