Panaseer doubles revenue in 2021, as enterprise requirement for automated cybersecurity measurement accelerates

March 31, 2022, London and New York: Panaseer, an enterprise security company, today announces it is cementing its position as the de facto automation platform for security measurement with annual triple digit growth.

The company grew by over 100 percent in 2021, on the back of over 300 percent growth in 2020. Its revenue success is fuelled by the growing market adoption of the emerging category of Continuous Controls Monitoring (CCM). 

Panaseer pioneered the CCM category, which addresses the biggest issues in cybersecurity today: an increasing enterprise attack surface, heightened regulation and the growing number of tools used by security teams. The technology enables security and risk teams to aggregate all the data from their security, IT and business tools, into a single platform to understand enterprise-wide cybersecurity posture. The $10+ billion CCM market is largely untapped and Panaseer’s technology and people are leading the field.   

Last year the company doubled its number of employees and supercharged its executive team. Jonathan Gill was appointed CEO in January 2021 with a remit to focus on international growth. A Chief Growth Officer, VP Global Sales, VP Customer Success and VP People, were added to its leadership team.  

In May 2021, Panaseer announced it had secured $26.5 million in series B funding to accelerate product development and expand go-to-market efforts to meet the demand for its CCM platform. This makes its total funding to date over $43 million. Over the last year, it added to its growing portfolio of global enterprise clients, which includes many of the world’s largest and leading institutions, who rely on Panaseer to evaluate and improve their cyber protection levels. Currently 95 percent of security teams who test for Proof of Value become Panaseer customers. 

Jonathan Gill, CEO, Panaseer: “We recently received a customer testimonial that called Panaseer’s technology ‘the platform of all platforms.’ This perfectly encapsulates what we are building. Our CCM platform now integrates with technology across eight cybersecurity domains, and can seamlessly and reliably integrate with security, business, and IT data sources. This means we can provide unique value and visibility to our customers, and crucially unburden them from the daily firefight, so they can take a more strategic role within their organisation with data-driven insights that can be used to enable effective risk decision-making.  

“Currently, our platform has processed over 70 million assets for our clients. We are confident that a CCM platform for a security team will be soon become as fundamental as a CRM system is to sales and marketing professionals, and accountancy software for financial departments.” 

Partnerships  

Panaseer invested in key partnerships to help drive the adoption of automated, data-driven approaches to security measurement, via CCM. It partnered with the Center  for Internet Security, Inc. to further the development of its Control Assessment Specification.  CIS is a non-profit organisation that leads a global community of IT professionals to continuously evolve standards and provide products and services to proactively safeguard against emerging security threats. Together they are providing guidance on the metrics a company should use to assess how well they are complying with ‘version eight’ of the CIS critical security controls.    

In February 2021, Panaseer announced it had joined forces with PwC UK, a leader in cybersecurity consulting services, to offer continuous Cyber Risk Monitoring. Bringing together best-in-class technology and consulting services to pave the way for continuous and accurate measurement, monitoring, and reporting of cyber risk. 

Product development 

Panaseer addressed the issue of lack of industry guidance around the most important security metrics with the launch of its Security Metrics Catalogue within its CCM platform. This gives recommendations, for the first time, and advice on how to standardise calculations and policies. 

Panaseer also released details on how its CCM platform has enabled customers to solve the most pressing cybersecurity issues. For example, it outlined how key ransomware controls could be mapped to the MITRE ATT&CK framework and built a dashboard that measures some of the most effective security controls at the three stages of a successful ransomware attack– infiltrate, propagate, and exploit. It also helped customers with guidance on how CCM could enable security teams to effectively prioritise critical and zero-day vulnerabilities, like Log4Shell, and create more efficient remediation processes. Panaseer uniquely helps organisations uncover, prioritise, and evidence remediation of zero-day vulnerabilities.  

With the shift many organisations are making from on-premise to cloud, Panaseer has also launched a Secure Configuration for Cloud module to its CCM platform.  This gives customers a single view of all their cloud accounts, enabling them to track misconfiguration of cloud accounts, a significant risk, from multiple ISPs to pre-established SLAs. Panaseer also adds business context to give a complete picture of key risk areas and highlights individual ownership to drive remediation. 

Measurably improving customer security 

Panaseer is setting the bar for ‘best practice’ sharing within the security industry to improve enterprise security programmes and measurably improve the security posture of its customers. Over the last year, it issued a monthly insight article on ‘Metric of the Month,’ whereby leading figures in the cybersecurity sector shared their insights on high value security metrics they use. It also shared the top ten most frequently used security metrics (in order of popularity), which were curated from its wide community of customers and industry experts.

In November 2021, Panaseer released its second Security Leaders Peer Report, which featured data from an external survey of 1,200 senior enterprise security leaders. Key findings included details on how an increase in tools and manual reporting, combined with control failures, is contributing to the success of threats such as ransomware. The report, crucially, gave insights and advice on how organisations could strengthen their security posture.

Over the last year, Panaseer has placed a strategic focus on enhancing customer success and service delivery, to help customers make more informed decisions and reduce their attack surface. As part of that initiative, the company formed a new department: ‘Security Performance Management.’ It was developed to help customers measurably improve their security status, through guidance on measurement and best practices.  

The team provides recommendations on how to improve organisational security posture, and offers targeted assistance on how best to integrate and use Panaseer in support of these goals. All Panaseer’s customers use its platform to continuously, and on demand, evaluate and monitor the controls that protect them from threat scenarios such as ransomware and to help them find, prioritise, and fix high risk vulnerabilities such as Log4Shell. Anecdotal views from over the last year, include:

• “You achieved in two weeks what we failed to achieve in two years.”
   
• “You kept your promise to me. It’s exactly what we thought it would be, unequivocal, it gives us transparency, turns the lights on. It’s game changing.”
   
• “With Panaseer, we can flag ownership of applications and infrastructure together and understand risk by geography, line of business and products and services.” 

Industry recognition  

Panaseer has been featured as an inaugural vendor for pioneering two new Gartner Hype Cycle categories. The 2021 Gartner Hype Cycles for Network Security and Security Operations added the new category of Cyber Asset Attack Surface Management (CAASM), described as “an emerging technology focused on enabling security teams to solve persistent asset visibility and vulnerability challenges.”  

CAASM and CCM go together. Whereas CAASM helps organisations understand the existing attack surface, CCM identifies and advises on corresponding underperforming controls, and the specific metrics, policies, and thresholds that should be used to measure them.   

Momentum Cyber included CCM in its annual Cybersecurity Almanac, highlighting CCM as a next generation technology that will shape cyber in 2021 and Panaseer was listed as a vendor. The Almanac outlines that a key challenge in the cybersecurity space is a “lack of security performance measurement”. This highlights the immediate need for technologies and processes, such as CCM, which allow for the automation of security monitoring and metrics generation. 

In 2021, Panaseer won “Best Product in Continuous Controls Monitoring Platform” in Cyber Defense Magazine. It was also shortlisted for “Best Enterprise Solution” and “Best Security Company” at the SC Awards.