Cyren is a modestly-sized company with an unusual trajectory but with attributes that could well make it worth watching. Shares in the company have been relatively flat for 16 (that’s right, sixteen) years, a huge stretch in a tech sector that is better known for sharp rises and falls. But recent changes at the US-headquartered firm with European and Israeli roots make it an interesting outlier in the hugely competitive information security space.
One of those changes is the arrival of chief technology officer Lior Kohavi, a 25-year veteran of the sector who I talked to recently about the company’s prospects. Kohavi argues Cyren is extremely undervalued relative to other security companies, considering its technology assets and investment in higher-growth areas. He explains it as a function of the firm running for a long time on a licensing stream, and the market not yet having caught up to the strategic changes. Despite its name, Cyren may not be big noise in security but it does have a remarkable line of companies that use its technology under the hood from Google (for Gmail) and Microsoft (for Office 365) to the likes of Dell, FireEye, Check Point, Symantec, Websense, McAfee and Netgear.
Last year Cyren changed tack by going direct to the corporate market with cloud-based web and email security and made the hires to back up its effort, alongside big-lever changes that tend to go with fast-growth companies rather than non-movers. Kovahi, for example, has worked at three companies that got acquired and Hesh Eassa, newly VP of Cloud Operations, is a Silicon Valley veteran with a growth pedigree including senior roles at WebEx, Macrovision, Qualys, Callidus and recently Zscaler. Those are switches that could finally move the needle on its NASDAQ stock ticker and market cap of a little over $82m at time of writing.
The long quiet period
Why is Cyren so little known when its customers are an A-to-Z of tech royalty?
“We never opened the kimono [on the new strategy] until 2017 but we’ll start to show more of that,” Kohavi says. “If it were a startup the valuation would be completely different. The past was a completely different company. Think of it like a startup: we’ve made a massive investment in R&D [and the change has been like driving down a] highway at 100kph while performing open heart surgery.”
Today, Cyren has over 220 staff, seven office locations, and the datacentres (19 in total) needed to see incoming threats, understand trends and protect customers via its cloud-based services that cover web, email and DNS security, and cloud sandboxing. The catalyst for the strategic change was the broader metamorphosis across cybersecurity.
“There’s a problem in the security space,” Kohavi says. “Companies spend more and more money but 99 per cent get hit. The current framework is to protect through security appliances, meaning you have an office connected to the internet and you protect through email security, IPS, IDS and firewall, but more and more of us are roaming and saving to the cloud, offices are becoming multi-location and so signatures and updates are ineffective.
“It’s a massive change, and traditional companies are under threat of going out of business if they don’t change with it. With corporate apps and data in the cloud, the perimeter has become dramatically more complex, fragmented and difficult to maintain secure. The only way to solve security in this new world is to move it to the cloud for massive real-time protection before it enters the organisation.”
This is where Cyren’s cloud protection comes in and helps explain why, after leaning on technology licensing for so long, Cyren wants to sell more directly to business customers. The move might be seen as risky but in enterprise software today, ‘frenemy’ relationships are part of the commercial realpolitik.
“Business is business,” says Kohavi. “They have choices but keep coming to us.”
Salesforce for security
Cyren’s ambition is to build a high-velocity sales platform with a subscription model that appeals to small, midsized and, eventually large enterprises, in the same way that Salesforce.com transformed CRM.
“It’s the only reason I’m there,” Kohavi says. “This one is completely different [to his previous startups] with the potential to be a real enterprise company.”
Marketing budget has been doubled and the onus today is on customer acquisition, he adds, saying he believes the market will be receptive to Cyren’s approach now that cloud security is better understood.
“Twenty years ago you went to a bank and said ‘why don’t you move your email out?’ and they’d think you were crazy. Today, 80 per cent have already done that.”
It’s a tough ask, however. A source familiar with Cyren said the steps to go from OEM to full stack player shouldn’t be underestimated.
“They’re an interesting crowd,” the source said. “They’ve worked out its very difficult to be a public company if you’re in the OEM business business… you’re the last in line in the food chain. It’s a real pivot: you can be good at engineering but the second wave is you have to have a go-to-market. There are shortcuts like working with channel partners but it’s a decade-long effort to build a brand and operations. The other challenge is you have to build a customer-facing organisation. You take all of those and they’d have to defy gravity - but I like them and they talk a good game.”
Kohavi says Cyren already protects 600 million users, a lot of them through partners obviously, but the company has the bandwidth to create a wide revenue stream. He points to rivals such as OpenDNS, acquired by Cisco for $635m and Zscaler with a valuation of over $1bn. By those lights, if Cyren can execute, that pancake-flat valuation could change.
With those big-name partners to point to, core technology in place, datacentres all over the world (about 40 per cent in EMEA and 40 per cent in the US) and recent hires, Cyren could be in a good place.
PREVIOUS ARTICLE«Start-Up Chile veteran on the local entrepreneurial scene
NEXT ARTICLETypical 24: Scott Phillips, Rise Art»
Adrian Schofield sheds light on tech in South Africa
Mark Chillingworth on IT leadership