General Atlantic’s Gary Reiner On Why ThreatLocker Is A Ransomware Killer And MSPs Are ‘Incredibly Strategic’
Gary Reiner, operating partner at private equity powerhouse and growth equity investor General Atlantic, which just led a $100 million Series C investment in ThreatLocker, says the cybersecurity highflier is locking out the ransomware threat looming over businesses.
ThreatLocker’s Whitelisting And Ring-Fencing Advantage
ThreatLocker’s innovative whitelisting and ring-fencing technology is shutting down ransomware threats that have been battering MSPs, said Gary Reiner, operating partner at General Atlantic, which just led a $100 million Series C investment in ThreatLocker.
“We spoke to probably 15 MSPs in the course of doing our due diligence,” said Reiner, a former superstar CIO at GE who is now a board member at Citigroup and Hewlett Packard Enterprise, among other companies. “Every single one of them loves what ThreatLocker is doing for them. The majority of them had experienced ransomware with their customers prior to deploying ThreatLocker, even with the use of traditional EDR [endpoint detection response] software. ThreatLocker basically makes it impossible [for ransomware to infect businesses] because the only thing that is allowed to run in that environment is what has been previously approved by the customer. By doing that, there is no malware that can be installed or run in a customer’s environment. It just can’t happen.”
ThreatLocker has delivered a “default deny” software offering that does not impose an administrative burden on MSPs or SMB customers, said Reiner, who has also played a key role in General Atlantic’s funding of MSP software standouts Atera and JumpCloud.
“There has been resistance in the past to whitelisting by large companies because it was perceived to be an administrative burden. What [ThreatLocker co-founder and CEO] Danny [Jenkins] has done is figured out the art of making this incredibly effective with a massively reduced administrative burden of managing default deny,” he said. “The way they have done that is, No. 1, they have built great intelligence in their software that understands, for example, when an application has been upgraded. Therefore, they will not deny that application because it has been appropriately upgraded.”
Reiner said the future of MSPs is bright given the “incredibly strategic” role they are playing in protecting small- and midsize-business customers from cyberthreats.
“We’re seeing the MSP industry evolve to much less of a reseller of software and much more of an outsourced IT shop for SMBs,” he said. “With that it becomes very important that they select the right solution that protects their SMBs. We believe that, for example, ransomware is one of the single biggest threats to SMBs, and we believe that with MSPs deploying ThreatLocker with their customers that risk goes way down.”
What did you hear from MSPs when you started looking into ThreatLocker as a potential investment?
We are known for doing a lot of due diligence when we make investments like this. We spoke to probably 15 MSPs in the course of doing our due diligence. Every single one of them loves what ThreatLocker is doing for them.
The majority of them had experienced ransomware with their customers prior to deploying ThreatLocker, even with the use of traditional EDR [endpoint detection response] software. ThreatLocker basically makes it impossible [for ransomware to infect businesses] because the only thing that is allowed to run in that environment is what has been previously approved by the customer. By doing that there is no malware that can be installed or run in a customer’s environment. It just can’t happen.
The other thing they have done is for listings that need to be approved, they have made it incredibly easy with really simple workflow to get approval for things that should be approved but have not yet been approved.
It is a very different way of handling cyberattacks and we think a fabulously productive way to handle cyber. They have been incredibly focused on MSPs with great success. We don’t believe it should be limited to just MSPs even though there is a huge market out there for MSPs.
We believe that it can grow significantly in large enterprises as well. They have already had some success there. We believe that they will be successful there as well. But they will always stay focused on MSPs, which has proven to be a great partnership between them and ThreatLocker.
Is this a true ransomware killer, and what are the implications for enterprise businesses?
We believe so. Let’s talk about the enterprise piece. Whitelisting is not a new idea. Ring-fencing is a relatively new idea. ThreatLocker provides both. There has been resistance in the past to whitelisting by large companies because it was perceived to be an administrative burden. What [ThreatLocker co-founder and CEO] Danny [Jenkins] has done is figured out the art of making this incredibly effective with a massively reduced administrative burden of managing default deny. The way they have done that is, No. 1, they have built great intelligence in their software that understands, for example, when an application has been upgraded. Therefore, they will not deny that application because it has been appropriately upgraded. Those are the kind of things that historically have caused whitelisting to be an administrative burden. We spoke to a ton of customers, including large enterprises, none of whom said that this was difficult from an administrative point of view to manage.
How do you view ThreatLocker co-founder and CEO Danny Jenkins given your investment in the company?
Danny has got as much energy as anybody I have ever met. He has built a fabulous solution that people have said couldn’t be done: whitelisting and ring-fencing that does not increase your administrative burden. Instead, it has reduced it. He is incredibly driven to build the business to change the approach to cyber-security so it is not just finding the bad stuff but preventing the bad stuff from operating in the first place. I think he is going to be a long-term CEO of a business that thrives. I think he’ll do absolutely great. He has had the vision from day one to build this and so far he has had enormous success doing so.
You have other portfolio investments in the MSP market. Could there be some synergies there?
We are proud investors in Atera, JumpCloud and now ThreatLocker. All three of those companies view the MSP as a very important and very strategic customer base.
We are hoping that the three companies together can kind of strategize on how to take advantage of each other’s positioning and capabilities.
What are you seeing in the SMB market in terms of the potential for companies like ThreatLocker?
We’re seeing SMBs needing to be as careful to protect themselves as large enterprises. SMBs carry a ton of important information that is critical to their operations and potentially important for the bad guys that want to get that information.
We’re seeing the MSP industry evolve to much less of a reseller of software and much more of an outsourced IT shop for SMBs. With that, it becomes very important that they select the right solution that protects their SMBs.
We believe that, for example, ransomware is one of the single biggest threats to SMBs, and we believe that with MSPs deploying ThreatLocker with their customers that risk goes way down.
As a former CIO, how do you see the MSP model evolving in the next several years?
SMBs are becoming more and more dependent on information technology to make their operations prosper. On the other hand, not every one of them has been as quick and ready to hire IT talent to support and allow them to leverage information technology the way they want to. So the role of the MSP has become incredibly strategic. That SMB IT capability has been consolidated in these MSPs. They help make decisions for the SMBs.
Comparing and contrasting that to a large enterprise, they typically have their own internal IT expertise. So that is why MSPs are focused more on SMBs than large enterprises.
Given your investments, do you see a bright future ahead for MSPs?
A very [bright future]. We see them only growing, getting larger and getting more and more capable. And we see more and more very compelling solutions that are targeting the MSP as a very productive channel.
What we have seen is in addition to MSPs moving more and more to being an outsourced solution [provider], they have also moved from being kind of on-prem install, repair and fix to everything being done remotely. That extends the reach of any given MSP to be able to not have to rely on being just local to be effective. We do see MSPs getting bigger with broader reach to more and more SMB customers.
Is General Atlantic sticking to investments in software companies rather than the MSPs themselves?
Never say never, but our focus today is very much on providing software so MSPs become that much more capable to their customers.
As a former CIO and now investor, what is your advice to MSPs?
For any MSP I meet I give them three pieces of advice: buy ThreatLocker, buy Atera and buy JumpCloud.
The FBI recently launched a pre-emptive strike against a nation-state attack by Russia military intelligence that targeted Main Street rather than Wall Street. What do you make of that?
There is probably a view from the bad guys that see these big companies with all kinds of protection and the smaller guys as more vulnerable so they try to break those [smaller guys].
That’s why one of the values of MSPs is to provide the protection for SMBs. We think ThreatLocker is perfectly positioned for that. That is how the MSPs look at it today.
If you were starting an MSP today, what would you focus on?
I would want to build two kinds of skills and only two kinds of skills: technology and sales. I would be investing in largely digital marketing capabilities to figure out how to find more and more SMBs and offer them a solution. I would have the world’s best technologists as part of my team that would be able to pick the right SaaS solutions that could be deployed, managed and serviced for my customers.
How do you see your investment being used to make ThreatLocker more successful?
Mostly R&D and to make deny default as easy and as effective as it has been.
It is also going to be used to penetrate larger companies where they need it, which is a different sales motion.
So mostly R&D, but also a sales motion to larger companies.
You are playing a proactive role to make inroads into enterprise customers. Is that a tougher sell?
It is a different sell. With MSPs they see it and embrace it right away. They are often less tied to their existing solutions when they see something better.
Larger enterprises, frankly, are less willing to make big changes quickly. The way a large enterprise will embrace this is they will try it in a small division, see how it works there, and upon success they will look to grow it throughout the enterprise. So together we are encouraging large enterprises to do a proof of concept, whether it is a small group or P&L, see how it goes and then grow it into an enterprisewide solution.
How do you see the CIO role in large companies given the current IT landscape?
As the cloud has emerged, the CIO worries a lot less about infrastructure these days and worries more about two things: One, how do you make the business processes more effective? And two, how do you protect the company from cyber-risks? There is a third where good CIOs play a big role, which is how to manage data, which is part of the business process, but it is a whole new skill.
So business process improvement, particularly customer-facing business processes, managing data for the advantage of the company and cyber-protection.