This All-Star Team Plans to Jumpstart 100 Cybersecurity Companies in 3 Years
Chris Lynch has been known to rail against startup accelerators.
The co-founder and general partner at Cambridge, Mass., venture capital firm Accomplice and former CEO of Vertica, a big data company that sold to HP (HPQ) in 2011, says he has a better mechanism to jumpstart startups: Investment syndicates. The idea is to have experienced entrepreneurs invest in early stage companies through platforms like AngelList, a website that connects entrepreneurs, startups, and angel investors. (Accomplice backs AngelList, by the way.)
Now Lynch is putting his money where his mouth is by co-creating a cybersecurity-themed investment syndicate, he tells Fortune. Hack/secure, as the group is called, assembles 25 top cybersecurity entrepreneurs on a mission to seed 100 cybersecurity companies in three years.
Get Data Sheet, Fortune’s technology newsletter.
Lynch is joined by Cort Johnson, a fellow partner at Accomplice who runs hack/reduce, a not-for-profit organization co-founded by Lynch in 2012. Hack/reduce—the group from which hack/secure springs—consists of Boston-based technologists, academics, and investors who are interested in big data. The community has partnerships with MIT, Harvard, and other universities as well as sponsorships from Microsoft (MSFT), IBM (IBM), and Google (GOOG).
Hack/secure will operate as follows: Whenever one of the group’s members finds a cybersecurity firm worth investing in on AngelList, hack/secure will contribute up to $250,000 in additional funding. The goal? Nothing short of “protecting the free world,” as Lynch likes to say, through technological innovation and unabashed venture capitalism.
“We’re under siege and I think people are distracted,” Lynch says. “Everything runs on software—planes, trains, automobiles, the stock market, utilities—when someone really wants to fuck up the free world, that’s how they’re going to do it.”
“We’re not only going to stop that from happening, but innovate and fund companies that can proactively eradicate those threats,” he adds.
For more on cybersecurity startups, watch:
The group has already made its first investment in Kolide, a Boston-based cybersecurity startup that plans to expand on open source software originally developed at Facebook (FB). Kolide aims to build its business on top of osquery, a computer protection tool that helps IT pros keep tabs on their network (for instance, by finding points of vulnerability and hunting down attackers), through training, consulting, education, and supporting the open source community.
Think of Red Hat (RHT) building its business on top of the open source operating system Linux, or Cisco-owned (CSCO) Sourcefire building atop Snort, an open source intrusion detection tool.
Kolide has so far raised $1.6 million through hack/secure and angel investor Dustin Webber, co-founder and chief technology officer of Critical Stack, a network intelligence firm, to help it take on an increasingly crowded market of endpoint protection products, including tools from the likes of Symantec (SYMC), Intel (INTC) Security, CrowdStrike, Tanium, FireEye (FEYE), Carbon Black, and others. The Kolide team includes Facebook security engineers Mike Arpaia and Zach Wasserman, who helped build and open source osquery.
“Investors want assurances that the next technology they invest in is not going to be the source of the next breach,” says Jason Meller, CEO and founder of Kolide and former chief security strategist at FireEye (FEYE). With osquery, “the community has the ability to scrutinize and evaluate the code to make sure it’s as secure as it can possibly be, versus the vendor claiming the technology is proprietary and has been reviewed by quote unquote experts.”
“That is a classic blunder of security by obscurity to me,” Meller adds.
“Companies often nail their IP close to their chests,” Webber says. “Jason impressed me with his go to market, which is to do the opposite—make that a commodity.”
Hack/secure, the launchpad of Kolide, has a presence in the five cities where its board directors reside. Webber acts as a director and regional manager for Boston, as does Jen Andre, founder and CEO of the security automation startup Komand as well as founder of the cloud security firm Threat Stack. Other board directors include Liam Randall, founder and CEO of Critical Stack, who serves as a the point of contact in Washington, D.C.; H.D. Moore, founder of Metasploit (acquired by Rapid7 (RPD)) in Austin; and Dan Guido, founder and CEO of Trail of Bits in New York.
“The best people are not all in one location across the U.S., so need to be where they are,” hack/secure co-founder Johnson says. Other members of the syndicate include:
- Bob Brennan, CEO of Veracode
- Corey Thomas, CEO of Rapid7
- Mike Viscuso, chief technology officer of Carbon Black
- Art Coviello, former CEO of RSA (owned by EMC (EMC), and soon by Dell)
- Tim Belcher, former chief technology officer of NetWitness (acquired by RSA)
- Sam King, chief security officer of Veracode
- Patrick Morley, CEO of Carbon Black
- Brian Ahern, CEO of Threat Stack
- Adam Fuchs, founder of Sqrrl
- John Langton, founder of Visitrend (acquired by Carbon Black)
That’s one startup funded, 99 to go.