Columbia cybersecurity firm gets boost from Silicon Valley
Tenable Network Security Inc. poised to dominate market with $50 million venture investment
Ron Gula is CEO of Tenable Network Security. (Barbara Haddock Taylor, Baltimore Sun / October 24, 2012)
But a few years ago, a little company in Columbia called Tenable Network Security Inc. caught the eye of Accel's executives. They followed Tenable closely as it steadily emerged as a top player in cybersecurity.
Then, in September, the bombshell: Accel decided to pump $50 million into Tenable, a staggering amount even by venture capital standards and the biggest investment that Accel has ever made in a North American company. Tenable accounted for nearly one-third of all venture investments in Maryland companies in the third quarter.
"Tenable is incredibly under the radar," said John Locke, a vice president with Accel. "They're one of the more attractive enterprise software companies that we've ever seen, and we're talking to tens of thousands of companies every year."
Tenable has quietly built a booming business selling network security products and services to the U.S. government and companies around the world. It's profitable. It has thousands of clients. And it's in an enviable market: Government and private companies, which use the Internet for communications and e-commerce, are willing to pay top dollar for round-the-clock security.
The market for vulnerability management software and services is growing steadily. Worldwide revenues in the sector were $3.4 billion in 2010, according to IDC Research, which expects revenues to exceed $5.7 billion by 2015.
"There's a real opportunity for companies," said John Slye, a federal industry research analyst with GovWin, a Herndon, Va.-based market intelligence and software company. "We're not just looking at what the government is spending. We're trying to get to what is in play for the rest of the addressable market."
Accel sees Tenable as poised to dominate that market. Its investment in Tenable was five times more than its original Facebook stake. And the firm wished it could have invested more for a bigger stake, but Tenable wasn't offering more, according to Accel's Locke.
Accel offered the $50 million infusion at an undisclosed valuation of the company.
Accel became a minority partner in the business, while Tenable got a large infusion of capital that it plans to use for hiring and expanding in the next two to three years.
Tenable didn't need Accel's money, but took it to grow more quickly and develop more security products, according to Ron Gula, Tenable's CEO. Prior to the Accel money, Tenable's only outside source of investment came from the Maryland Department of Business and Economic Development, which gave the company $100,000 shortly after its founding.
Gula said the company paid that money back years ago to DBED, which in recent years has heavily promoted the state as a hub for cybersecurity companies.
If the company needs more money to grow, an IPO might be in its future, Gula said.
"Network security is a big problem and it's gotten a lot more complex over the last three years," said Gula, noting the widespread use of smartphones and Internet applications that now run in the "cloud."
Tenable was founded by three computer experts. Gula, a former information security expert at the National Security Agency at Fort Meade, used to run so-called "penetration tests" at the agency, where he probed government networks and tried to find vulnerabilities.
He partnered with Renaud Deraison, a Frenchman who built a tool called Nessus, known as a "vulnerability scanner" that can check computer networks for weak spots. Rounding out the team was a third co-founder, Jack Huffard, who has years of experience in the network security industry and is Tenable's president and chief operating officer.
The trio launched the company in 2002. In the lingo of startup entrepreneurs, they "boot-strapped" the company with their own money. But, unlike many startups, they started making money almost immediately. They quickly turned a profit and have steadily grown every year, now employing 200 people, 130 in Columbia.
In the past three years, the company's sales have grown 260 percent, Gula said. Since the firm is private, it doesn't disclose revenue or profit, he said.
Tenable is targeting the "vulnerability management" market, which analysts believe to be growing. Network security has evolved over the last decade, as a wide range of companies have developed tools that help firms detect and prevent intruders on a computer network.