Insight's "Growth Gurus" interview series showcases inspiring leaders from our portfolio of ScaleUp software and internet companies. In this episode, Bradford Jones and Thomas Krane from Insight Partners spoke with Darren Guccione, CEO & Co-Founder of Keeper Security.
How did you get your start in business?
I started off my business career pursuing engineering. After graduating from the University of Illinois at Urbana-Champaign, I took a job with Bell Sports while living in Asia for a few years. When I came back to the US, I went back to business school at DePaul University. They had a newer program, which was a combination of an MBA with a Master’s in Finance. After graduation, a gentleman that I had been a golf caddy for offered me a job at his firm doing mergers and acquisitions for two and a half years.
When I left that company, the internet boom was proliferating, and I met Craig Lurey who today is our CTO and Co-Founder. Craig had just left Motorola to build the first ASP platform for buying and selling computer products over the internet. I thought that project was groundbreaking, so I joined him as a CFO and shareholder before we were acquired by CNET Networks. That ultimately, resulted in the creation of technology, which I called mobile conferencing. And that was what we called Callpod mobile conferencing technology, which gave mobile devices, the ability to multiplex the audio and send the signal to multiple wireless headsets. So, if there were five of us standing in a remote environment, we could all pair up those headsets and conduct a mobile conference.
That led to the birth of Callpod. Callpod then proliferated over the next two and a half years. And ultimately, when the recession hit, that was sort of an aha moment to pivot and create Keeper Security as a wholly-owned sub, we exited, that hardware business. And today we are a cybersecurity business.
What inspired you and Craig to build a password manager and cybersecurity platform?
In 2008, Craig and I were on a long flight back from China and Apple had published their first software development kit for the iPhone. Craig was in the seat next to me tinkering around with it and building a little application that stores notes, codes, and lists. I looked at it and started to do some research on digital vaulting. At the time, there were products out there, like LastPass, RoboForm, and a few others but they were really focused on the desktop in the browser. Although, no one was creating a digital vault for storing login credentials and other metadata on a mobile device. By the time we returned from our trip, the first version of Keeper was done.
In 2009, we launched as a free mobile application and it began to get traction, so we decided to invest in the business. After we launched on mobile, we moved to desktop and web, and then ultimately became a full platform and device-wide solution. We began monetizing that product on a subscription plan in September 2010 and then subsequently incorporated it as a wholly-owned subsidiary. It was called Keeper Security, Inc.
With now over 1 million customers, Keeper's experiencing rapid growth. How would you describe the journey from startup to ScaleUp?
My mindset hasn't changed. We have always focused on the platform, the product, and processes to flatten the hierarchy. What we try to do is flatten that out as much as we possibly can to make it a collaborative, immersive, cohesive, and efficient culture, so that we can all integrate and develop core product services. Then, of course, sales and marketing to go with that.
As you get bigger, it is more difficult to do that. It is easier to do that when you're 30 people, as opposed to having 300 people. We work really hard as we continue to scale. We always want to maintain that entrepreneurial, more refined spirit. Those are the key challenges that we face. You hit these inflection points; $40, $50 million of revenue, to multi-hundred million dollars of revenue, you have to make operational changes. You have to close certain gaps. You have to do less of what you did before. When we were 30 people, I was the CEO. I'm a CPA. So, I was quasi CFO. I built our models. I even did tax returns in the early years. I developed our products with Craig. Originally, Craig was the one that built all of the products. He coded everything across all of our platforms. Android, iOS, Mac, PC, Linux. That's not sustainable at scale. You need to make sure that you hire the very best people in each of their respective roles. Then when you empower them with the responsibilities, you get out of their way and let them do their thing. I think that those were really the main challenges around scaling and the inflection points and how to address those.
What cyber trends are you paying close attention to relative to? Has COVID impacted any of those trends, either positively or negatively?
Absolutely. I always say that identity access management is the nucleus of any cybersecurity strategy. According to Verizon's study and several others, 80% of data breaches are a result of weak password security. The core of cybersecurity that focuses on this problem is identity and access management.
Let’s think about it as a wheel. It's like spokes on a wheel. It's not, it's not a silver bullet to solve. It's a multi-pronged solution. So, you have EPM, which is what Keeper is, that's an enterprise password management. We think that convergence and the unification of certain core features of different identity and access management products in a singular platform is the future. I would say the customers are looking for key things with any framework or a platform that can help mitigate the risk for passwords, security weaknesses, and also give them greater visibility over their password security and hygiene throughout an organization. This is really the focus of what Keepers doing, and these are the things that help shape our roadmap. For confidentiality, we don't disclose our roadmap, but generally speaking, we have a very good read on what we believe the market has been requesting, where their pain points are, and where we think the hockey puck is going to be, a year, 18 months, two years from now.
With respect to COVID, COVID has been a catalytic event for us. When these organizations went to distributed remote work environments, two things drove the need for enterprise password management, more than ever before. I would say exponentially, this is such a huge problem. You have number one, a proliferation of enterprise cloud. More companies, whether you have Soho as SMBs, mid-market enterprise, government, and even non-for-profit, are migrating to cloud-based applications. When you migrate to cloud-based applications, you have more login credentials to transact with daily and you also have more metadata to protect. So that's number one. Number two, you then have a greater number of endpoints because you distributed remote work. There's a greater number of endpoints that cybercriminals are going to try to attack. That leads to the number of additional devices that need a product like Keeper running on them.
We have found that this has really been a blessing for us. The pandemic started to proliferate and get intense right around March. We paused our recruiting and waited to see what happened in March and April. To our surprise, we saw deals push things out as they had to move off prem, but the SMBs needed immediate help. We were there for them in a big way. We've seen that trend continue. Now the mid-market enterprise has seated. We now live in a new reality with respect to remote work and it has really been great for us.
What ultimately led you to fundraise? What qualities were looking for in an investor?
Before we met Insight five years ago, our goal was to build the best and the biggest company in the industry and build a meaningful business that could serve millions of corporate customers and tens of millions of consumer customers. To make that happen, it became abundantly clear that we needed a strategic partner.
The reason for raising capital was not so much because of money. That was secondary. It was all about the ability to build intellectual capital, build the networks. I'm not talking about computer networks, but the networks that the world-class venture and private equity funds have to help scale an organization, to help optimize the way that a company runs, to help with recruiting, to help open up new doors and relationships, both in the public and private sector.
In order for us to reach that goal over a short number of years, we decided to fundraise. We made a very clear choice that we're only going to talk to the best. The best, we believe, has a passion for what we're building. You can't have the same passion as the founders, but when you're excited about what we're building, and you have an appreciation for it. The investor needed to also have very strong expertise and experience. In cybersecurity, it is a pervasive industry, but as we all know, it is somewhat niche, meaning that there's not a tremendous amount of vendors in it. You may have a few hundred key vendors that create solutions for the entire world. The potency of each of these vendors is astronomical. And therefore, the investor, the partner that you select to work with is of paramount importance. For us, it was all about the non-cognitive attributes, and the non-financial attributes as the key factor in selecting Insight. Number two, of course, was the mechanics behind fundraising and making sure that we have enough capital to execute our strategic plans.
We love working in depth and in detail with every member of the Insight team and its Onsite Centers of Excellence. Onsite and the amazing group of operators were one of the unique factors that made Keeper gravitate towards Insight. It’s great to have 75 consultants and operators come together and say, “Okay, well here's how you handle best practices for marketing, here's how you do ABX, and here's the best way to structure this.” It has been a lot of fun and we are loving it. So, thanks again.