Blocking Bad Actors and Bringing Business Resilience and Continuity to Clients

HYAS INFOSEC — Leader in cybersecurity solutions –

Canadian cybersecurity solutions provider, HYAS Infosec, is a world-leading authority on cyber adversary infrastructure and communication to that infrastructure. HYAS is dedicated to protecting organizations and solving intelligence problems through detection of adversary infrastructure and anomalous communication patterns. HYAS helps businesses see more, do more, and understand more in real time about the nature of the threats they face. HYAS turns meta-data into actionable threat intelligence, actual adversary visibility, and protective DNS that renders malware inoperable.

David Ratner

An interview with HYAS Infosec CEO David Ratner

Tell us about HYAS and how your vision is a little different to others in your space.

HYAS was founded on Vancouver Island and is a Canadian company, with employees across North America. Most of cybersecurity today focuses on how to keep bad actors out and the question: do you have a business resiliency strategy?

That may have been the world we were in 15 years ago, but it’s not the world we’re in today. It’s almost impossible to stop a supply chain attack. It’s almost impossible to prevent insider risk. It is, by definition, impossible to prevent a zero-day attack.

The reality is most of the industry is focused on this cat-and-mouse game of “how do I prevent this attack or that attack?” However, the world is moving more towards a focus on business resiliency and business continuity in addition to pure prevention.

HYAS exists because we wanted to take a different approach on how to drive both resiliency and continuity. Regardless of how or where a bad actor gets into an environment — HYAS can identify the attack, and then very quickly let you drive the time from infection to remediation and cleanup down as close to zero as possible. No matter whether the bad actor uses malware or a malware-less attack, they still need to beacon out to adversary infrastructure for instructions. As the expert in adversary infrastructure, HYAS is in a unique position to help organizations ensure a true business resiliency program. We assist clients to get proactive against all the different threats that they are facing today, as well as the kinds of threats they’re going to face in the future.

Additionally, one of the important aspects of HYAS’s vision is how we build our products. HYAS is focused on building products that are easy to deploy, easy to manage, work independently yet work better together with the rest of a client’s security stack. Everything is SaaS, so deployment is incredibly fast and easy – one client deployed Protective DNS across over twenty-three thousand endpoints in under thirty minutes. Everything is also API-forward, meaning that it not only integrates with the component-of-yourchoice in an organization’s security stack and doesn’t require a “rip-and-replace” strategy, but also ensures that it is futureproof to continue to deliver value as the individual components of the stack, or even the entire solution architecture, changes. HYAS not only delivers unique value but improves the efficacy of the solutions an organization has already deployed, enhancing their value and extending their life. In this way the investment that one makes with HYAS today continues to be valuable in the future. HYAS solutions are designed to adapt to each client’s architecture; we don’t force clients to change their architecture to utilize our solutions. That flexibility allows HYAS to quickly and easily make sure that our solutions work in a variety of different client environments.

One other thing that makes HYAS unique is we understand the importance of inclusivity and diversity. We’ve made it a core value. Over 25% of our company is comprised of women and a larger percentage of our department leaders and individual leaders are women as well. I think this is really important for a small technology company with just under 45 employees across North America. Having diversity of thought and diversity of experience is how you end up with the best solutions for the market.

What is the company’s core offering and how is it differentiated from what is already available?

We have a threat intelligence solution (HYAS Insight) and a Protective DNS solution (HYAS Protect). There are many different products out there for both threat intelligence and protective DNS and at the end of the day, both come down to the core differentiation of using unique data to drive unique outcomes and decisions.

The best decisions are made by having the best data. M12 led our Series A because they looked at our company and said HYAS has data other people don’t have. They rightly assumed that we must be able to drive outcomes that other companies can’t do because of that data. And it is exactly that unique aspect of bespoke data that HYAS has that allows our clients to make decisions, drive outcomes, and do things with levels of efficacy that competitors simply cannot replicate.

HYAS collects a combination of exclusive, private, and open source and commercial data. Part of the intellectual property and uniqueness is the data sources that we have, and how all that data is collected and combined into a graph database. This graph database enables the linkages and correlations between data sets so that HYAS can understand and map what has happened, to what is happening, to what will happen.

We know, without investors, innovative ideas do not come to fruition. Are there any notable investors or VCs you would like to acknowledge?

There are three different investors that I will specifically call out. First, the company would not have started without the funding and support of Wesley Clover, a Canadian family office founded by Sir Terry Matthews. Owen Matthews led the initial investment and set HYAS on its path. Second, HYAS would not have accelerated without the Series A investment from M12. And, last but not least, I want to praise the operational excellence and support from S3 Ventures who led the Series B. All three of these investors have been critical in support of HYAS’ growth and have been visionaries in terms of where HYAS can go. Of course, we’ve had the support of others as well, such as Startup Capital Ventures and Wild Basin, among other specific individual investors.

True business resiliency can only be achieved when solutions are in place to rapidly identify both known and unknown anomalies, to ensure that even attacks via new techniques get quickly shut down, and that organizations can understand the nature of the threats that they are facing.

You recently completed a funding round. Why raise now?

Our most recent round primarily went into the continued operations and the expansion of sales, go-to-market, and R&D. For example, in 2023 we officially launched the HYAS Onpoint Partner Program to ensure that our partners (OEM partners, VARS, MSSPs, and MSPs) have the tools, information, and resources they need to get up to speed with HYAS products very rapidly, bring the products to market in a variety of different geographies, and be effective in driving positive outcomes.

On the R&D side, we recently had our Protective DNS solution (HYAS Protect) go through third-party efficacy testing by AV-TEST in Germany; their report (available on their website) proved that HYAS’s approach to protective DNS is the most effective one on the planet today — and we’re continuing to iterate with new releases and improvements. We’ve even done groundbreaking research into the impact that AI will have on malware in the future so that our solution can lead the way in defending against tomorrow’s threats as well.

All told, the money spent on both go-to-market and R&D has generated significant results in the market, evidenced by examples such as the eight “Hot Company” awards we won at RSA across a variety of categories, our inclusion in the 2023 Cybertech 100 list, a Fortress Cybersecurity award, and the awards that we’ll announce over the second half of the year.

What does HYAS technology mean for the enterprise?

When we talk to CISOs, security leaders, and C-suite executives — as they look at their network, organization, and their environment — number one, they’re worried. They’re worried about what’s happening inside their environment that they don’t know about but should. They’re concerned about the dramatic changes that have happened over the past few years across the overall attack surface, and what that will look like over the next few years. Often, they may not even know how many of their employees are remote, where they are working from, what cloud services they are or aren’t using, what new cloud services have recently been added into their environment and what infrastructure should be deprecated but hasn’t been. In some cases, they may not even know how many different clouds and cloud-services the organization is utilizing.

And so, fundamentally, executives are asking, “How do I have the confidence to move my business forward…independent of what new cloud service we’re going to use next, independent of how the employees’ working model changes going forward, independent of what resources exist today in production environment, in the corporate IT environment, what the employees are doing with those resources and what risks or new threats all of this exposes the organization to?”

What HYAS provides these leaders is the visibility to understand what’s happening in their environment and on their network, in real time, so that no matter what changes, and no matter where or how a bad actor tries to break in, they can be confident that they can see the breach, identify the infection, and shut it down before it escalates and affects business outcomes. HYAS allows them to confidently report to their board, their CEO, and their stakeholders. True business resiliency can only be achieved when solutions are in place to rapidly identify both known and unknown anomalies, to ensure that even attacks via new techniques get quickly shut down, and that organizations can understand the nature of the threats that they are facing today and tomorrow. HYAS provides them for business resiliency, business continuity, and peace of mind.

Financially, how is HYAS doing?

We anticipate that before the end of 2023, HYAS will be generating double digit Annual Recurring Revenue (ARR) as measured in U.S. dollars. From a gross margin perspective, our gross margin steadily increases with each new client that becomes part of the HYAS family and each new incremental dollar of top-line revenue. In this way, our company gross margin steadily increased over 2022 and 2023, and we expect it to continue to grow as we head into 2024.

What’s the client profile?

There are over 50 clients and organizations utilizing HYAS solutions today worldwide, with the biggest geographic concentrations being in North America, Australia, and Europe. Our customer base spans all different aspects of critical infrastructure, whether that’s financial services, healthcare, IT, telecom, oil and gas, energy, and others.

Who are your main competitors?

HYAS has two main focus areas today, and different competitors in each. Our first product HYAS Insight is a threat and fraud intelligence solution, and our protective DNS solutions are HYAS Protect for the corporate or IT network and HYAS Confront for the production or OT network.

In the threat intelligence space, our biggest competitor is a company called Domain Tools, but interestingly enough, there are actually a number of clients that purchase both Domain Tools and HYAS. The reality is that Domain Tools and HYAS are focused on slightly different use cases, and therefore, excel in different areas.

On the protective DNS side, it’s a set of competitors like Cisco Umbrella (via their acquisition of Open DNS), DNS Filter, Akamai, Infoblox, and firms that include Protective DNS into their firewall. However, as mentioned earlier, independent thirdparty testing has definitively shown that HYAS has the most effective solution on the planet, both in the highest level of efficacy as well as the lowest false-positive rate — and not just a small 10% or 20% better but by significant, meaningful amounts. Since HYAS has a fundamentally different approach, with unique data, we’re able to deliver fundamentally and uniquely better results.

What are the major challenges you see the cybersecurity industry facing?

One of the biggest problems with cybersecurity, historically, has been how many different solutions there are that attempt to catch things at the four walls of an organization — focused on blocking attacks before they break in — and the lack of solutions that provide internal visibility to understand what is happening inside the environment. The reality of today’s world is that, unfortunately, if a bad actor wants to break in, they will. Everyone will be breached at one point or another. One of the key areas where HYAS is focused is ensuring that organizations have the
visibility and observability required to identify any and all anomalous communication activity, such activity typically being the first signal that a breach has occurred and is attempting to communicate with command-and-control for instructions.

A related challenge is that much of the industry has been reactive in nature and has been focused on preventing attacks and addressing techniques that happened in the past. When bad actors create new mechanisms to bypass EDR solutions, and new techniques to break in, the industry reacts with ways to plug that particular hole. But the reality, and the biggest challenge we’re faced with today as an industry, is that the bad actors are very well-organized and very well-funded. They are innovating and identifying new ways to break in faster than much of the industry is identifying ways to stop them. Approaches that focus on playing the catand-mouse game are fundamentally never going to succeed.

As an industry we are not innovating as quickly as the bad actors are. Rather than looking at each new attack and technique and trying to stop them individually, we need to look at the problem space differently. HYAS is focused specifically on being the expert in adversary infrastructure to do something different, deliver unique solutions that drive true business outcomes and results, and fundamentally change the entire approach.

The reality, and the biggest challenge we’re faced with today as an industry, is that the bad actors are very well organized and very well-funded.

AI is top of mind right now. What insights can you share?

When we talk about AI, we’re more focused on where AI is taking the future of malware and the future of cybersecurity. Earlier in 2023, we published the first in a series around AI and polymorphic malware in a proof-of-concept called Black Mamba. Today, HYAS has the most effective protective DNS solution on the planet — by doing advanced research into where AI is taking malware, our goal is to make sure that we continue to maintain that top spot by being able to defend against AI-based malware and attacks in the future.

Can you share any corporate milestones or news?

The first piece of overall corporate news that should be highlighted is the sheer number of awards that HYAS has won. HYAS won eight different “hot company” awards at RSA which is incredibly unusual and very telling about what HYAS is doing and where HYAS is going. I expect to announce others in the second half of this year.

Second, is the publication of the thirdparty AV-TEST report on our Protective DNS solution. AV-TEST is a prestigious organization in Germany that has tested a variety of solutions including Cisco, Palo Alto, Infoblox, Akamai, and others. They did an independent validation of HYAS Protect and concluded that HYAS Protect is the most effective Protective DNS solution on the planet today.

Lastly from a content perspective, we have a blog and white paper around the future of AI-based polymorphic malware called Black Mamba. It generated significant interest and attention in the market, and I expect that we’ll have other follow-on announcements as we focus on making sure that we lead the way in defensive techniques not just today but tomorrow as well.

In terms of features, we continue to drive full forward with an innovative roadmap focused on making sure that our clients have the capabilities they require to drive unique outcomes and key results. We released new features across both our threat-intelligence HYAS Insight product and our Protective DNS product HYAS Protect earlier this year, to significant accolades from our clients and the market. We even released a free personal solution for cyber security professionals called HYAS Protect At Home, and a well-known blog called IT Nerd wrote a whole write-up on it, summarized with the sentence “If the home product is this good, imagine how good the enterprise product must be.” We continue to push the envelope on what features the market, and our clients require to stay at the forefront of proactive and next-generation cyber security.

At the end of the day … why HYAS?

What attracts clients, partners, and investors to HYAS? First and foremost, it’s the level of efficacy and the unique visibility and data that HYAS surfaces to drive real business value. Multiple clients have specifically told me that they solved key problems or learned critically important and previously unknown information about their network, their environment, and their risks and threats, as a direct outcome from HYAS solutions.

But more than that — I’ve been in and out of startups my entire career, and our experienced leadership team has as well. I’ve never seen a startup that can claim the kinds of clients and partners that HYAS has today. Three of the Fortune Five today use HYAS, two of the top three social networks use HYAS, one of the credit card companies whose card is in everybody’s wallet uses HYAS. When we talk about all these different kinds of financial institutions, healthcare companies, and critical infrastructure organizations that use HYAS, it’s a literal collection of “who’s who” name brands. Investors, partners, and prospective clients see this, recognize this, and immediately jump to the question “wow, why do all those people use HYAS…I should find out more.” There is something very, very unique in this company that has the ability to affect dramatic change. We’re not focused on blocking yesterday’s attacks; we’re focused on driving true business resiliency and business continuity. That’s the “why HYAS.”