ThreatMetrix Picks Up $18 Million To Expand Its Fight Against Cybercrime

---

The world of data breaches and other malicious online acts are on the rise — with some $2 trillion lost to IT thefts and other cybercrimes annually, according to research from Goldman Sachs — so we will continue to see a focus on companies that try to combat these threats. One case in point: today, ThreatMetrix, a provider of cybercrime prevention solutions, says that it has raised $18 million to continue to expand its business.

The Series D round was led by August Capital, with existing investors Tenaya Capital, US Venture Partners and CM Capital also participating.

To date, ThreatMetrix has seen some signficant sales growth — 300 percent year-on-year — which speaks not just to the company’s own product and business development — that includes the December 2011 acquisition of security company TrustDefender — but also the big rise in cybercrime and the fact that online companies are scrambling to plug their holes.

Verizon last week released a huge report on the subject. It found that last year, 2011, was the second-highest ever recorded for data breaches. While cyber criminals accounted for the vast majority of financial breaches — either in the form of stealing card data or other financial details; or in the form of taking other details that were then sold on to others — hacktivists acting for political or social motives actually accounted for more activity, at 58 percent of all attacks.

CEO Reed Taussig says the two areas that have “pretty much infinite demand right now” are the areas of banking/financial services and device authentication. He calls demand for their services in these two areas “explosive”. On the enterprise side, it’s all about the consumerization trend: more people looking to use their own devices at work.

In the case of financial services, it has to do with the rising amount of fraud on networks and more sophisticated ways of targeting them; wire fraud, as one example, has grown by 300 percent over the last year.

Because financial services and e-commerce companies tend to have better protection in place, Taussig says that only between three and five percent of their transactions are fraudulent; but given the volumes of money exchanged that can work out to significant sums of money.

Social networking, Taussig points out, can have fraud rates — that is, data getting picked up and mis-used elsewhere — of as high as 20 percent. And sites that rely on affiliate marketing, he says, are “off the charts for fraud.”

ThreatMetrix currently has 700 large customers worldwide covering 5,000 web sites and some 1 billion devices across the network.

ThreatMetrix says that it will use the funding to continue to expand its business specifically in the areas of e-commerce, financial services and enterprises. In the latter area, it focuses its efforts around device management and the increasing frequency of employees bringing their own devices in to the workplace.

It will also look to grow its international business, a segment that already accounts for 40 percent of ThreatMetrix’s revenues, says Taussig.

The total amount raised to date by the company is now $42 million. Taussig notes that in this last round, $8 million of the total sum is being used to retire one of its investors, TDP. “They had a fund that expired and so we were able to realize a good profit on their shares,” Taussig said.

As part of the deal, August Capital general partner Vivek Mehra will join the board of ThreatMetrix. August has a strong track record of past investments that have included Atheros, Microsoft, Postini, Sun, Symantec, Seagate and Skype.

A Peek Inside Dropbox’s Company-Wide Hack Week At Its Big New SF Offices

---

From the outside, Dropbox looks occupied with launches these days. It came out with a big redesign this month, then followed up quickly with a new way to share files with Facebook friends. But the company is busy with a lot of internal growth, too. It recently moved into big new offices down the street from us in the tech-heavy SOMA district of San Francisco, and has been busy hiring elite engineers (or buying them, like it did with the recent acquisition of Cove).

It also has the added challenge of bonding the team together in the middle of the action, trying to maintain its startup culture. So it took the idea of a hackathon — usually a 24-hour event where developers compete to build small projects — and turned it into a full week in early March. The exhausting contest and associated recreational activities (“Dropbox Jeopardy” and such) are captured in detail by Eric Chang in the classy video above.

Most of it is focused on the efforts of two engineers who work on a Harry Potter-inspired “Marauder’s Map” of the new office, using Wi-Fi signals to figure out the locations of people and their laptops. It’s a clever way to show new employees around — and the video is the first look the world is getting at the new location.

But you’ll also see some of the other hacks show up. There was a password strength meter that warns users about tricks that might leave them hacked, a tool that warns developers where bugs are likely to show up as they’re writing code… and funner ones like a cartoon mural of employees, and a rap song.

The music, by the way, is “We Will Learn” by Beat Culture, “Adrift (Shigeto’s Adrift A Dream Remix)” by Tycho.

Zoho Debuts New Android, iOS Apps At Zoholics User Conference

---

The team behind web-based productivity suite Zoho is in the middle of hosting their Zoholics user conference in San Francisco, and in between all the panels and presentations, they’ve taken the opportunity to talk a bit about their plans in the mobile space.

“Mobile is going to be one of the most important focus areas for the company this year,” said Zoho evangelist Raju Vegesna. Their approach, it would seem, is to further expand their presence in the mobile space, and they’ve already begun by pulling back the curtains on a handful of new mobile apps.

Despite being the most widely-used smartphone OS in the country, Android hasn’t historically received much Zoho love. To date, there has been only one Zoho app in the Google Play Store, but Zoho has just bolstered their Android lineup with two new additions — Zoho Docs and Zoho CRM. The Zoho Docs app allows users to upload and share (but not edit) documents with coworkers and team members, while Zoho CRM provides users read/write access to their full vault of customer information, accounts, leads, and more.

Zoho also comes bearing good news for users of their online project management service, as they’ve unveiled a new Projects app. Previously, users on-the-go had to rely on the company’s mobile website, but users can now use the native app to create/manage tasks, monitor time spent, and jot down/record notes to keep all team members on the same page.

Zoho CRM is already live in the Google Play Store with Zoho Docs to join it any time now, but the iOS Projects app is still in submission limbo pending Apple’s approval. The apps themselves can all be had for the low, low price of free… though there’s a bit of a catch involved. See, the apps themselves don’t cost anything, but they can only be used with a $3/month mobile subscription.

Mobile Banking Consolidation: Monitise Buys Clairmail For $173 Million

---

One more sign of the mobile money space continuing to grow up: some significant consolidation underway. Today, the UK-based mobile banking specialists Monitise announced that it is buying Clairmail, a U.S.-based competitor, for $173 million, as part of its global expansion.

The combined group says it will serve 13 million customers world-wide processing some $10 billion of payments weekly, and will give Monitise a much bigger and direct presence in the North American market: one-third of the top 50 U.S. financial institutions are now clients of the group.

Monitise and Clairmail both focus on an “infrastructure” play around mobile banking and mobile payments. Their main business is in providing the backend to let banks and other financial institutions offer mobile banking, payment and shopping services to its customers.

Alastair Lukies, Monitise Group CEO, tells me that Monitise is not actively looking for further acquisitions but that, “if opportunities come along, we will take them seriously.”

As mobile banking and mobile money services continue to mature (and see many new entrants enter the game, from PayPal to Square and so many more), it’s inevitable to see consolidation in the space to further the global reach of such services.

But Lukies says he believes that there is much more room for smaller companies and innovation at the “edges” of mobile payments systems — that is, those that touch consumers — than there is among the infrastructure players like Monitise, which are likely to continue scaling up.

He says that for now Monitise is not interested in acquiring those smaller companies: “We are not into the piloting and the bleeding edge stuff,” he says.

The link-up between Clairmail and Monitise will not only give the two companies a bigger geographical reach, but will also give customers of the companies access to providing banking services on a much wider international scale.

“This deal is transformational for our customers, our team, our shareholders and our company. It is a compelling combination and great news for all those wanting to offer bank-grade mobile money services to billions of consumers, not only in the US but worldwide,” commented Alastair Lukies, Monitise Group CEO, in a statement.

That is also furthered by Monitise’s existing strategic relationships with payments giants Visa Inc. and FIS. (Visa, of course, has been making other big investments into how it can best leverage the development of mobile money services, from partnerships with operators to acquisitions, such as its purchase of Fundamo last year.)

Pete Daffern, the CEO of Clairmail, will continue on as the head of Clairmail within the combined  company and will also join the group executive board.

Full statement below:

Clairmail to be Acquired by Monitise

Acquisition Unites Mobile Money Leaders to Power a New Generation of Global Financial Institutions and Consumers Through a Comprehensive Set of Mobile Banking, Payment and Commerce Solutions

SAN RAFAEL, CA–(Marketwire – Mar 26, 2012) – Clairmail, Inc., a leading North American mobile banking and payments provider, today announced that it has entered into a definitive acquisition agreement with Monitise plc (LSE: MONI.L), the technology and services company delivering mobile money networks worldwide. Monitise will acquire Clairmail for $173 million, pending regulatory and shareholder approvals.

Through the acquisition, Monitise will further enhance its position as the global leader in the fast expanding market for mobile money, spanning banking, payments and commerce.

The combined entity will encompass 13 million registered consumers across four continents. Clairmail and Monitise process billions of transactions a year and more than $10 billion of payments and transfers on a current weekly annualized basis.

On completion of the acquisition, the combined businesses will provide mobile money services to the widest possible range of financial institutions in the US. A third of the top 50 North American financial institutions (including 8 of the top 13) have chosen the companies’ services alongside hundreds of smaller and medium sized financial institutions customers.

“Clairmail is an undisputed mobile banking leader with a strong roster of financial institutions of all sizes, having been chosen by more than a third of the top 50 North American banks to provide innovative mobile solutions to their customers,” said Alastair Lukies, Monitise Group CEO. “Clairmail shares Monitise’s customer-centric approach and dedication to bringing the best possible mobile experience and technology through constant innovation and a focus on delivering bank-grade mobile services to their customers. This deal is transformational for our customers, our team, our shareholders and our company. It is a compelling combination and great news for all those wanting to offer bank-grade mobile money services to billions of consumers, not only in the US but worldwide.”

The acquisition further enhances Monitise’s mobile money reach into North America through Clairmail’s direct sales channel and deep relationships with leading financial institutions. For Clairmail, the acquisition brings the potential to expand the company’s award-winning mobile banking technology to new customers across new markets. The acquisition provides a step change in growth potential for Monitise through direct sales in the US driven by Clairmail’s mobile banking team and expertise. This, combined with Monitise’s existing and unmatched strategic partnerships with Visa Inc. and FIS, provides the enlarged group with a leading position in the US and three commanding routes to market.

New and current customers of both companies will benefit from the balanced deployment models of on-premise and hosted mobile banking, payments and commerce products, providing a variety of options in the deployment and customization process. The suite of Clairmail products will be maintained and enhanced with both companies enriching each other’s mobile offerings.

“This acquisition validates the vision behind both companies’ strategies in the exploding mobile money market where Monitise has established a clear global leadership position,” said Pete Daffern, Clairmail CEO. “Both companies have incredible synergy and are dedicated to offering bank-grade services that empower consumers to bank, pay and shop across any mobile device. I could not be more proud of the Clairmail team and its accomplishments since founding in 2004, and look forward to working with the seasoned team behind Monitise to continue innovating and pushing the boundaries of mobile banking, payments and commerce worldwide.”

Pete Daffern will remain in his role as Head of the Clairmail business and will also join the Group Executive Board of Monitise, bringing his substantial experience and expertise to bear across the Group growth strategy.

Why IT Professionals Aren’t Monogamous

---

Editor’s Note: Alexander Haislip is a marketing executive with cloud-based server automation startup ScaleXtreme and the author of Essentials of Venture Capital. Follow him on Twitter @ahaislip.

Pity the enterprise software conglomerate, its salespeople abandoned at the altar, its customers fleeing from committed relationships. Shed a tear for the server maker, no longer able to lock-in long-term sales, support and service engagements. Their customers are cheating on them with sexy new startups.

Today’s IT professionals are veritable libertines, swapping services and systems around like priapismic satyrs at a techno-bacchanal. What’s worse: management condones this kind of behavior by pouring even more money into IT budgets.

I blame easy-on SaaS-ified software, give-it-away mobile apps and no-commitment cloud infrastructure. They’ve seduced IT professionals with their breezy bohemian attitudes. They’ve undercut the high moral fiber that the established enterprise vendors have long embodied vis-à-vis mutual commitment  and connubial sales agreements.

Aspersions, I cast them:

Software-as-a-Service

We’re fortunate that this nasty bit of business hasn’t penetrated every aspect of enterprise IT. Its lascivious invitation to IT professionals simply could not be more direct: “pay-as-you-go.” How such a slatternly proposition goes unchecked by the authorities, I know not.

And the companies engaged in Software-as-a-Service do so without the proper courtship rituals of a well-trained enterprise sales team. It used to be accepted that IT professionals could expect months of meetings, calls and presentations before getting down to business. Yet these Software-as-a-Service companies fully embrace the concept of Quicumque vult, conducting their business with whomsoever should encounter their website.

And the awful acronymization! Oh, how they do pronounce it. “SaaS.” As though referring to an unmentionable anatomic. Insouciant connotations might have been nipped in the bud by simply rhyming the acronym with “face” or “bouillabaisse.” Surely a cunning linguist might have avoided such a gouache double entendre. Meditate on that, Mr. Benioff!

Mobile Apps

“Why buy the suite when you can get the app for free?” I found myself mortified upon overhearing this utterance escape the lips of a technology executive. But this is the reality of the modern situation.

App-makers run rantipole throughout the tech industry, offering quick and easy access to functionality previously reserved for serious software suites. These houri slyphs, by denting their relationship with the wireless carriers, entice users with an experience delivered “right to the palm of their hand,” as though enjoining them to some sort of digital onanism.

Cloud Computing

When you buy a server, you make a commitment to have and to hold that machine until death do you part. How is that not clear?

I blame virtualization vendors for encouraging people to think of “instances.” It is one thing to keep these dalliances confined within the enterprise, where they may be embraced as a healthy form of digital role-playing. I’m told that there are even illustrated examples of setting up virtualization scenarios such as the “eager applicant” and “naughty nurse,” in that excellent reference book The Joy of Server Administration.

But to extend virtualization to a shared computing infrastructure where servers are swapped around willy-nilly just isn’t right. It’s a digital version of the Kerista Commune, a constant key party of computing.

A Public Confession

I abhor the moral decline in information technology driven by these new movements. I have seen first-hand how they destroy committed, long-term relationships between enterprise software conglomerates and their customers. Sure, there were rocky moments between the betrothed—the service pack, the bug fixes, the integration and training consulting—but leaving was never an option under the old agreement. When you tied the knot with a vendor, you couldn’t just unwind it.

Yet times change.

I’m not proud of it, but I have contributed to the decline. My company’s server automation products are delivered as a service and available online. Our mobile app is free to use—even in public. And worst of all, we empower IT professionals to try cloud computing for the first time. I blush just to think of it.

I know what we’re doing entices IT professionals; good people who have already promised their budgets to legacy software conglomerates. I don’t want them to abandon their long-standing commitments, even if their love has cooled. I just want to make our customers happy. Is that so wrong?

At least we’re honest about who we are. It’s not an “A,” but our logo does feature a scarlet letter.

The Megabreach Is Back: Hacktivists To Blame For 58 Percent Of Stolen Data In 2011, Says Verizon Study

---

Move over organized cybercriminals, the new gangs in town don’t want our money, but they want to make a point, and they’re going to do whatever it takes to make sure we listen. The annual Data Breach Investigations Report (embedded below this post) from Verizon and major security agencies has found that hacktivism from the likes of Anonymous accounted for 58 percent of all data stolen online in 2012 — a contrast with years past, when organized crime groups were the main culprits.

And, as is the way with hacktivists, they work on large volumes of records rather than multiple, targeted opportunities: “The megabreach is back,” said Chris Porter, principal on the Risk team at Verizon.

In an investigation that also involved United States Secret Service, the Dutch National High Tech Crime Unit, the Australian Federal Police, the Irish Reporting & Information Security Service and the Police Central e-Crime Unit of the London Metropolitan Police, Verizon found that 2011 was the second-highest year for data loss that it has recorded, since it stated the annual investigation in 2004. In all, it analysed 855 data breaches covering 174 million stolen records and 100 million users.

One notable point is that while organized criminals will use the data for financial gain, hacktivists are wreaking havoc for political and social reasons.

Yet athough organized crime may have been, in volume, less active than the hacktivists, they were no less lethal in terms of what kind of cost they represented.

Verizon, frustratingly, doesn’t include any figures on what kind of cost these data breaches represent, but Porter describes the impact of the organized criminals as “death by a thousand paper cuts”, where they go after “less risky, low-hanging fruit,” that in aggregate can represent a very valuable enterprise.

That can include tactics like skimming information from card machines at gas pumps, breaches of e-commerce sites, and big thefts of data records from cloud-based services, such as the situation that hit Sony PlayStation last year.

Another point is that hacktivists’ tactics are also being adopted by others: although hacktivists accounted for 58 percent of stolen data, hacking actually appeared in 81 percent of breaches (versus 50 percent in 2010). Malware also grew in usage: it appeared in 69 percent of breaches, compared with 49 percent in 2010.

Attacks go global: In all, Verizon found breaches originating from 36 countries last year — a rise from 22 in 2010. That, admits Porter, is partly down to the fact that there was a larger global team of investigators this time around able to gather that data more comprehensively, but also a reflection on how criminal networks have expanded in their activities in an effort to elude authorities.

But that global spread collectively accounts for a very small part of stolen data. The big concentration of criminal activity, in fact, continues to come from one area in particular: Eastern Europe, which this year was the origination point for 70 percent of attacks. Less than 25 percent originated in North America, Verizon said.

One ironic conclusion in the report is that if businesses and the general public were only a bit more vigilant, the story would be quite a different one: of all the attacks 96 percent were deemed to be “not highly difficult”, and that 97 percent “were avoidable without the need for organizations to resort to difficult or expensive countermeasures.” In other words, a little proactive knowledge could go a long way in turning things around.

What about the year ahead? Porter said that if he had to make a calculated guess, the thought that hacktivism would be reduced this year, in part because of the disruption caused by enforcement agencies’ arrests.

However, stealing records has always only been part of hactivists’ tactics: some of their most-high profile activity, such as the series of moves that Anonymous made around their double campaign against SOPA and the closure of Megaupload, involved distributed denial of service attacks, which comprehensively shut down web sites and caused another kinds of financial havoc for their targets.

Although there have been some significant efforts from authorities to track down and arrest the hacktivists, notably the arrests last month of several members after one became an informant, there is all reason to believe that those attacks could continue into next year, if the crowd that helps in their efforts continues to feel the flames of discontent.

Full document embedded below:

View this document on Scribd

Blue Jeans CEO Looks To Beat His Two-Time Acquirer Cisco With Low-Cost Video Conferencing

---

Having sold two companies to Cisco, Krish Ramakrishnan knows what it takes to compete with the venerable networking giant.

After leaving Cisco for the second time to be an entrepreneur in residence at Accel Partners, he started Blue Jeans Network three years ago to compete in the video conferencing space. They soon rolled out a product that connects people for video meetings regardless of whether they use Skype, Google Hangouts, Cisco or Polycom.

Now Blue Jeans is digging in deep with a new product meant to kill those expensive video conferencing units called MCUs or multipoint control units, that can cost north of $250,000.

“This is a $700 million market. We’re just following a trend in industry where people’s infrastructure just disappears into the cloud,” he said in an interview. “It’s my intention to take the oxygen out of the traditional MCU unit. Just shrink it. The industry doesn’t need legacy-type devices.”

The new service, which he calls an “MCU Killer,” starts at $299 per port (or per party involved in calls). He’s already signed up 250 enterprise clients including Facebook, Foursquare, Stanford University and MIT, that want a cloud-based video conference solution that they can easily scale up or down depending on the number of people who need to use it. With old MCU units, they’d usually pay for several devices or ports up-front, even if they didn’t end up needing them down the line.

Even if he cuts this $700 million market down significantly, Ramakrishnan is optimistic that the lower barriers to entry will bring many more new customers into the market.

“Maybe the hardware market will disappear, but Blue Jeans is about expanding the usage of video,” he said.

The Mountain View, Calif.-based company has raised $23.5 million from Accel Partners, NEA and Norwest Venture Partners