Gili Raanan’s VC firm Cyberstarts perfected the playbook for launching multi-billion-dollar
security startups like Wiz. But questions about a profit-sharing program with industry execs
have threatened his kingmaker reputation.
By Iain Martin, Alex Konrad and Thomas Brewster, Forbes Staff
For years, security executives at some of America’s largest corporations — Freddie Mac,
Kraft Heinz, Colgate-Palmolive and Fidelity, to name a few — were happy to hear from Gili
Raanan, the founder of a boutique Israeli venture capital firm called Cyberstarts.
As participants in Cyberstarts’ adviser network, called Sunrise, they were used to taking
introductions from the firm to meet with its three or four new startup investments each
year. The startups could receive product feedback and gain insight into what potential
large-sized buyers needed. For the executives, mostly chief information security officers,
or CISOs, the startup founders gave them the inside track on new technologies emerging from
Israel’s elite hacking units.
But for some executives, there was more to it: compensation, potentially quite lucrative, in
the form of profits from Cyberstarts’ blue chip early-stage funds. The execs who
participated in Sunrise had the option to share in a pool of 4% of Cyberstarts’ own
earmarked profits, known as carried interest, provided they took those calls and provided
meaningful help, as determined by Cyberstarts.
Cyberstarts had written early checks to standout security companies including Wiz, the cloud
security startup that recently turned down a $23 billion acquisition offer by Google; $8
billion-valued crypto security startup Fireblocks; $3 billion-valued enterprise browser
business Island; and $1.4 billion-valued data security startup Cyera. Over the lifetime of
one of the firm’s funds, participants could expect to see payouts of as much as $250,000, an
internal presentation viewed by Forbes claimed.
When Raanan wrote Sunrise’s 75 or so active advisers on June 27, however, it was to let them
know Cyberstarts was suspending the compensation part of the program, effective immediately.
“Cynical allegations” about ethical problems with Sunrise’s profit-sharing system had forced
the firm’s hand. “To be perfectly clear, the Sunrise program is not going anywhere,” Raanan
wrote. “It’s one of our proudest achievements to connect practitioners at leading companies
with up-and-coming startups. This is an easy change.”
Logistically easy, perhaps. But the move was a major reversal for Raanan and his firm, which
for years have maintained that Cyberstarts’ adviser program was neither unusual nor
ethically fraught. Inside the swanky The Soho Hotel in central London in June, just weeks
before suddenly shutting down the payments system, Raanan had struck a defiant tone. “We are
very, very proud of our practice and our business model,” he told Forbes. The Sunrise
program was not substantively different, Raanan argued, than other programs offered by rival
firms.
But many fellow investors, entrepreneurs and security executives suggested to Forbes that
Sunrise had a baked-in conflict of interest that made it unique, even in a close-knit
security community.
“The grasp that Gili has had on the market is ridiculous.”
A security-focused investor
The executives who participated typically oversaw massive software and security budgets.
Their organizations had the power to award exactly the type of large-sized contracts that
could boost a fledgling startup’s financials and position it for success.
In other words, Sunrise advisors were in position to steer their company’s business to
startups whose success would benefit their own. At worst, their own financial interests
might cloud their judgment, or conflict with the best interests of their employer. Even if
they recused themselves, employees might feel incentives to select a vendor affiliated with
their boss. Intentional or not, the potential for conflict of interest was inherent in the
relationship.
Allegations of conflicts have dogged Cyberstarts for years. A 2022 profile of Raanan by The
Information alluded to competitors’ accusations that his firm blurred ethical lines. More
recently, the unusual overlap between big companies affiliated with Sunrise and the
Cyberstarts portfolio — fast casual Mexican food giant Chipotle, for example, has signed
contracts with at least eight of them — has become a popular topic of industry gossip at
conferences like RSA and Black Hat.
“The grasp that Gili has had on the market is ridiculous,” said a security-focused investor
who claimed that some startups with Cyberstarts-backed competitors no longer even attempted
to sell to corporations whose executives had Sunrise affiliations. “But you come at the
king, you best not miss.” They, like several dozen other founders, investors and executives,
asked to speak anonymously for fear of retaliation by Raanan and Cyberstarts.
Multiple Sunrise advisers who have previously not spoken to the press told Forbes that they
shared the same ethical concerns as the program’s doubters on the outside. Two said they
resigned from Sunrise over those perceptions. “I walked away because it started to be more
aggressive,” one former participant said. “Where it crossed the line for me was where CISOs
started to influence decision-making within their own firms to promote products,” a second
claimed. Still more have wiped any mention of Cyberstarts from their LinkedIn profiles; of
54 advisers named on Cyberstarts’ own website in May, one-third have since been scrubbed.
“Nobody buys software because they’re doing someone a favor.”
Cyberstarts founder Gili Raanan
Others who praised its efficacy claimed they drew the line at Sunrise’s profit-sharing,
which they called misguided or naive at best. Multiple investors, CEOs and CISOs spoke to
Forbes at Cyberstarts’ request to defend the program. But several who said that they backed
the program and liked its benefits, such as access to portfolio CEOs like Wiz’s Assaf
Rappaport, still voiced disquiet with its now-defunct payment plan. “I don’t think Gili and
the team’s intent is nefarious, but there is just too much gray for my personal integrity,
and too much potential conflict,” one said.
Two security executives told Forbes they rejected overtures from Raanan’s team after hearing
about the firm’s “menu” of compensation. “I was completely aghast. It was against my
principles,” one said.
In an October interview, Raanan disputed these claims — “Nobody buys software because
they’re doing someone a favor,” he retorted. Plus, he pointed out, many of its advisers
didn’t take the money at all. In June, he’d told Forbes that about half of Sunrise’s
advisers had opted into payments. But in October, he said the number was really only 20%, or
about 15 people. Only a small handful of advisers had left the program since, he added,
while a few others had joined.
Raanan said he’d ended the compensation component of the Sunrise program because of “a
massive wave of calls into employers.” Several outlets were investigating at this time,
including Forbes and Israeli publication CTech, which published a story on Sunrise in
mid-June. The “industry standard” payment mechanism that Cyberstarts had long defended was
not so important, actually, he now argued. “At the point I started to get more and more
signals that there was a perception issue, I removed the issue,” Raanan said.
Last week, the firm announced its fourth seed fund, a $60 million vehicle bringing its total
assets under management to $720 million. At least one limited partner investor in
Cyberstarts’ funds said they had pulled their money from the recent raise over the bad
optics, Forbes learned. Cyberstarts called such a claim categorically false. The firm was
oversubscribed with interest for its new fund, Raanan recently said.
As Cyberstarts’ crown jewel Wiz eyes a banner public offering and other portfolio companies
like Cyera start making acquisitions of their own, Cyberstarts’ industry influence will only
increase. So long as the firm continues to operate Sunrise, the questions the program has
raised about ethical red lines in startup sales, and the incentives used to gain an early
advantage, aren’t likely to go away. As one security CEO observed: “An unfair advantage for
certain startups damages the broader ecosystem.”
Raanan started his first company, a security business called Sanctum, in 1997. A native
Israeli who had served in Unit 8200, the elite cyber division of the Israeli Defense Force
that has produced many of the country’s leading tech entrepreneurs, Raanan learned firsthand
that technology alone didn’t lead to market traction. “We never managed to find a business
model for it,” Raanan told Forbes. “It is quite amazing that you can build such a successful
technology and never be able to monetize it.”
After cofounding and selling another startup, nLayers, to IT giant EMC (itself later
acquired by Dell), Raanan joined Sequoia Israel, the local outpost of global VC firm Sequoia
Capital. After Sequoia’s Israel arm wound down in 2016, Raanan struck out on his own,
launching Cyberstarts two years later in Mikhmoret, on the country’s central coast.
In the years since, it’s become a rite of passage for many Israeli security founders to make
the hour’s drive north from Tel Aviv to meet with Raanan poolside at his home. For some
founders from the right pedigree — veterans of Israel’s cyber Unit 8200 or its secretive
counterpart Unit 81, or with experience at one of Israel’s other leading security shops —
Cyberstarts will invest without a clear business or product, on purpose. Doing so, Raanan
said in October, helps ensure the firm isn’t working with startups that end up building
“shelfware,” tools purchased but never used by customers, then ultimately dropped.
“Entrepreneurs were building solutions in a vacuum. They fell in love with their technology,
built it and then retrofitted it in terms of the problem, the pricing and the right [sales]
channel,” Raanan said. “And security practitioners were used to meeting vendors only when
they had products to sell.”
Sunrise, with its program for dozens of early speculative calls with potential customers,
was Cyberstarts’ solution. Offering them compensation in the form of profit-sharing, Raanan
said, seemed a natural trade in order to get strangers to give up their time. While other
funds offered annual retainers of $25,000 to experts to provide similar feedback, Raanan
couldn’t afford to do so, he claimed. Cyberstarts’ first fund collected no management fees,
he added; Raanan still doesn’t draw a salary himself: “We are still a small fund today,
relatively speaking, so that was the only main way I could compensate,” he said.
From a performance perspective, Raanan’s tactics appeared to work. Seed-stage startups often
structure their portfolios with bets made so early, and at such low prices, that one or two
outsized winners can more than account for a number of others that never pan out. Since
2018, Raanan and Cyberstarts have achieved five exits, worth a combined $1.6 billion,
without a single public flameout. Even in the case of a less than ideal outcome, such as the
sale of NoName Security to Akamai for $450 million in June, less than its previous private
valuation of $1 billion, Cyberstarts’ early buy-in meant that it still came out ahead.
Founders at Wiz, reported to be considering secondary sale at a $20 billion valuation,
leveraged Cyberstarts' adviser network to help decide on a product direction early on.
Avishag Shaar-Yashuv for Wiz
The Sunrise program has proven invaluable in early days for many Cyberstarts portfolio
companies. For a 2023 cover story, early executives at Wiz told Forbes about making dozens
of calls to security executives before zeroing in on cloud security. At NoName, CEO Oz Golan
recounted that even before Cyberstarts invested, Golan and his cofounder had shared a
one-pager of their startup’s premise — security for automated interactions via application
programming interfaces, or APIs — with Raanan to circulate with some advisers for feedback.
After Cyberstarts’ investment, NoName’s founders went on a meeting tour with Sunrise’s
executives to determine how their product could best help corporate giants. “The biggest
company I’d ever worked for was maybe 1,000 employees,” Golan said. “Hearing from the
platform executive responsible for the largest companies in the world was eye opening.”
NoName reportedly reached annual recurring revenue (ARR) of at least $40 million before
selling to Akamai for about half its peak valuation earlier this year. Other Cyberstarts
companies have reached major revenue milestones of their own: Wiz claimed to have reached
$500 million in ARR prior to spurning Google’s offer, while Fireblocks passed $100 million
in ARR in 2022. Cyera, meanwhile, was able to make a $162 million acquisition earlier in
October.
Outsiders questioned why corporations would sign six- and seven-figure contracts with
startups as small as some of Cyberstarts’ portfolio companies.
“Gili and Cyberstarts have a proven track record around identifying the best cyber startups
for founders in Israel,” said security investor Asheem Chandna, a general partner at
Greylock who co-invested with Cyberstarts in cloud security firm Dazz, reportedly valued at
$400 million. “They have also demonstrated a unique ability to shepherd these founders
through their company journey.”
On the other side of the table, a number of corporations have proven reliable purchasers of
the Cyberstarts portfolio’s software. In addition to Chipotle, with its eight identified
contracts, Forbes identified five contracts each signed with Cyberstarts startups at real
estate giant Jones Lang LaSalle and pharmaceutical multinational Takeda, both of which have
employed current or former Sunrise advisers. Mortgage lender New American Funding, security
unicorn Armis and BNY Mellon, the world’s largest custodian bank, appeared to have signed
contracts with four.
Chipotle, New American, Armis and BNY Mellon all said in statements that their executives
had received no compensation from Cyberstarts; Takeda said that it had robust compliance
policies and declined further comment. JLL declined to comment.
To some outsiders, such concentrations have appeared suspicious: They questioned why
corporations would sign six- and seven-figure contracts with startups as small as some of
Cyberstarts’ portfolio companies if the relevant CISOs recused themselves and their Sunrise
status bore no influence on procurement decisions, as Cyberstarts and defenders have
claimed. “There is a Cyberstarts playbook,” said one venture capitalist who has evaluated
Cyberstarts-backed companies for potential investment. When assessing a Cyberstarts
portfolio company’s sales pipeline, that investor said, their firm separated out
Sunrise-affiliated revenue. “You have to figure out what’s force-fed.”
Several of Cyberstarts’ portfolio founders disputed that Sunrise had helped them secure
contracts they wouldn’t have otherwise. “Founders will never want to admit they lost a deal,
fair and square,” said one. “They will always want to point to some sort of external
excuse.” Avalor’s cofounder Raanan Raz praised Sunrise advisers for helping him focus on
data security, but noted, “I never felt anyone was doing me a favor in order to gain
anything on the other side.” (He is now also a limited partner investor in Cyberstarts.)
Zscaler acquired Avalor for $350 million in March.
Billionaire and former Sequoia managing partner Doug Leone, who previously invested in and
worked alongside Raanan, said in a statement that Cyberstarts “managed to crack the code” on
achieving early product market fit. (Sequoia has since backed five Cyberstarts unicorns:
Cyera, Fireblocks, Island, Wiz and Zafran.) “As a result, these businesses are often able to
scale faster than usual,” Leone wrote.
But others pointed to firms that did not renew contracts with Cyberstarts portfolio
companies after the departure of their Sunrise CISOs; in at least one instance, multiple
contracts weren’t renewed following the turnover, two sources told Forbes. In that event,
the departing CISO, now an entrepreneur, eventually circulated a letter signed by Raanan to
former colleagues to confirm that they had received no compensation as part of Sunrise.
Got a tip for us? Contact reporters Iain Martin at iain.martin@forbes.com, Alex Konrad at
akonrad@forbes.com, and Thomas Brewster at tbrewster@forbes.com or +1 929-512-7964 on Signal
Some discrepancies remain difficult to reconcile. In London in June, Raanan noted that
Sunrise advisers bore the responsibility of following their own employers’ disclosure
requirements and rules around compensation; none violated such policies, to Cyberstarts’
knowledge, he said. Three chief executives who employed current and former Sunrise advisers,
however, told Forbes that they had not received any such disclosures around potential
compensation. It’s possible that some company disclosure policies didn’t require informing
their CEOs, Raanan responded. “All of them told us they were in compliance,” he said.
Moving forward, Cyberstarts advisers who already received their compensation in the form of
carry points will keep that upside in its funds, the firm confirmed; such upside continues
to be disclosed to employers, a firm spokesperson added. And despite suspending any new
compensation for Sunrise, Raanan has continued to insist that equivalent practices were
widespread in the venture industry. “It’s all around us,” he said. “These are busy people,
and assuming their employer is fine with it, that’s completely legitimate that they be
compensated.”
Forbes attempted to corroborate that claim with industry sources, but multiple large-sized
U.S. funds denied paying any part-time advisers. Several fellow Israel-based funds,
including Team8, YL Ventures and Glilot Partners, confirmed that they operated their own
versions of CISO advisory boards. Only one of those, YL Ventures, said it offered an annual
retainer to most advisers, as well as portions of fund profits to a small number who
conducted due diligence on potential investments. None besides Cyberstarts said they have
offered a portion of fund profits to advisers in exchange for their work with a fund’s
existing portfolio.
To hear Cyberstarts’ founder Raanan tell it, his firm continues to be unfairly singled out.
Raanan’s supporters echo some version of that sentiment. As one VC collaborator argued to
Forbes anonymously: “The market leader gets the gun pointed at them.”
But even that person, a close confidant of Raanan’s, was incredulous that Cybertstarts had
left itself so vulnerable to the potential fallout — deserved or not — from weaving
financial ties between its startups and its adviser executives who control multi-million
dollar budgets at some of America’s largest companies. “If they didn’t anticipate it, they
were extremely naive,” the investor said. “Why raise the question?”
Additional reporting by Kirk Ogunrinde and Jacob Wendler.
MORE FROM FORBES
ForbesNobody Beats Wiz: Meet The Hyper-Aggressive, $10 Billion Startup Shaking Up Cloud
SecurityBy Alex KonradForbesRyan Breslow’s ‘Lead Investor’ Blindsided By $450 Million Bolt
Fundraise: ‘We Were Never In This Deal’By Iain MartinForbesSaudi Arabia Is Investing
Billions In AI. But Some Founders Are Still Waiting To Get Paid.By Iain MartinForbesHow A
Former Palantir Exec Built A Google-Like Surveillance Tool For The PoliceBy Thomas Brewster
2024-10-28 10:30:00
read
more
