Abnormal Snags Exabeam, Forescout CEO Mike DeCesare as Prez – Source: www.govinfosecurity.com

Cloud Security
,
Next-Generation Technologies & Secure Development
,
Security Operations

DeCesare Aims to Bring Abnormal’s Email Protection to US Government, Japan, Germany

Michael Novinson (MichaelNovinson) •
August 15, 2023    

Abnormal Security has brought on former Exabeam, Forescout and McAfee leader Mike DeCesare to spearhead its push into the U.S. government, Japanese and German markets.

See Also: Live Webinar | Unmasking Pegasus: Understand the Threat & Strengthen Your Digital Defense

The San Francisco email security provider has tasked DeCesare with bringing Abnormal’s technology to enterprise organizations in non-English-speaking markets as well as federal agencies focused on cloud transformation. DeCesare, 57, most recently spent two years as CEO of Silicon Valley-based SIEM and security operations vendor Exabeam before stepping down in June “to balance health and lifestyle” (see: Exabeam Gets 3rd CEO Since 2021, Promotes CPO Adam Geller).

“Abnormal has by far the best product I’ve ever seen in cybersecurity,” DeCesare told Information Security Media Group. “Email security is about a $3 billion market today, and it’s filled with vendors that are very legacy in their architecture.”

DeCesare will lead Abnormal’s marketing, sales and customer success functions as president, freeing up co-founder and CEO Evan Reiser to focus more on Abnormal’s R&D and engineering operations. Prior to Exabeam, DeCesare spent six years as CEO of IoT security vendor Forescout and took it public at an $800 million valuation. He also spent four years as president of McAfee, which was owned by Intel at the time (see: The Importance of Automated Cyberthreat Response).

Extending Abnormal’s Footprint Beyond US Commercial Firms

Abnormal serves state and local government clients today, and DeCesare identified the U.S. government as the firm’s biggest untapped opportunity given the glut of hardware-based, on-premises email security tools installed across federal agencies today. Despite broad resistance to cloud technology as recently as five years ago, DeCesare said the Department of Defense and other agencies are now all-in on cloud usage.

The FedRAMP authorization process will be driven by Abnormal’s R&D team, and DeCesare doesn’t anticipate the company will have much of an issue getting a sponsor given how easily the technology installs. Getting into the U.S. government will require a multiyear commitment from Abnormal along with hiring sales reps, sales engineers and support staff well-versed in working with federal agencies.

DeCesare wants Abnormal to eventually generate half its revenue from outside the United States, and he sees Japan and Germany as the “lowest-hanging fruits” given the size of their email security spend. This will require Abnormal to train its natural language models in Japanese and German, localize the product to reflect common suppliers and hire in-country R&D, sales, marketing and support personnel.

“Abnormal is in the bucket of email security, but the architecture is just so different,” DeCesare said. “And it’s what’s needed to try and have any chance of defending against the bad actors that we’re seeing in 2023.”

Reaching the $100M Annual Recurring Revenue Milestone

DeCesare’s arrival at Abnormal coincides with the company disclosing that it surpassed $100 million in annual recurring revenue just five and a half years after it was established. Abnormal in May 2022 closed a $210 million Series C funding round on a $4 billion valuation to apply its account takeover prevention technology to systems and SaaS platforms beyond email, such as Workday and Salesforce (see: Abnormal Security Raises $210M to Push Beyond Email Defense).

“Customers have more confidence buying from companies that have some size to them and that they believe are going to be around,” DeCesare said. “When customers see a company growing this fast, it lets them know there’s something special there. What we hope for is that it starts to generate more inbound interest versus it being outbound.”

Forrester in June classified Abnormal as a strong performer in enterprise email security, putting it behind Proofpoint, Cloudflare, Microsoft and Check Point, which were all named as leaders. Forrester praised Abnormal for its superior ability to block malicious email from inboxes and criticized it for having “only limited plans” to add capabilities covered by email infrastructure providers.

“Security and risk pros heavily invested in the native capabilities of their email security infrastructure providers – or those planning to keep a secure email gateway for other critical forms of malicious email, file, and attachment detections – should evaluate Abnormal Security,” Forrester Senior Analyst Jess Burn wrote in June.

From a metrics standpoint, DeCesare wants Abnormal to maintain customer retention rates in excess of 95% as it scales while increasing net recurring revenue to 120% by selling non-email security products to existing customers. He’d like to see Abnormal “substantially” boost its footprint among Fortune 500 organizations – which stands at 12% today – and continue to make headway on its path to profitability.