Reco raises $30M to prevent sensitive data leaks
Reco (also known as RecoLabs), a company using AI to map a company's data sharing, today announced that it raised $30 million in a Series A round co-led by Insight Partners and Zeev Ventures with participation from BoldStart, Angular Ventures, Jibe Ventures, CrewCapital and Cyber Club London. CEO Ofer Klein said the proceeds will to toward product development and supporting the company' go-to-market efforts.
Klein co-founded Reco with Gal Nakash and Tal Shapira in 2020. Reco is Klein's second venture after Kwik, an internet of things platform for "connected customer experiences." Nakash led research at the Office of the Prime Minister in Israel prior to joining Reco, while Shapira, who also worked at the Office of the Prime Minister, was the head of algorithms at heads-up display startup Guardian Optical Technologies.
"The distributed workforce is getting bigger. The number of collaboration tools in use in a single organization increases daily. And each of these introduces new security risk," Klein told TechCrunch in an email interview. "Information sharing and collaboration across applications is extremely important for businesses and provides unlimited value to them, but without security context and intelligent analysis of what business data and interactions are taking place in those sharing environments, we see organizations increasing their risk."
Reco monitors data sharing inside and outside of an organization to flag potential issues when they occur. For example, if a third-party vendor's contract is expired but the vendor still has access to sensitive documents or if a file is sent to the wrong account manager, Reco can spot this and mark it for remediation, Klein claimed.
Plenty of data management compliance and governance software exists (see: Checks, DataGuard, Ketch and DataGrail), but Klein asserts that Reco's "contextual" approach sets it apart. The platform creates a "business collaboration map" that ostensibly shows where an incident occurred, which parties were involved and the details of remediation actions.
According to Klein, Reco leverages an AI engine to learn context through the metadata in the audit logs generated by collaboration, storage and email tools (e.g. Slack, Jira, Box, OneDrive, Outlook, etc.). The engine requires no manual policy setup to create a model of the relationships between an organization's employees, teams and outside vendors, Klein claimed, freeing up security teams to focus on more pressing work.
"Our closest competitors are legacy data security tools that still focus on content instead of context. They require a high level of manual input and maintenance, create noise and organizational friction, and do not have visibility of the context behind incidents leading to inaccurate alerts," Klein said. "[With Reco,] security teams are able to share incidents and their context with relevant team members in order to receive additional feedback to remediate the incident, or even to empower the team member to take ownership of the incident and carry out remediation activities themselves."
Of course, AI makes mistakes. Unforseen biases can influence a system's predictions, causing errors. Illustrating the breadth of the problem, a 2021 survey from Fastly and ESG found that nearly half of all cybersecurity alerts from software are false positives.
For what it's worth, Klein stands behind his product, claiming that Reco "results in the lowest false positive rate while discovering events and incidents that no other tool can detect."
"The pandemic pushed companies to broadly use collaboration tools to support their distributed workforces. Companies started using tools like Slack, Teams, and Google Drive with their customers and vendors to accelerate business processes," Klein said. "But there is no visibility and limited control over these channels ... Reco is positioned well to lead the next generation of security solutions that focuses on enabling business while dramatically saving money and effort."
Klein declined to list 35-employee Reco's customers by name or reveal revenue figures, but said that "multiple" companies in finance, manufacturing, tech and insurance, including Fortune 500 companies, are using its product.