This post is the second in a series that showcases our MBA interns participating in Forgepoint’s Summer Associate program. Designed to provide comprehensive exposure to venture capital while advancing participants’ understanding of cybersecurity…Read More
Rita Gurevich is the Founder and CEO of SPHERE, an award-winning cybersecurity business focused on improving security and enhancing compliance, including privileged access management, Active Directory governance, cleaning up entitlements and more. Many of the world’s most advanced companies – including several F100 enterprises across industries – rely on SPHERE to ensure their environments are clean, secure, and compliant.
Rita bootstrapped SPHERE for eleven years before partnering with Forgepoint on the company’s Series A financing in February of 2021.
Congratulations on all the progress to date! Rita, please tell us about your journey and how you got to where you are now. What motivated you to found SPHERE?
Thank you so much! It’s been an exciting journey and we’re really looking forward to continued innovation and growth.
I’ve always been very intrigued by technology. I previously studied Computer Science and Mathematics at Stevens Institute of Technology while working at Lehman Brothers as part of a co-op program. I continued to work at Lehman after graduation, until the world went into disarray due to the sub-prime mortgage crisis. Because this was the first large-scale corporate tragedy that many had ever seen unfold, there were a lot of people questioning what to do next. While that was a bit intimidating, I knew I still had responsibilities to fulfill, so I decided to stay the course and watch history in the making.
There was an immediate need for the bank to disseminate its technology stack – something which had never been done before – but we got to work figuring out how to make it happen. That led to a lot of collaboration, learning, and camaraderie amongst the folks who remained at the firm. We were able to take a situation that could have been viewed as a negative and turn it into an experience with countless positive facets. Particularly, I learned a lot about risk assessment and remediation, which I knew many large financial services firms struggled to understand. I realized I had a skillset that would be highly valuable in fulfilling an industry-wide need and that became the impetus for starting my company. However, it wasn’t enough to just be entrepreneurial—I knew I needed to be able to sell my services in order to succeed. That’s when previous relationships came into play. My former colleagues had moved on to other investment banks and I was very fortunate to have a forward-thinking, captive audience interested in hearing more about my business. It’s a testament to the power of maintaining relationships which is something I highly value. In many ways, the experience I had at Lehman accelerated my goals, and helped me shape SPHERE.
What’s the problem you’re out to solve for your clients and their organizations? How would you describe SPHERE’s mission?
Our focus is cyber hygiene, and we believe breaches are not inevitable. We harden your access controls with automation and expertise to continuously and proactively stop bad actors from breaching your data, systems, and applications.
As cyber security has gained momentum, we’ve learned that the natural inclination is to focus on the most advanced, cutting-edge technology i.e. Artificial Intelligence. However, we also realized that these incredible innovations were hindered by the lack of a clean foundation. Cyber hygiene is the most crucial, yet most overlooked aspect of security. Think of it as a new home: if the interior of the house is cluttered, it doesn’t make sense to invest in new artwork for the walls until the disarray in the wider environment has been addressed. Otherwise, no one will notice the artwork. The same concept is true for cybersecurity. Cleaning up end user and privileged access is by no means glamorous, but it is a critical requirement for the success of AI and other technologies to function properly.
Our mission is to provide companies with piece of mind knowing their data is safe, and to allow them the freedom to successfully implement and utilize other products and applications by ensuring their environment is always tidy.
Tell us more about this new category you’re creating: CYBER HYGIENE. What has your experience been like – to be the catalyst for change within organizations and rally internal teams to help them better secure their users, data, and assets?
What’s interesting is that this type of risk assessment and remediation has always been an issue. However, many organizations either overlooked its importance or used very archaic, manual approaches to resolve it. When we started, we were a pure consulting company and called our team “access control janitors”. Now, we have advanced so far, and automated so much with our flagship solution, SPHEREboard, it made perfect sense to describe it in a more elegant way – Cyber Hygiene. Also, the term reflects that the fact that hygiene is not a one-time clean-up, but rather all-encompassing and continuous; organizations must maintain it every single day.
Catalyzing change comes from shifting public perception regarding the need for these types of solutions. The increase in awareness around the importance of clean, standardized permissions has generated curiosity and renewed interest in traditional ecosystem maintenance. As companies struggle to achieve optimal output with sophisticated technology such as machine learning, I believe companies are coming to the realization that there is no substitute for a clean foundation. It has been a gratifying experience watching the industry evolve and mature over the years. In our early days, education around clean, standardized permissions was a core piece of our customer messaging. Today, the importance is well known, and the customer focus has shifted toward accelerating those objectives and expanding coverage to achieve scalable security at a granular level.
Another key component – and unfortunate reality – is that ransomware is here to stay, and I think executives are starting to become more anxious about the potential fallout of not securing sensitive data and critical systems. These days, cyber attacks are widespread, and many different industries are susceptible including recent incidents across financial services, healthcare, and energy just to name a few. Therefore, implementing a proper cyber hygiene regimen is important because the impact is significant if neglected or performed incorrectly.
That is so true. To that end, SPHERE partners with many of the most sophisticated customers across those specific industries, within highly regulated environments. How does that inform product and service development as you scale?
I began my career in financial services and gained the bulk of my experience from the industry, so it was only natural that I gravitated toward it when I initially launched SPHERE. Targeting the most sophisticated industry probably seemed counterintuitive for a startup, especially since we were in the middle of a recession and the markets were in turmoil.
I’ve since learned the advantages as well as the disadvantages of starting out with such an advanced target market. Because our initial client base was comprised of large, demanding entities with solid reputations, we were forced to tackle the most complicated issues from the beginning which was a bit daunting for a young startup. However, once we were successful, it became easier to scale as we already understood the most difficult issues we would encounter. We were a small, nimble company that was able to adapt as the times changed and align with each client’s needs. We also learned the importance of delivering a successful product to each client and maintaining positive relationships. After all, we were competing with much larger players for the attention of a few executives, so our relationships and value-added services were imperative. Because of the size and reputation of our clients, we couldn’t be very transactional. We were a bootstrapped company with limited resources, and we needed to build as we drove. I think that idea scares a lot of people, but for me, it was exciting. Enter Forgepoint – they were able to take our proven approach and help us scale it out and we are incredibly appreciative of their partnership.
Though it’s been challenging and very rewarding, the genesis of the company and the journey, have felt very natural. I’m grateful for every learning experience, particularly those that were learned early on around operations, scalability, and efficiency as it allowed us to learn to succeed in the worst-case environment.
In our last founder meetup, you shared excellent guidance on word-of-mouth sales – transcending the transactional with an authentic relationship management philosophy that guides your team in their client interactions. How do you encourage this mindset and how has it benefited SPHERE’s growth?
At SPHERE, we have a customer-centric attitude every moment we are awake, and we likely think about it in our sleep too! Client interactions are paramount, and my approach is to treat everyone with respect, empathy, and kindness. I also believe in leading by example, so this is something I encourage from the wider team as well.
I believe in developing strong relationships with both current and prospective clients. It is also equally important to consistently deliver value in order to stand out among the other players in the ecosystem.
The reality is that relationships will help get your foot in the door, but the only way to grow and maintain the relationship is to deliver value in a distinctive manner. Delivering consistent value creates a swell from the bottom that reinforces your value with key decision makers at the top.
Therefore, at SPHERE, our culture is built around innovation in order to always deliver one-of- a-kind excellence to our clients.
Your team’s enthusiasm and culture of customer-first innovation is so palpable, from team calls to SPHERE’s LinkedIn. Looking ahead, what are you most excited about, near term and longer term?
We have a lot to be excited about!
In fact, this week we will be hosting our first annual Advisory Forum in Orlando, Florida. I feel very humbled to have gotten to this level of achievement where I’m able to invite security leaders from 50 of the most prestigious companies in the world to sit together and discuss the latest issues in our industry. Honestly, this is something I could have never imagined when I first started my company over a decade ago. It’s an honor to have such smart, talented, and inspiring people take time out of their day to help guide, educate, and network with us. This is huge accomplishment as it’s the culmination of years of relationship building, delivering value, and believing in a concept so strongly that other industry leaders now recognize us as experts. It’s the ultimate payoff and I’m beyond thrilled to have gotten to this point.
Something else that I’m very excited about is our SP(HER)E initiative that we plan to kick off in 2022. This year we really want to focus on giving back and we have a few outreach initiatives underway to help inspire women to become more involved in the tech industry.
First, we’re kicking off a special initiative called SP(HER)E, which stands for Helping Everyone Rise. Our goal is to highlight women in leadership positions as they communicate their own stories of ambition and hardship in the cybersecurity space, ultimately providing insight on industry challenges while simultaneously inspiring other women to strive for success.As part of the SP(HER)E campaign, one of our initial projects is to provide young women the opportunity to shadow an executive for a day as it’s important for them to connect with and be inspired by female leadership.
We have also partnered with Women in Identity to help promote diversity and inclusion across the identity industry. Though our SP(HER)E campaign, we’re aiming to educate the wider industry by providing first-hand accounts of roadblocks for women from all backgrounds. We also hope to inspire other women and allies, encouraging all to continue to support the success of their female colleagues.
Beyond that, it’s hard to tell where the world will be, but I’m focused on ensuring that the company continues to provide value to our clients and be a great place to work for our employees.
We’re excited for SP(HER)E and all that’s ahead! Last question: as we celebrate Women’s History Month – what advice would you give to any future female leader, founder, or CEO?
My advice to future female leaders is to leave self-doubt at the door. Great inventions come from people with unique perspective regardless of age, gender, background, and ethnicity. I also feel that women have certain inherent organizational and multitasking abilities that transition seamlessly into the fast-paced, and rapidly evolving world of tech. Bottom line: women are just as qualified as anyone else and I highly encourage them to get involved!
You may also enjoy:
Today marks the first anniversary of SolCyber’s emergence from stealth. On behalf of Don Dixon, Alberto Yépez, and all of us here at Forgepoint, I wanted to take a moment to congratulate Scott McCrady, David Emerson and team on SolCyber’s rise…Read More
This post is the first blog in a series that showcases our MBA interns participating in Forgepoint’s Summer Associate program. Designed to provide comprehensive exposure to venture capital while advancing participants’ understanding of…Read More