Justin Somaini has just joined YL Ventures, a global cybersecurity venture capital firm, as a partner. In conjunction with the announcement, Somaini has replied to our questions about his background, the firm, their strategy and support model, and shared with us some thoughts about the future of tech.
VCWire: Hi Justin, can you please tell us more about you. What’s your background?
I became passionate about cybersecurity because I saw its impact as one of the most significant technological developments of our generation. The problems that plague cybersecurity professionals in the global market are acute and getting more sophisticated every day. Being part of a group that works daily to find solutions to these problems is what stands at the core of my 30-year career in this industry. My most recent role was as Chief Security Officer at Unity Technologies, a US-based video game software development company. Before Unity, I was the Chief Security Officer at SAP, Chief Trust Officer at Box, Chief Information Security Officer at Yahoo! and Symantec, Director of Information Security at VeriSign, and held leadership positions at Charles Schwab and PwC.
I had a unique journey in the cybersecurity realm, across many different industries, sectors and positions. Having this well-rounded background helps me see the organization in its entirety, including the needs of every team and how we as security practitioners can better represent our own needs and work with others to get buy-in for practical solutions. Over my career, I have been lucky to be able to found my own strategic security management consulting firm, Somaini LLC, and have been an advisor to dozens of security companies including Orca Security, Cycode, Valence, Qualys, Palo Alto Networks, Sentinel Labs, SourceClear, Solve Media, and others.
In joining YL Ventures, I aim to use my extensive experience in the industry and deep domain knowledge to provide the firm’s founders with insights during their ideation and GTM stages, help them cultivate their customer relationships, reach product-market fit and expand their market reach, globally. As a veteran CISO in various industries, I’ll be able to leverage my customer perspective to bring value in finding the most acute problem spaces and largest market opportunities.
VCWire: Can you introduce YL Ventures?
Founded in 2007, YL Ventures invests in seed stage cybersecurity startups with a dedicated value add strategy, aimed at bolstering founders to market dominance. The firm is based in both the US and Israel and focuses on guiding extraordinary founders from their most nascent stages to global success. Our founders have exceptional technological, leadership and business abilities and are looking to build large category-leading companies that will provide solutions to the most pressing challenges today. In 2022, YL Ventures ranked 8th out of over 250 venture capital firms in PitchBook’s prestigious Global Manager Performance Score League Tables and was the only cybersecurity-focused VC to secure a top 10 spot on the list.
VCWire: What is your overall strategy?
YL Ventures accelerates the growth of experienced early-stage cybersecurity founders who seek to build long-lasting companies and lead the next wave of tech innovation. We are currently investing out of our fifth fund, with $800M in total AUM, and we are very disciplined and focused in our strategy, with only a handful of new investments over the fund’s lifecycle (2-3 a year). The focus on a measured number of investments per fund also allows us to provide deep, focused guidance and address the needs of our portfolio companies at the most fundamental stage of their startup journey. This helps us ensure the long-term viability and sustainability of our portfolio companies, regardless of market fluctuations, in positive and more challenging economic environments.
VCWire: Beyond capital, how do you support startups?
YL Ventures’ value lies far beyond the capital it invests and includes ongoing, strategic and hands-on support and guidance to portfolio companies to support them as they scale. The YL Ventures team, spread across Silicon Valley, New York and Tel Aviv, is composed of multidisciplinary professionals who get in the trenches with the portfolio companies and focus on the most crucial elements required of startups at their earliest stages: GTM, Product-Market fit, Customer traction, marketing, HR, operations and more.
In addition to its in-house team, the firm guides its entrepreneurs in building the foundations for future cybersecurity category-leading companies, by leveraging a powerful network of 120+ Chief Information Security Officers and global industry leaders, hailing from Fortune 100 and global corporations. These luminaries provide an entire suite of services that help experienced founders cut through the noise of early-stage company building and focus on the strategic elements they need for a strong head start – especially around product-market fit, GTM Strategies and Sales processes.
VCWire: What do you like to see in founders?…. And what don’t you like to see in them? I mean, is there something that impresses you at first glance?
At YL Ventures, we look for the rare combination of an exceptional founding team that identifies a big market opportunity. These entrepreneurs should have agility, creativity, deep technological expertise, the determination to provide top-of-the-line technology to the global market and the capabilities to build a growth-minded business.
The entrepreneurial landscape is evolving, and we are seeing an increase in experienced, brilliant founders eager to build large companies instead of looking for quick exits. During our due diligence process, we introduce teams to dozens of potential customers in the US market, to assess the team’s vision and ability to engage with global industry leaders and to gauge customer and market interest in their offering.
As for the “red flags,” YL Ventures’ strategy dictates that the firm doesn’t invest in features or niche markets. We look for experienced entrepreneurs motivated enough to disrupt a big market and make a real change–this requires stamina, passion, grit, competitiveness and a large vision. Furthermore, cybersecurity has become a very crowded and competitive market, and it is our belief that only entrepreneurs with deep domain expertise will be able to address real industry problems with an innovative approach. We also look at their background, especially their experience in selling to customers.
VCWire: Please, tell us a bit more about the portfolio. You can list five startups that have made you particularly proud of.
YL Ventures has a track record of seeding cybersecurity unicorns such as Axonius and Orca Security, and its portfolio companies have been successfully acquired by high-profile, global industry leaders including Palo Alto Networks, Microsoft, Okta and Proofpoint.
Our current portfolio includes award-winning and category-leading startups including Orca Security, the industry-leading Cloud Security Platform that introduced the market to the revolutionary “Side Scanning” approach, and which identifies, prioritizes, and remediates security risks and compliance issues across cloud estates; Gutsy, pioneering the use of process mining for the first time in the security realm, which gives security teams unprecedented visibility into every tool, process and action required for a fully-compliant and efficient security posture; Hunters – An automated, cloud-native platform built to support the entire SOC workflow; Grip Security, the pioneer in SaaS identity risk management, providing innovative solutions to help enterprises address the security risks associated with widespread SaaS adoption; and our newest portfolio company, Aim Security, with the industry’s leading Security for GenAI platform, providing holistic and comprehensive security for all GenAI use across enterprises.
VCWire: Which sector/s would you bet 2 cents on in the next five years?
When I look at material opportunities, I go back to basics for the security industry. Where have we not fully resolved the problem through existing technologies and where has there been an introduction of new technologies which we need to secure?
In the new technologies category, I would say AI is the largest by far. I’m not specifically talking about GenerativeAI but as a whole category. How we apply the basics of security visibility and control over these new technologies, is ultimately the problem. With that, I’m very excited about YL Ventures’ portfolio company, Aim, coming out of stealth and working with the industry to do just that.
When I think of longstanding issues we’ve had as an industry that still haven’t been fully resolved, the largest is probably Application Security, or more specifically, how we can get visibility and control of applications that are developed and attacked on an unprecedented level. The industry has focused on building better development tools to assist engineers in coding more securely. What I feel we need are solutions that enable the ongoing monitoring and response of live applications. The industry still struggles with having a Security Operations enablement of transactions within the services it works to protect, to identify the attacks, let alone its ability to respond.