Device Authority: Interview With CEO Darron Antill About The Zero Trust Security Automation Company

By Amit Chowdhry • Sep 25, 2024

Device Authority is a company that secures the connected future by automating Zero Trust security at scale, and is a recognized global leader in Identity and Access Management (IAM) for Enterprise IoT ecosystems. Pulse 2.0 interviewed Device Authority CEO Darron Antill to learn more about the company.

Darron Antill’s Background

What is Darron Antill’s background? Antill said:

“I have extensive experience in leading and growing IT companies that specialise in security and analytics software and services. Before I joined Device Authority, I was CEO of AppSense, a global software company, where I was responsible for driving the global growth of the company by entering and expanding into new markets. We delivered innovative products that help companies transform their workspace management initiatives.”

“I guided the company to a 270% increase in revenues to more than $100 million, expanded the company globally, increased global headcount by more than 300% and helped AppSense raise a $70 million investment round from Goldman Sachs. Prior to AppSense, I was CEO of leading information security services company Vistorm, which was later acquired by EDS and became an HP company.”

Formation Of Device Authority

How did the idea for the company come together? Antill shared:

“The company arose from the merger of Cryptosoft and Device Authority Inc, which combined unique technology and expertise to tackle the security challenges of the growing IoT market. IoT was starting to make its mark at the enterprise level at this time, with manufacturers and tech companies investing heavily. CISOs started to rank IoT security challenges among their main concerns.”

Favorite Memory

What has been your favorite memory working for the company so far? Antill reflected:

“Several moments come to mind here including the first release of KeyScaler, securing our first customer as well as the recent Microsoft Rising Azure Technology Partner of the Year award and securing funding from prestigious backers Ten Eleven Ventures and Mercato Partners.”

“We raised $7 million in Series A funding from Ten Eleven and a further £2m from Prelude, the venture practice for Mercato. Both investors specialise in cyber security and technology investments, and were impressed with KeyScaler, which is our SaaS platform that helps enterprises deliver zero trust for their IoT devices across a wide range of use cases, helping them resolve their security problems.”

Core Products

What are the company’s core products and features? Antill explained:

“We address the significant cyber risks that enterprises face as their IoT networks expand.”

“Our KeyScaler platform and its components, all work to establish device and data trust across a supply chain through fully automated Device Identity Lifecycle Management, removing the risk of human error, significantly improving response and recovery times from attacks, and the ROI for critical assets. Without automation, managing the full lifecycle of connected IoT or OT devices, is full of dangers. Tedious manual processes lead to human mistakes and deliver slow responses to cyber-attacks.”

“Each of the components of KeyScaler, including KeyScaler Central, KeyScaler Edge and KeyScaler AI, tackles distinct challenges in customers’ complex connected environments. These are also delivered via our award-winning cloud-based delivery platform, KeyScaler as a Service (KSaaS).”

“Our KeyScaler-as-a-Service (KSaaS) platform provides automated device identity security throughout the entire lifecycle, allowing organisations to achieve end-to-end device and data trust. Its patented Dynamic Device Key Generation (DDKG) trust anchor technology and its continuous authorisation support supply chain security. This is how we establish a vital root of trust to mitigate the security risks posed by the use of AI in connected environments in the automotive, medical, industrial and critical infrastructure industries.”

“The growing complexity of these IoT and OT ecosystems makes device security increasingly vital. The global number of IoT devices is projected to reach 42 billion by 2025 and the number of IoT-focused cyber-attacks rose to more than 112 million in 2022 (according to Statista). Effective identity and access management has become essential to mitigating security risks, preventing unauthorized access, and ensuring compliance.”

Challenges Faced

What challenges have Antill and the team faced in building the company? Antill acknowledged:

“The challenge for all technology companies in the cyber sector is the lack of skills in the workforce. For its Cyber security skills in the UK labour market 2023 report the UK government conducted research into job vacancies that found 50% of all UK businesses have a basic cyber skills gap and 33% are short of advanced skills. Across many industries there is limited understanding of IoT security which is compounded by the skills problem, and an absence of education on security for devices that are not managed by people on a daily basis.”

“The skills gap is something we have decided to tackle ourselves. Colleagues from our HQ in Reading work with UTC Reading on a mentoring programme to support local students as they prepare to make decisions about their Key Stage 5 studies and their chosen careers. I meet groups of students regularly throughout the programme to provide consistent guidance and the opportunity for students to build a connection with industry and gain valuable insight.”

“Mentors played an important role at the start of my career and gave me a good foundation to progress through the ranks to lead several tech companies. A successful company is based on employing and developing great people and I enjoy paying back to the new generation, listening to them and offering advice and insight wherever I can.”

Evolution Of Device Authority’s Technology

How has the company’s technology evolved since launching? Antill noted:

“KeyScaler is continually evolving in response to the ever-changing threat landscape. The latest example is the creation of KeyScaler AI, a dedicated AI/machine learning module that focuses on enhancing device security.”

“It connects to KeyScaler Central and uses sophisticated AI/ML algorithms to automate certain aspects of a device identity lifecycle, such as frictionless onboarding, vulnerability management and anomalous behaviour detection. It incorporates a retrainable model that continuously learns and adapts to new authorised device frameworks. This retrainable model ensures KeyScaler AI supports new device iterations and deployments, maintaining agile security practices amid constant change. Third-party integration is also a highly beneficial attribute, enabling customers to keep their current infrastructure while also accessing advanced security features.”

Significant Milestones

What have been some of the company’s most significant milestones? Antill cited:

There are quite a few which particularly stand out over the past few years.  In 2016, we acquired Device Authority Inc, and the following year we launched KeyScaler Private PKI, featuring in Forrester TechRadar Internet of Things Security.”

“2018 saw us release KeyScaler MVP, and in 2019, we attracted investment from Venafi Development Fund, pivoting to Microsoft with Azure Security Suite.”

“The last three years have been especially significant. In 2022, we had further funding from Venafi, and then ABI Research named Device Authority as leaders for IoT security lifecycle management. We also secured Microsoft Co Sell status and had our first $1m-plus order. Among other achievements in that year, we released KeyScaler Edge and SBOM (software bill of materials).”

“Last year we won Microsoft Rising Azure Technology Partner of the Year for 2023, which was, and remains, a significant landmark in our development and maturity as a business.”

Customer Success Stories

After asking Antill about customer success stories, he highlighted:

“I can give an example of the connected factory. A pharmaceutical manufacturer upgraded its connected factories as part of its overall digital transformation strategy to become a predictive plant and increase visibility across its supply chain.”

“It adopted a Microsoft Azure IoT Edge Gateway infrastructure that requires a robust and automated identity lifecycle management solution utilizing x.509 certificates to provide device and data protection. This presents unique challenges in connecting both online and offline edge devices in a nested parent-child configuration up to the cloud. The company needed client authentication, end-to-end data encryption, HSM access controller and Azure nested gateways support.”

“Overall, the organization was able to take advantage of KeyScaler’s pre-built integrations to the Microsoft Azure IoT platform and with their existing enterprise PKI platform, giving them faster time to value. The implementation of KeyScaler streamlined device security by automatically provisioning secure identities, enabling a zero trust framework for their IoT infrastructure, unifying IT/OT security policy. These updates improved operational efficiencies, eliminating manual processes and reducing administrative burden. KeyScaler’s automation helps prevent compromise and speeds incident response, minimizing customer disruption, protecting brand reputation, and reducing potential liability.”

“These upgrades also help the company remain compliant with changing industry regulations and achieve greater visibility across its manufacturing supply chain. The company was able to keep devices offline while securely reporting critical device data to the cloud. They maintained their commitment to the Purdue manufacturing model (segmenting industrial control system networks from corporate enterprise networks and the internet) while realizing the benefits of IoT.”

Funding

Upon asking Antill about the company’s funding details, he revealed:

“Device Authority this year announced $7m in funding from leading global cybersecurity venture capital firm Ten Eleven Ventures, and $2m investment from Prelude, the venture capital practice for Mercato Partners.”

Total Addressable Market

What total addressable market (TAM) size is the company pursuing? Antill assessed:

“Today’s global supply chains rely on an increasing number of interconnected devices to capture and relay timely data. These connected devices have multiplied at a rapid rate, increasing from 10.8bn in 2019 to a predicted 30bn-plus by 2025 (potentially as high as 42bn according to Statista). This growing complexity of enterprise IoT ecosystems makes device security increasingly vital. According to research last year by Check Point Research, in an average week, 54% of organizations experience IoT-focused cyber-attacks, which makes effective identity and access management a priority for business risk mitigation and compliance.”

Differentiation From The Competition

What differentiates the company from its competition? Antill affirmed:

Our SaaS solution is the only one that allows organizations to achieve zero trust at enterprise scale, aligning to the NIST framework and enabling complete device and data trust. KSaaS also means that this solution can scale alongside an organization’s requirements while removing the need for costly infrastructure or expensive internal resources. This means we are delivering significant ROI for our customers. For example, in an environment with 20,000 connected devices, the return on investment of using KSaaS over a manual solution is 241%.

Future Company Goals

What are some of the company’s future company goals? Antill concluded:

Our aim is to continue to grow our presence, particularly in North America and further strengthen our foothold in the automotive, medical, industrial and public sectors. In the US, the SBOM requirement (software bill of materials) is already reshaping the landscape for IoT devices very significantly. We will continue to work with government organizations and public sector bodies to help to shape security regulations and legislation.