Halcyon is a cybersecurity company building products that stop ransomware from impacting enterprise customers. Pulse 2.0 interviewed Halcyon co-founder and CEO Jon Miller to learn more about the company.
Jon Miller’s Background
What is Jon Miller’s background? Miller said:
“Before starting Halcyon, I co-founded Boldend, a next-generation defense contractor focused on building offensive tools for the US Government. Prior to Boldend, I was the Chief Research Officer of Cylance (now Blackberry), where I focused on malware and product efficacy. I was also employee number 70 at Accuvant (now Optiv), where I was a part of the team that built and led the most prominent technical consultancy at the time, Accuvant LABS, working with over 95% of the Fortune 500 as an offensive security expert.”
Formation Of Halcyon
How did the idea for Halcyon come together? Miller shared:
“The idea for Halcyon was formed in 2021 by a team of cyber industry veterans who were tired of unsuccessfully battling today’s onslaught of ransomware threats for years. The team of leaders from Boldend, Cylance (now Blackberry), Accuvant (now Optiv), and ISS X-Force (now IBM) recognized existing tools were not made to defeat advanced threats like ransomware. Halcyon is the first and only dedicated ransomware company designed from the ground up to prevent and defeat ransomware.”
Core Products
What are the company’s core products and features? Miller explained:
“Halcyon’s core product is its industry-recognized Anti-Ransomware Platform. The unique platform is easy to deploy, doesn’t conflict with existing endpoint security solutions, and provides multiple levels of protection against ransomware.”
“In order to properly defeat and defend from ransomware, the platform was designed with failure in mind. On the rare occasion that a ransomware payload manages to execute, Halcyon autonomously neutralizes the attack and enables teams to recover and restore the impacted endpoint quickly, within minutes. The Halcyon platform stops attackers at all phases of the attack chain by using multiple proprietary detection engines that specifically target ransomware.”
“Its Pre-Execution Layer prevents ransomware from executing without being connected to the internet and is enhanced once connected to its powerful cloud engine.”
“The Exploitation Layer takes advantage of weaknesses commonly found in ransomware, forcing it to shut down or reveal itself before damage can be done.”
“The Behavioral Layer employs a unique proprietary micro-model architecture designed on the principle of capsule network-based machine learning that enables broad benefits over previous behavioral analysis methods.”
“The Resilience Layer is backed by several levels of endpoint resiliency specifically designed to prevent a ransomware infection from spreading to other endpoints, reducing the potential impact of a successful ransomware attack.”
“The Halcyon multi-layered protection with endpoint resilience solution saves users from new ransomware threats, maximizes ROI by minimizing the impact of attacks, and effectively reduces cybersecurity insurance premiums.”
Significant Milestones
What have been some of the company’s most significant milestones? Miller cited:
“Halcyon has achieved many milestones over the past few years.”
“For starters, we raised $50 million in a Series A funding round led by SYN Ventures in April of 2023 to accelerate the development and adoption of Halcyon’s Anti-Ransomware platform. In the same year, Halcyon received an oversubscribed $40 million in Series B funding led by Bain Capital Ventures – totaling $90 million in funding.”
“Halcyon unmasked a critical player that has been central in facilitating major ransomware attacks and multiple state-sponsored operations, known as Cloudzy. Halcyon’s research and engineering team uncovered two ransomware affiliates linked to the internet service provider.”
“Furthermore, Halcyon has received many accolades, most recently being named to Fast Company’s 2023 Next Big Thing in Tech list.”
Customer Success Stories
After asking Miller about customer success stories, he highlighted:
“On May 20, 2023, a manufacturing company with revenues nearing $1 billion annually was attacked by the Akira ransomware group. Akira encrypted all Windows workstations and servers, halting their business and operations. All backups were destroyed and were not recoverable.”
“The company feared they would need to rebuild all their systems from scratch, which would require multiple technology partners and take months to complete at great cost to the organization. However, by partnering with Halcyon, the company and their incident response provider were able to quickly restore their most critical assets and resume operations.”
“Halcyon immediately restored 90% of file shares, 95% of critical server infrastructure, and nearly all local files impacted by the attack. Halcyon then expelled the attackers from the network to ensure a secure operating environment.”
“Halcyon accomplished this without the need to pay the attackers a ransom, without capturing an encryption key, and without the need for costly remediation approaches like the re-imaging of every impacted device. The company has now deployed Halcyon across their entire network and has not experienced any disruptions from subsequent ransomware attacks.”
Funding
When asking Miller about the company’s funding information, he revealed:
“In 2023, Halcyon raised $90 million in two consecutive funding rounds in under a year. Highlighted above.”
Differentiation From The Competition
What differentiates the company from its competition? Miller affirmed:
“While much of the previous generation of endpoint tooling has been built to prevent or investigate commodity malware, these tools have done little to mitigate the explosive growth of ransomware. Halcyon is explicitly designed to defeat ransomware operations, preventing initial intrusion, lateral movement, and data exfiltration to immediately reverse the impact of ransomware attacks.”
“Halcyon offers the only technology defined from day one to defeat ransomware. By leveraging Capsule Networks (CapsNets), Halcyon can accurately detect different types of ransomware variants and attack campaigns. While other solutions only rely on Convolutional Neural Networks (CNN). However, when it comes to ransomware, CapsNets are the best approach to detecting ransomware variants and campaigns because they can recognize the complex relationships between different parts of the ransomware. CapsNets can learn from hierarchical relationships between the parts of the ransomware, which allows them to generalize better for ransomware detection.”
“Furthermore, CapsNets can also learn from historical data to recognize standard user behavior patterns, which can help them distinguish between legitimate user activity and ransomware. Through CapsNets, Halcyon can leverage context to determine if a given user activity is typical or unusual and can also use temporal information to determine if the activity is part of a larger ransomware attack.”
Future Company Goals
What are some of the company’s future company goals? Miller concluded:
“Looking ahead, Halcyon will continue its mission of defeating ransomware. Our company goals include constantly innovating and identifying new ways to stop the ransomware threat. We have a lot of exciting announcements in the pipeline coming soon.”
