Fraud Management & Cybercrime , Incident & Breach Response , Ransomware

Anti-Ransomware Firm Halcyon Gets $100M, Earns $1B Valuation

Series C Funding Boosts Expansion and R&D for Ransomware Defense, More Partnerships
Anti-Ransomware Firm Halcyon Gets $100M, Earns $1B Valuation
Jon Miller, co-founder and CEO, Halcyon (Image: Halcyon)

A ransomware prevention startup led by Cylance's former chief research officer raised $100 million to thwart data exfiltration and safeguard Mac, Linux and cloud environments.

See Also: Real-World Strategies for Securing Remote Workforces and Data

The Series C funding will allow Halcyon to further its unique attacker-led approach to development, which uses real-time insights into ransomware methodologies to create preemptive countermeasures, said Co-Founder and CEO Jon Miller. The Austin, Texas-based firm will expand its market footprint by entering new markets such as Japan and deepening strategic partnerships with giants such as Dell and Cisco.

"This wasn't somebody coming in and trying to buy a seat at the table," Miller told Information Security Media Group. "This was done by our existing board, so they're privy to all the numbers and all the performance, and they came in and decided that we had made the metrics that warranted a unicorn valuation. It's very, very rare for a company to go from zero to a billion in under three years."

Halcyon was founded in 2021, employs 212 people and has raised $190 million in four rounds of outside funding, with the company closing a $40 million Series B led by Bain Capital Ventures in Dec. 2023. The firm has been led since inception by Miller, who spent three years as Cylance's chief research officer and five years leading offensive platform Boldend. Evolution Equity led Halcyon's latest funding round (see: The Uphill Battle for Cybersecurity Accountability).

Halcyon's $1 billion valuation and Series C funding were not motivated by immediate financial need but rather the enthusiasm of existing investors, who Miller said recognized the company's rapid growth and potential. Miller attributes Halcyon's market traction and success with existing investors to the strategic alignment of the company's technology with critical and growing needs around ransomware protection.

What Makes Halcyon's Take On Ransomware Protection Different

Miller said Halcyon wants to combat the evolving landscape of ransomware attacks, including the rise of double extortion tactics wherein attackers demand ransoms to both decrypt data and prevent its public release. Halcyon has thus developed a data exfiltration protection tool that blocks unauthorized data transfers and has prioritized anti-ransomware tools for Linux, Mac and cloud platforms based on threat trends.

"We focus on what they're actually doing and then break that process, forcing them to continually innovate on their side and hopefully break their ROI," Miller said.

Unlike broader cybersecurity companies, Halcyon is narrowly focused on ransomware, which Miller said allows them to specialize in both prevention and recovery and address tactics with precision. Halcyon's attacker-led approach means the product evolves based on actual ransomware methods rather than hypothetical threats, cutting the impact of successful attacks through risk mitigation and rapid recovery.

"We're looking at these specific groups, what they're doing, what their tools are, how they're carrying it out, who they are, and using that to build the best solution to that one specific problem instead of trying to be a panacea for everything cyber," Miller said.

The extension of ransomware protection beyond Windows to include Mac, Linux and cloud platforms will address the shifting tactics of ransomware attackers, who are beginning to target those systems, Miller said. Halcyon also plans to expand its geographical presence, particularly in Japan, by leveraging partnerships with local entities, which Miller said mirrors the company's strategy in other regions.

"We've always focused on [areas] where the threat is biggest, and ransomware is primarily a Windows problem," Miller said. "But we are seeing some of the groups start to move over into Linux attacks, cloud attacks, and we've seen samples for Mac OS. At the same time, as they evolve there, we're trying to evolve ourselves to be the perfect counterpoint at any given time."

Partnering to Protect Dell and Cisco Endpoints

Meanwhile, collaborations with major technology players such as Dell and Cisco not only increase Halcyon's distribution capabilities but also enhance the effectiveness of the firm's anti-ransomware technology by embedding it into well-established platforms, according to Miller. He said the Series C funding will allow Halcyon to launch joint products with Dell and Cisco, making ransomware protection more accessible (see: Ransomware and Resilience: Where Trends Are Headed).

"Every startup that exists would love to be able to partner with companies like Dell and Cisco and have them actually bring the market," Miller said. "The problem that we're working on is so impactful, and this solution has been so effective that we've been able to, in a short time, do what normally takes more established companies 10 to 20 years to get done."

Halcyon's client base spans industries and geographies, Miller said, including Fortune 500 firms, SMBs, government, finance and healthcare organizations, with the latter being a priority since ransomware attacks can directly impact patient safety. Miller said Halcyon's technology caters to both mature enterprises seeking sophisticated risk mitigation as well as small businesses needing turnkey protection.

"I would put healthcare at the very top, but that's simply because you attack healthcare and people die," Miller said. "It's completely top to bottom in the market, everything from the largest enterprises down to SMBs through our managed service partners."

Miller said Halcyon stands out by offering free ransomware recovery services to clients who experience a breach, ensuring the company both provides preventive measures and supports its customers during incidents, absorbing their risk and limiting financial burden. While the company is in hypergrowth mode, Miller said Halcyon is focused on responsible spending and maintaining a clear path to profitability.

"We have enough cash on hand to get us all the way to profitability and our revenue target goal of hundreds of millions of dollars of ARR," Miller said. "The question comes down to responsibility, not wasting, hiring the people that we need to hire when we need to hire them. It's just a lot of non-traditional tech diligence around funds, and we're on a path to profitability in the next couple years."


About the Author

Michael Novinson

Michael Novinson

Managing Editor, Business, ISMG

Novinson is responsible for covering the vendor and technology landscape. Prior to joining ISMG, he spent four and a half years covering all the major cybersecurity vendors at CRN, with a focus on their programs and offerings for IT service providers. He was recognized for his breaking news coverage of the August 2019 coordinated ransomware attack against local governments in Texas as well as for his continued reporting around the SolarWinds hack in late 2020 and early 2021.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.co.uk, you agree to our use of cookies.