Rubrik Is The ‘Only’ Provider Of Zero Trust Data Security: CEO Bipul Sinha

The company, which helps enable businesses to recover after a ransomware attack, said it has reached $500 million in annual recurring revenue and added the former CEO of Palo Alto Networks to its board.

Even with the industry-wide effort by cybersecurity vendors to offer products that help enable a “zero trust” security posture for businesses, Rubrik co-founder and CEO Bipul Sinha contends that his company stands alone in offering data security built on zero trust principles.

Whatever you think of that claim, there’s no disputing that Rubrik has caught hold of something big on its quest to help businesses recover from ransomware and other threats to data.

As evidence of this, the company on Wednesday disclosed that it has now crossed $500 million in annual recurring revenue (ARR) for its software subscriptions. That’s up from $400 million in ARR as of late August, and puts privately held Rubrik in the same ballpark as some of the industry’s publicly traded firms, such as SentinelOne.

[RelatedThe 10 Biggest Data Breaches Of 2022]

In a bid to add even more cybersecurity firepower, Rubrik also announced Wednesday that it has added the former CEO of security giant Palo Alto Networks, Mark McLaughlin, to its board.

Without a doubt, Rubrik now has the “scale and momentum” to go public when the timing is better, Sinha said in an interview with CRN. In the meantime, the company will keep pursuing aggressive growth through channel partners, with the channel continuing to drive 100 percent of the company sales, he said.

Rubrik’s advantage, according to Sinha, is that “from day one” the company was committed to an architecture for its data protection software built on zero trust, involving steeper requirements for user access to data and greater control for organizations.

As a result, “we are the only zero trust data security platform,” Sinha said. “And that’s what is driving our demand, because that’s what businesses need. They need to have a platform where you can only interact with the platform with full authentication.”

By contrast, he said, “the classic backup and recovery architecture is a ‘full trust’ architecture.”

What follows is an edited portion of CRN’s interview with Sinha.

As you’ve said before, Rubrik is aiming to be seen as a cybersecurity company at this point. Where are you focused within cybersecurity?

What we are seeing is that the classic infrastructure security, around prevention and detection of attack, is not 100 percent. So every business is thinking about cyber resiliency. And resiliency means, how do I continue to operate, even [amid] attacks such as ransomware? How do I keep going even when there is a significant attack? How do I create a resilient business? And that’s the Rubrik business. That’s [our] approach with cybersecurity, because what we are saying is, data is the most important asset of any organization. And if your data is secure, your business is secure. So if we can make your data available always, you can reconstitute your business and keep going. And that’s what is driving our growth. We just crossed half a billion in ARR. It is driven by the business’ need for cyber resiliency.

Can you say what your ARR was at this point a year ago?

I can’t comment on the number as of last year, but we are growing about 100 percent year-over-year. 

What would you point to as one of the key moves you’ve made, that’s enabled Rubrik to get to this level?

Rubrik from day one took the decision of building a new software [platform] based on zero trust principles. So we are the only zero trust data security platform. And that’s what is driving our demand, because that’s what businesses need. They need to have a platform where you can only interact with the platform with full authentication.

So you’re not enabling customers to do zero trust in general — what you’re doing is protecting their data on your own platform in a zero trust fashion?

Yes. And if you think about it, that is the right posture — because if the business’ most critical asset is protected in a zero trust framework, that means the business is safe. We are not throwing it to the customer.

When we started Rubrik, what we saw was that classic cybersecurity was not helping with data. They were trying to prevent and detect problems, and backup and recovery was built for natural disaster, or human error. It was not built for cyberattacks and cyber disasters. And what we did was we took these two separate concepts and combined them into a single platform with zero trust principles. And that was the decision we took nine years ago. 

That’s well before zero trust was the big buzzword in security — you feel like what you had back then lines up with how people are defining zero trust today?

Exactly. Because what zero trust means is that you assume that breach has happened and everything else is compromised. That’s what we assumed. The classic backup and recovery architecture is a “full trust” architecture, which assumes that if you can get to the backup software, that means you are trusted. In our case, we created a brand new architecture, which assumes that a breach has happened and everything else is compromised.

Leave a Reply

Your email address will not be published.