Tessian, a tech startup using machine intelligence to transform email security, lands $13m series A from Balderton and Accel

London-based cybersecurity startup Tessian has today announced the closing of $13m (£9m) in a series A round, led by Balderton Capital and existing investor Accel Partners.

Top venture capital firms like Amadeus Capital Partners, Crane, and LocalGlobe among others also participated in the round.

A tech startup with its founders’ roots in investment banking, Tessian’s machine learning software protects companies against the problem of highly sensitive information being sent to the wrong person on email, by analysing past behaviours to understand normal (and abnormal) email sending patterns.

“We saw data loss all the time on email channels, often through inadvertent behaviour, or at times through people sending it to their personal email,” said co-founder Tim Sadler, speaking to City A.M. in an interview.

“Banks have enormous amounts of money to spend on email security, so we thought ‘why is this still a problem?’”

Formerly known as Checkrecipient, the company has done a lot of growing since its seed round in April last year. It can now boast clientele like Schroders, Dentons and Clyde & Co under its wing, with over 70 UK law firms using the platform to protect their email networks.

Sadler said its annual revenue has increased by over 400 per cent in the last 12 months, with the Tessian team also ballooning in size from 13 to 50 people.

It hopes to use the new funding to push growth even further, expanding its product offering and hiring even more staff for its soon-to-be new office on Liverpool Street after outgrowing the Silicon Roundabout.

An image of how Tessian's software works

“When you send an email, [the software] is checking if you are accidentally sending this email to the wrong person, or are you intentionally sending this email to an unauthorised person,” explained Sadler.

“But over time, we hope it will look at all of the challenges around email, and use this information to solve other problems on the email stack in a completely automated manner.”

The whole process from the start of installation to having a working product takes about 24 hours, after which companies have automatic protection. Clients get daily reports on the breaches Tessian has then prevented, as well as a historic report on day one.

“In the long term, we perceive today’s perimeter of the enterprise are the humans within it. If you think about people trying to hack into organisations now, you’re hacking the human who is the gatekeeper for all their services.”

“Today this is email, but this could evolve over time to be instant messaging, voice, or a number of entry points.”

Suranga Chandratillake, a partner at Balderton Capital, gave the example of how, the vast majority of times data is stolen or lost, it happens because of human error: “Someone in accounting doesn’t pay enough attention to an email and makes a payment they shouldn’t have, or someone in HR gets a call from somebody who sounds like the CEO and gives sensitive employee information over the phone.”

Too many solutions to these problems revolve around rule-based policy, which leaves room for loopholes when a new rule hasn’t been written yet.

“Simply put,” Chandratillake said, “techniques like machine-learning create a framework that computers can use to understand what normal behaviour looks like. Once you know normal, you can spot abnormal.”

“The genius of this approach is that while the product focus today is on email – by far the most used communication channel in the corporate enterprise – their technology can be applied to all communication channels in time. And, as we all communicate in larger volumes and on more channels, that represents a vast opportunity.”