Back to stories

Resilience Against Ransomware: Our Investment in Mimic

May 2, 2024

The consequences of a ransomware attack are catastrophic. 

In the event of an attack, enterprises are at the mercy of the perpetrator. They must foot the bill for the downtime, system recovery and remediation, cyber forensics, upgrades, compensation, audits, and legal. On average, ransomware attacks cost enterprises a whopping $5 million per incident. But it doesn’t stop there; reputational costs can be even higher.

And yet, ransomware events are only becoming more pervasive. 2023 saw an increase in both attack frequency and severity. In the first half of 2023, ransomware claim frequency rose 27% while claim severity rose 61%.

In February 2024, Change Healthcare (of UHG), the largest clearing house for U.S. medical claims, was forced to disable over 100 systems due to a ransomware attack that took six terabytes’ worth of sensitive medical and financial data hostage. UHG paid $22 million to the perpetrators and issued $3.3 billion in loans to its providers as practitioners were forced to work without pay, furlough staff, pay fines, or shut down. While recovering, Change Healthcare became the victim of yet another ransomware attack on April 8, with four terabytes of sensitive data at risk. 

Similarly, the MGM Grand and related casinos were subject to a ransomware attack this year that brought down gambling and hotel operations for several days. While MGM chose not to pay the $30 million ransom, they did wipe and rebuild all of their systems, resulting in $100 million in lost revenues. This figure does not include the millions paid in fees to legal counsel and consultants, or the reputational damage MGM must now work to overcome with its patrons.

The resulting market effects are compounding—ransomware attacks are more frequent and costly than ever before. Recent vulnerabilities are increasing the pressure for dedicated ransomware prevention and protection solutions. Governments and CISOs are demanding improved ransomware solutions. The SEC mandates companies to report material ransomware attacks and annually disclose their cyber management protocols. It’s no longer a nice-to-have, but a must. Still, the existing market consists of broad security tools with add-on ransomware modules or antiquated solutions that take hours to resolve breaches. What the market needs is a modern solution specially built to understand modern attack techniques—a solution that can detect and act faster than bad actors have time to plant their software.

Enter Mimic

We’re thrilled to announce our investment in Mimic and their emergence from stealth. Mimic is a next-gen anti-ransomware solution built for the enterprise—a category-defining technology responding to these very market demands. At a high level, Mimic’s solution is threefold: algorithmically detect the behavior patterns indicative of impending or current ransomware behavior, deflect threat actors from expanding their own access, and recover lost data or restore it to its pre-ransomware state. 

Mimic’s approach is distinct in their ability to leverage high-fidelity and up-to-date ransomware data (from both public and proprietary sources), deterministic analysis to lower false positive rates, and server-based defenses to detect malicious bypass activity.

Everything about fighting ransomware comes down to time. Mimic’s proprietary methods of detecting and deflecting attacks are so much faster than the current EDR/XDR solutions that they allow customers to survive an attack with their core systems still functioning—but in a way that allows the threat actor to believe their attack was successful. This gives CISOs and IR teams time to figure out how the attacker got into their systems in the first place. 

Backing the Best

What really gets us excited about Mimic is the team. Mimic is led by two powerhouses in cybersecurity—Derek Smith (CEO) and Bob Blakley (Chief Product Officer). Derek’s been a longtime friend of Menlo, and his accolades are beyond impressive. Derek’s a four-time serial entrepreneur, twice in the cybersecurity space. In 2001, Derek founded Oakley Networks before selling it to Raytheon in 2007, where he served as the VP of Cybersecurity. Derek then worked for the U.S. Department of Defense as a senior advisor for cyber policy in the Office of the Secretary of Defense before leaving to found Shape Security, which was ultimately acquired by F5 for $1 billion. Throughout his career, Derek garnered a reputation for being laser-focused, driven, a talent magnet, and a top-class executor. 

Bob brings operational and technical expertise to Mimic. His experience as the Global Head of Information Security Innovation at Citi and an Operating Partner at Team8 lends itself well to lead Mimic’s product insights and early enterprise relationships. 

We’re excited to partner with Derek, Bob, and the world-class team they’ve brought into Mimic. We at Menlo have been strong believers in securing the enterprise software and infrastructure stack and look forward to supporting Mimic in their mission to build the definitive ransomware solution. Mimic joins Menlo’s growing portfolio of top-notch cybersecurity companies: Abnormal Security, Appdome, Cequence, Dedrone, Immersive Labs, Obsidian Security, Sonrai Security, StackRox, and Strata Identity

If you’re a founder of a cybersecurity company, we’d love to hear from you.