Via The Sunday Business Post: Could Barricade.io do for web security, what Stripe did for payments?
The plan was to set up in either Dublin or San Francisco but, in the end, David Coallier picked Cork to establish his latest venture Barricade.io. At 28, Coallier has already built up an array of multimillion-dollar software businesses.
His talent is spoken about in revered terms in Irelands start-up community. It took him less than six weeks earlier this year to raise 1.2 million from top notch investors to found Barricade.io, a web security start-up. The word in tech circles is that it promises to be his most exciting business yet.
We meet in Cork. The Canadian, whose grandmother hails from Ireland, had spent the previous night camping in the nearby mountains. He was taking a few days of holiday, he told me, but has come into the office to be interviewed.
So, why set up in Cork, I ask?
San Francisco, for me, is the Hollywood of software engineers, Coallier explained. Its very expensive there. Dublin, the home of Facebook, Airbnb, Google and Dropbox, had a similar problem, he said.
When I was doing customer research and competitor analysis, I found that Cork had a lot going for it, he said. EMC, the IT storage giant, and AlienVault, a security hardware company, were both in Cork, he added, as was University College Cork, a source of skilled engineers.
Cork has the perfect balance, bored corporate people, and excited postgrads, grads and undergrads who want to come together and do something interesting, Coallier said.
Finding a suitable office in Cork wasnt easy. His landlord showed him a high-spec office, but Coallier chose a ground floor space previously used as a storage area instead.
Barricades office, in a box-like building in Airport Business Park, has a raw, stripped-back feel. It has a chipboard kitchen area with bottles of whiskey and its own speciality coffee menu.
There is a big, old-fashioned phone box to allow calls be made without disturbing an array of coders seated behind gleaming Apple Mac computers. In a corner there are couches around a coffee table which has a giant set of steer horns on it, a gift from its Texan office.
— Barricade IO (@barricadeio) August 5, 2015
In total, Barricade has taken 7,200 square feet which, after it finishes its current hiring round, will be enough to hold 45 people by the end of the year. The average age in his company is 35, with the youngest employee being 22. Louise Johnston, the former Fade Street television star linked to singer Ed Sheeran this summer, recently joined the company in a business development role from Lovin Dublin.
Despite the unfinished feel of the office and the average age of staff, there is a feeling that it could be a billion-dollar business. Oh, and the company is not even a year old.
Coallier got the idea for Barricade.io sitting in a cafe in San Francisco in July 2014. It was getting dark, and he could see the lights going on in houses, and from peoples smartphones. He thought that in the future people would someday need an alarm system for all the things they used which are connected to the internet, from baby monitors to laptops.
He decided to develop a product that would act as an early warning system against hackers. At the time Coallier was a data scientist at Engine Yard, a California-based cloud software company. Engine Yard had previously bought Orchestra, a company co-founded by Coallier with two friends, including start-up entrepreneur Eamon Leonard.
Coallier decided to quit Engine Yard and set up Barricade.io. He handed in his notice to his boss Jeff Reich, the chief security officer of Engine Yard, who had previously worked with Nasdaq listed Rackspace.
The next day, Jeff called and said, When are you going to hire me, Dave?
It didnt happen right away, but Texas-based Reich is now Barricades chief security officer. Coallier meanwhile, met 200 start-ups and SMEs to test his ideas.
After talking to a bunch of people, getting the idea validated, we built a small prototype and it worked really well, and we knew this could be something.
Coallier founded Barricade.io on October 15, 2014, but it only moved into its new office on January 13 this year.
He was already a millionaire from selling previous software businesses, but Coallier knew he needed to raise external funding too.
He was comfortable raising money, as an angel investor in two of Irelands hottest tech start-ups: Intercom and Trustev. I kind of know how to speak to investors, but I also knew how to do my homework I need to know this, I need to know that . . . so when I presented it to people they were like,Yeah, I kind of like this idea, I want to jump into that.
In less than six weeks, Coallier had raised 1.2 million from angel and venture capital backers, including Frontline Ventures and Tribal Ventures. This gave Barricade.io a runway of 18 months, but it is already just beginning to raise more.
Were aiming for between five and ten million. We might do a bridge round first, a two million round, and then do another five, ten million after that, he said.
When I was doing the seed round, I was already in discussions for series A, so theres a few larger firms we are already talking with. The companys focus however, he said, was very much on its products.
We build, and were building an engine thats artificially intelligent, that learns patterns, discovers anomalies. It basically learns new behaviour, and thats how we can identify malicious, malignant or even suspicious behaviour, as opposed to normal behaviour, he said.
— Barricade IO (@barricadeio) July 31, 2015
Barricade.io, he said, detects attacks and quickly alerts users to how to defend themselves by preparing them a response plan. Were trying to make security very kind of human, rather than adversarial . . . security should be human so it becomes a lot less scary than what it is now.
At the moment, Barricade.io, is growing at 100 per cent per week. Its really good, Coallier said. Were very careful not to overreach either, because one of our things is customer support.
Reich, a distinguished fellow of the Information Systems Security Association, has already opened doors for the company. It also plans to target developers through a Slack ad campaign.
But, where are the attacks coming from that Barricade.io is detecting?
He said maybe 60 per cent of all attacks appeared to come from China, with the remainder from Russia, Europe, the US and India. I see a lot of attacks from China . . . I think theyre just proxies, I dont think that theyre originating from China.
The recent giant hack of online cheating website Ashley Madison highlighted the risk to businesses of losing their confidential data.
Its not only large sites that get attacked, Coallier said. In fact, most attacks are on smaller sites and the weirdest metrics I know is that 80 per cent of attacks are opportunistic.
Even if you have only a small site, theres still data that you have about your customers, or that could damage your reputation.
I think location is a fallacy at this point in history. Sure, you live somewhere, but its all digital, it doesnt exist, its all different places connecting to each other.
His own interest in security and hacking goes back to his childhood when he learned to pick locks. Coallier grew up in a town called Saint-Patrice-de-Sherrington in Quebec. It was like a very small Irish village, so I always had a romantic fantasy of Ireland, he explained.
Then his parents bought him a computer, which Coallier learned to hack at 15 to get better video game scores. When I was 16 I sold my first company, which was a piece of Java software that was scanning for wifi networks, Coallier recalled.
The software could be used to find insecure networks, identify machines that were vulnerable, and warn their owners. A professor in McGill University in Montreal, Canada, put Coallier in touch with a friend who bought the software before it even had a name.
Coallier knew the professor because he was attending electrical and software engineering lectures in the university despite, at 16, being too young to formally go there.
They didnt mind at all, they were, Yeah, fine, hes participating, and then after that a company said, Hey, why dont you come and work for us and write software? Fine.
Coallier was just 17, and he found himself writing software for a photo printer company. He spent two years there, as well as freelancing with another company where he was a shareholder. He made friends with two Corkmen who encouraged him to come to Ireland.
Then he went to a developer conference in Ireland where a mutual friend introduced him to Eamon Leonard, a red-hot Irish developer. They went for a pint.
Halfway through the pint, Eamon goes, Do you want to start a business? I said, Yeah, lets do it, Coallier recalled.
In September 2008, they founded a web software company called Echolibre. After that, in 2011, they started another development business called Orchestra.io. Six months later, Engine Yard bought both of their businesses, for an undisclosed, but multimillion sum.
Was that his first million from software? Not from that company, but yes, I made it out of software, Coallier admitted. It was an earlier company, that was not a publicly-known company at all… we were working on radio technology essentially.
Coallier added that this company was in the defence sector, and he couldnt talk about it.
So, its a secret? Pretty much.
The developer stressed however, the software business risks, as well as, rewards. Theres another company I was part of when I was about 19. And on paper I was worth $23 million. Never seen a cent of it! It went broke the next year.
This company, he said, was wiped out when Google added new features. After a year of chasing I was like,Fine,
screw it. It was fun, it was interesting. But most of the first real cash money was from the Engine Yard acquisition, he said.
Just as his business career was leaping forward, so too was everything else. Coallier married his French girlfriend at just 22.
My mum told me, Youre young, start to make mistakes. I was like, Fine, he said.
I moved out at 15, I did all my stupid mistakes, so 22 for me was like 26 for most people. She was my best friend, so I was like, May as well do it!
They now have a three-year-old daughter, who takes up most of his downtime. Im teaching my daughter survivalism because Im all into mountain climbing and going to the wild for a few days and coming back, he said.
We go into the forest, for a few hours or a day, we have lunch there and we teach her how to make a little fire out of nothing, that sort of stuff.
Back to the business. Could Barricade.io do for web security, what Stripe did for payments?
We are trying to stay away from the analogy of Stripe for Security, Coallier laughs. Stripe describe themselves as payments API [applications programming interface] for developers. We would like to consider ourselves the same for security for developers.
Initially, he said, Barricade.io, was targeting internet firms with less than 35 employees. The sweet spot is people that dont have security analysts yet, dont have the expertise, but they have people running their website, their services, their operations [who need us.]
Whats the ultimate goal? To be on every device, simple as that, Coallier said. Every device connected to the internet we want to be on it.
We want to make things more secure and natural and human to use. Security is hard, but it doesnt need to be hard to manage, Coallier said.
People say computers are dying, but one thing thats not dying is apps. That means more data is flowing; more data means more servers to store that data, to process that data and someone still needs to secure them.
So, is this a multibillion dollar business? Oh its huge, its massive. And I remember when we were raising the seed fund, people were saying, Whats your exit plan? Ive done an under $10 million exit now, Im not doing that.
Were going to go public, bust, or were going to be massive and stay private. Im not interested in slow business, slow start-ups, lifestyle, things that grow over too many years.
Coallier said Barricade was already based in Texas, but wanted to open in San Francisco and New York too. New York in particular is big into health, and fintech especially, which seems to be our sweet spot.
Im always open to selling, but at a much higher price-tag, Coallier laughed when asked would he sell this company as he has done others.
You can see already theres excitement from the customers, the investors, people you talk to. The early warning system against hackers works really well, it will resonate really well with everyone. Coallier said.
Its got legs. And its fun to do as well. And I like the team were putting together. Ive been off for two days, today is the first day coming back and I just walked in with big smiles. I couldnt wait to see the team again.
I was just sitting there this morning listening to the team talk. It was great, I love that stuff, its really good.
After selling on quickly in the past, this time Coallier wants a different story. Next time, it will be more than just millions.
Other Irish tech security firms to watch out for
Jumble.io: An impressive email encyrption company that is targeting legal, healthcare, media and other firms anxious to keep their data safe. Based in Dublin this ultra-simple service is growing fast backed by brothers Gavin and Emmet Kearney. End to end seamless email encryption whats not to like.
PixAlert: This Dublin firm has created technology to scan networks of its clients to detect data loss and inappropriate image content. It already has 200 clients globally and sales offices in the UK, US, Australia and New Zealand.
NetFort: Network and user activity monitoring software firm based in Galway. Founded in 2002 the companys clients are blue chip including the Revenue Commissioners, Paddy Power and Canada Life.
SpamTitan: Tracing its roots back to 1999 the Galway company has developer powerful email security and filtering applications. Led by Ronan Kavanagh the company regularly wins awards for fighting email spam and viruses.
Originally published in The Sunday Business Post.