.406 Ventures Founding Partner Maria Cirino on VC Funding in Cybersecurity

As Founding Managing Partner at .406 Ventures, Maria Cirino is one of the nation’s most accomplished and admired women venture capitalists. Under Maria’s leadership, .406 Ventures has funded some of the most successful startups in cybersecurity, digital health, and data and cloud management, including, Carbon Black, and Veracode, among others. During its existence, .406 has raised more than a billion dollars across six funds, and the companies in its portfolio have created more than $12 billion in enterprise value.

Maria sees her role as an experienced operator and entrepreneur who helps   entrepreneurs build and grow their companies.

In her role at .406, Maria serves as a member of the Board of Directors at Simon Data and Onapsis.  She has also served on the Boards of Threat Stack, Mineral Tree, Carbon Black, Vaultive, Veracode, AuthAir, Attend.com, Digitalsmiths, and Memento. Prior to .406, Maria served as SVP of VeriSign; CEO and Founder of Guardent; SVP Sales at Razorfish; SVP Sales and Marketing at i-Cube; VP Sales, Americas, at Shiva; Senior Manager Channel Marketing at Lotus; and VP and General Management at Software City.

Maria was educated at Mount Holyoke College in South Hadley, Ma.

Slone Partners Cybersecurity is pleased to present Maria Cirino’s unique and valuable insights in this exclusive interview.

Yours has been a truly remarkable career. Discuss how your early experiences groomed you for your VC work.

I started my career in a company that was growing rapidly, so I had the opportunity to do many different jobs, all of them customer facing. I think experiencing many roles helps you to understand the business in a holistic way and appreciate the interdependence of these roles in a successful company.  I was also extremely fortunate to have worked for several managers throughout my career who pushed me into new roles and increasing responsibility far earlier and beyond what I thought I was capable of.  The best training to be a VC investor (and it should be a prerequisite), is being an entrepreneur and having lived in the start-up world. Whether your business succeeds or fails, the lessons you learn and the empathy you develop is critical for being able to be helpful and constructive for the entrepreneurs you invest in as a VC.

As an investor, what are the characteristics you look for in seed and growth-stage cybersecurity companies? How important is leadership in that calculus?

At .406 Ventures, we typically invest in Series A rounds. There’s usually some technology for us to evaluate and sometimes some early/beta customers to help validate the need and efficacy of a product or tech-driven service so we certainly spend time evaluating those things.  However, at the end of the day our willingness to write a big check inevitably comes down to how we feel about the individual or team we are backing. Strong leadership qualities are imperative along with demonstrated perseverance, the ability to go the distance, self-awareness and humility, a monstrous sense of taking responsibility, off the chart's honesty and integrity, and someone who people naturally gravitate to and want to be in the foxhole with. We love backing people who can describe the worst mistake, disaster, or problem they were ever associated with and don’t blame it on something or someone else.

How important is it for early-stage companies to have cybersecurity representation on their Boards?

Cybersecurity is so critically important to ensuring that a company’s operations and customers don’t get compromised that most boards are relying on cyber experts to help navigate the complex and unrelenting landscape. Cybersecurity is the most dynamic of all IT challenges companies face and unlike some other less dynamic IT challenges, the cyber landscape changes every minute of every hour of every day. It’s an arms race and requires an unprecedented level of expertise and significant technology investment. We also see startup companies hiring Chief Information Security Officers (CISOs) far earlier than ever before.

In your experience, who are the most innovative cybersecurity entrepreneurs out there?

Of course. I’m partial to the amazing entrepreneurs that I’ve been fortunate enough to back, folks like Chris Wysopal and Christian Rioux of Veracode and Todd Brennan and Mike Viscuso of Bit9/Carbon Black fame but there are many, many incredibly talented cyber entrepreneurs. What makes many of our entrepreneurs so successful is that they lived the problem they are trying to solve. They often sought out technology solutions that didn’t exist or didn’t work well and then quit their day jobs to go build the thing that they needed in their roles as cyber consultants, CISOs, engineers etc. Backing a monster smart person who has lived the problem, understands the problem and associated challenges in such a unique and firsthand way is our favorite thing to do at .406!

It is often predicted that the information security industry is one of the few that will continue growing even as VC money tightens up. Do you have any insights as to why that is?

As I’ve seen personally across several economic downturns over the past couple of decades, cyber has become more and more recession proof. It’s simply too essential to the uptime and availability of the IT infrastructure, enabling the company to operate.  Without it companies can’t operate without breaking privacy laws which puts officers and shareholders at risk. Nothing like some personal risk to keep a budget intact.

In recent years, .406 has focused much of its investing in healthtech. Why has that become such an exciting field?

We essentially have three legs of the investing stool at .406 Ventures: cybersecurity which we’ve been doing for 16 years; healthcare technology and services; and data. Data and healthcare have grown significantly over the years because healthcare, and more specifically driving healthcare costs down while producing better outcomes is the single biggest challenge and opportunity the world faces.  Data runs everything today and everything runs on data so there’s a really nice coming together of our data practice across our cyber and healthcare practices as these areas are all overlapping and codependent to some degree. The outcomes that many of our healthcare investments have produced to meaningfully and positively change results across primary care, elderly care, eating disorder therapy, and drug addiction, among others, are so impressive in terms of their effectiveness while lowering the cost of treatment, it’s extremely gratifying to be a part of these revolutionary companies.

How do companies in .406’s portfolio approach issues relating to diversity, equity, and inclusion (DEI)?

The best companies (whether in our portfolio or not) take DEI very seriously and invest from day one to ensure their cultures are as inclusive and diverse as possible. So many studies and resulting data prove this beyond a doubt, so when we see companies that need to pay more attention to DEI, we help them understand its importance to their success and provide the necessary support to get them there.

When you’re not in the office or the Board room, what do you like to do for enjoyment?

Tennis, tennis, tennis and playing on the beach with our poodles.

Slone Partners Cybersecurity understands and meets the talent needs of high-performing organizations and health systems.
Get Started Now