Smartbox.ai has entered its ‘Ray Kroc phase’ as it pursues a £250m valuation, its Chief Revenue Officer Darren Spence has asserted.
The partner-focused start-up uses AI to “quickly” detect and redact personal and sensitive data from data lakes and IT environments.
Spence joined Smartbox.ai last August to help monetise the business and build its go-to-market and channel strategy.
“The way I explain it to my friends is that we’re in a bit of a Ray Kroc phase,” Spence told IT Channel Oxygen, referring to the man commonly credited with the global success of McDonalds.
“It feels like an overnight success that is six years in the making.”
Operating a partner-first model, Smartbox.ai’s technology has two use cases, namely subject access requests and cyber incident response. Resellers with a data management practice can provide a new service to their customers in both scenarios, Spence said.
“It loves unstructured data – you can point it at Office 365 and it will very quickly find any information that might be of a confidential nature or identify an individual,” he explained.
Founded in 2017 by Ben Gowers and Mark Callahan, Smartbox.ai was staffed mainly by techies when Bytes Document Solutions and Boost Technology Group luminary Spence came on board.
“They were there to build the tech and make it fit for purpose. My job was to take it to market, grow a sales team and put together a go-to-market strategy,” Spence explained.
“When I joined we had a direct sales force. We pivoted that to be a partner-first team because of the success we’d had with Xerox and other channel partners.
“Our valuation is at £25m at the moment and we see upside of at least ten times that in the next couple of years, and we are investing and resourcing up for that.”
Spence said he spends 30% of a typical day raising investor funds, 50% advancing its partner strategy and 20% helping to get sales deals over the line.
“One day I’m talking to investors who are making a quarter-of-a-million-pound investment, and the next I’m getting into the weeds with the sales team. It’s a fast-moving, exciting business.”
The global subject access request market will be worth £10bn by 2030, Spence said as he dug into Smartbox.ai’s first use case.
“The problem organisations face when they get subject access requests is less about finding the personal data on the actual subject, and more about redacting the data of any third parties whose data may be contained alongside the subject. We save companies a lot of time,” he said.
Smartbox.ai could have prevented the recent Police Service of Northern Ireland data breach, which stemmed from a botched response to a Freedom of Information request access request, Spence claimed, meanwhile.
“Let me give you [another] anecdote around that second use case,” he added.
“We were contacted in December last year by a company in Ohio who had had a data breach.
“They didn’t know how much personal data had been compromised, so they used Smartbox to interrogate the [affected employee’s] inbox. Near enough at the touch of a button, we were able to show every name, credit card number, password and CVC number of every single person that was in this person’s inbox so they could use this information [to determine] whether or not to notify the FBI.
“That company had such a good experience that they asked us whether we could do that proactively and go through their entire IT environment and identify where all of their sensitive data is. Armed with that information, they can decide whether to move, delete or secure it.
“That is the security play, and channel partners can certainly build it into their portfolio in that general cyber posture market.”
Looking ahead, Spence revealed that London-based Smartbox.ai is preparing to launch a US team in January, adding to feet on the street already in place in France, the Benelux and Ireland.
“Ultimately, we want to be the go-to company that can find personal and sensitive data servicing both those markets – the subject access request market and the cyber incident response market,” he concluded.