Virtru Targets AI-Driven Control of Unstructured Data With Iconiq-Led Funding Round
A data-centric security vendor led by a former U.S. Department of Commerce official raised $50 million to capitalize on emerging opportunities around unstructured data governance and AI.
See Also: On Demand | From Patch to Prevention: Modernizing Remediation Across Hybrid Environments
Washington D.C.-based Virtru sees itself as increasingly relevant in an age where sensitive data must traverse both public- and private-sectors, according to SVP and CMO Matt Howard. He said the new funding doubles Virtru’s valuation to $500 million. It will help the firm enable persistent, granular control of sensitive data even as it flows beyond the network perimeter, he said.
“This is an overnight success that’s taken more than a decade to make happen. The company has been intentional about building value, brick by brick, step by step,” Howard told Information Security Media Group. “And when you get to a place like we are at our scale, you see the opportunity for granular policy and access control on sensitive, unstructured data.
Virtru, founded in 2012, employs 205 people and has nearly raised $190 million in seven rounds of outside funding. It received $60 million of Series C funding round in January 2022. The company has been led since inception by John Ackerly, who also served on the White House National Economic Council (see: Chertoff Group Arm to Buy Trustwave From Singtel for $205M).
Why AI Has Made Data-Centric Security More Challenging
Howard said its newest funding round – the money is from investors at Iconiq – will capitalize on Virtru’s existing market traction around email, file sharing, SaaS applications and give the company the financial wherewithal to address the intersection of unstructured data with artificial intelligence. With AI causing unstructured data to move in increasingly dynamic ways, Virtru will invest in the architecture that governs that movement.
“The opportunity to really go to the next adjacency with AI is upon us, and putting cash on the balance sheet to go after that opportunity is, ‘Why now?'” Howard said.
The security industry is realigning from perimeter- and identity-focused protection toward data-centric security models as the market sees the need to protect data directly rather than merely protecting endpoints and access pathways, Howard said. Unlike others who specialize in discovery or classification, he said Virtru’s differentiator is providing enforceable governance when sensitive data is in motion.
“The purpose is to protect the data, and if you want to protect the data, you’ve got to bring security control closer to the data,” Howard said. “And that’s what we do, and that’s why our value doubled and that’s why we’re excited about continuing to grow the business into the future.”
AI is a new frontier for data-centric security since it can ingest and act on unstructured data, which Howard said significantly amplifies the volume, velocity and exposure risk of unstructured data. Howard said Virtru’s trusted data format enables organizations to maintain control over sensitive information as it flows through LLMs, agents and collaborative AI workflows.
“The information needs to move because information is the oxygen that every business breathes, and when it’s moving, you’re going to want to have some element of governance and control,” Howard said.
How Clean Room-Style Analytics Fits Into Virtru’s Strategy
A lot of data is unstructured. It comes from emails, documents, transcripts, images – the stuff of free-flowing, human-created records. But most governance tools were optimized for structured data, Howard said – data that conforms to a model. Virtru’s solution is built from the ground up to handle unstructured information.
“Now that I understand where my data estate is, I understand what’s sensitive and what isn’t, how do I then get governance and control with respect to the data that I know I’m going to let flow out, either through an email workflow, an AI agentic workflow or an LLM workflow?” Howard asked.
Virtru plans to invest in clean room-style analytics, where two parties can analyze combined datasets without actually exchanging or exposing raw data. This use case is increasingly common in sectors such as national defense or pharmaceuticals, where Howard said the need for secure, multi-party analytics is particularly acute but legal, policy, or intellectual property concerns prevent direct data sharing.
“Is there a way that we can cross-pollinate our data so that we can both do analysis of the combined dataset in a way where we can cryptographically prove that you didn’t get access to my data and I didn’t get access to your data, but yet, we were both able to get the benefit of derived, multi-party analytics?” Howard said.
At the core of Virtru’s technology is the trusted data format, an architecture standard that originated at the NSA and was developed by company co-founder Will Ackerly. Trusted data format allows metadata to be bound to digital content, enabling object-level control over access and usage. This technology has already proven itself in mission-critical scenarios, particularly in the Department Defense and intelligence community.
“Over the last three years, we’ve really established a pretty material position of value inside of the Defense Department and the National Intelligence community with the trusted data format,” Howard said.
