Though regulations protecting credit card data and patient information are most often proclaimed as the biggest opportunity for venture-backed security and compliance companies, many see a major opportunity in helping electrical companies become compliant with recent industry regulations that protect the electrical grid from cyber attacks.
One such company, CoreTrace Corp., built its first full year of sales on the back of the critical infrastructure protection guidelines from the North American Electrical Reliability Corp., a nonprofit that regulates the energy industry. Now CoreTrace has raised $5.3 million in Series B financing to further expand.
New investor GlobalSCAPE Inc., a file-transfer software company, led the December round with a $2.3 million investment. The remainder was provided by existing investors, including Venrock and Hunt Ventures, said Toney Jennings, CoreTrace's chief executive. He declined to disclose its valuation.
The Austin, Texas-based company builds white-listing software that only permits approved applications to run on a company's network, compared to traditional anti-virus software that only blocks applications known to be malicious.
"Every company and their brother are going after PCI and HIPPA," Jennings said, referencing regulations from the Payment Card Industry Security Standards Council and the U.S. Department of Health and Human Services. "To go somewhere that's less well known has served us well."
He declined to disclose the company's revenue.
Though electric companies make up the bulk of CoreTrace's business, it isn't the only venture-backed company to recognize the opportunity. Since shortly before the electrical company regulations took effect on July 1, companies such as SecureWorks Inc., LogRhythm Inc., nCircle Network Security Inc. and Bit9 Inc., which competes directly with CoreTrace, have touted their products' ability to solve part of the industry's compliance problem.
One thing driving electrical companies to CoreTrace is the hefty penalties to which they can be subject, Jennings said. For each violation, utilities can be fined as much as $1 million a day.
CoreTrace will use the proceeds to further establish its brand in that particular industry, Jennings said.
"White-listing reminds GlobalSCAPE of the early days of the anti-virus space," said Craig Robinson, who was an executive at Symantec Corp. before becoming chief operating officer at publicly traded GlobalSCAPE. "We think the white-listing space will one day be on par with the larger anti-virus space."
Robinson has joined the company's board of directors as a result of the investment in CoreTrace.
It looks to capitalize on new regulations that seek to protect the electrical grid from cyber attacks.
©2010 Dow Jones & Company, Inc.