Posted by Richy George on 16 April, 2021

By 2025, 463 exabytes of data will be created each day, according to some estimates. (For perspective, one exabyte of storage could hold 50,000 years of DVD-quality video.) It’s now easier than ever to translate physical and digital actions into data, and businesses of all types have raced to amass as much data as possible in order to gain a competitive edge.

However, in our collective infatuation with data (and obtaining more of it), what’s often overlooked is the role that storytelling plays in extracting real value from data.

The reality is that data by itself is insufficient to really influence human behavior. Whether the goal is to improve a business’ bottom line or convince people to stay home amid a pandemic, it’s the narrative that compels action, rather than the numbers alone. As more data is collected and analyzed, communication and storytelling will become even more integral in the data science discipline because of their role in separating the signal from the noise.

Yet this can be an area where data scientists struggle. In Anaconda’s 2020 State of Data Science survey of more than 2,300 data scientists, nearly a quarter of respondents said that their data science or machine learning (ML) teams lacked communication skills. This may be one reason why roughly 40% of respondents said they were able to effectively demonstrate business impact “only sometimes” or “almost never.”

The best data practitioners must be as skilled in storytelling as they are in coding and deploying models — and yes, this extends beyond creating visualizations to accompany reports. Here are some recommendations for how data scientists can situate their results within larger contextual narratives.

Make the abstract more tangible

Ever-growing datasets help machine learning models better understand the scope of a problem space, but more data does not necessarily help with human comprehension. Even for the most left-brain of thinkers, it’s not in our nature to understand large abstract numbers or things like marginal improvements in accuracy. This is why it’s important to include points of reference in your storytelling that make data tangible.

For example, throughout the pandemic, we’ve been bombarded with countless statistics around case counts, death rates, positivity rates, and more. While all of this data is important, tools like interactive maps and conversations around reproduction numbers are more effective than massive data dumps in terms of providing context, conveying risk, and, consequently, helping change behaviors as needed. In working with numbers, data practitioners have a responsibility to provide the necessary structure so that the data can be understood by the intended audience.

Posted by Richy George on 16 April, 2021

If the definition of insanity is doing the same thing over and over and expecting a different outcome, then one might say the cybersecurity industry is insane.

Criminals continue to innovate with highly sophisticated attack methods, but many security organizations still use the same technological approaches they did 10 years ago. The world has changed, but cybersecurity hasn’t kept pace.

Distributed systems, with people and data everywhere, mean the perimeter has disappeared. And the hackers couldn’t be more excited. The same technology approaches, like correlation rules, manual processes and reviewing alerts in isolation, do little more than remedy symptoms while hardly addressing the underlying problem.

Credentials are supposed to be the front gates of the castle, but as the SOC is failing to change, it is failing to detect. The cybersecurity industry must rethink its strategy to analyze how credentials are used and stop breaches before they become bigger problems.

It’s all about the credentials

Compromised credentials have long been a primary attack vector, but the problem has only grown worse in the midpandemic world. The acceleration of remote work has increased the attack footprint as organizations struggle to secure their network while employees work from unsecured connections. In April 2020, the FBI said that cybersecurity attacks reported to the organization grew by 400% compared to before the pandemic. Just imagine where that number is now in early 2021.

It only takes one compromised account for an attacker to enter the active directory and create their own credentials. In such an environment, all user accounts should be considered as potentially compromised.

Nearly all of the hundreds of breach reports I’ve read have involved compromised credentials. More than 80% of hacking breaches are now enabled by brute force or the use of lost or stolen credentials, according to the 2020 Data Breach Investigations Report. The most effective and commonly-used strategy is credential stuffing attacks, where digital adversaries break in, exploit the environment, then move laterally to gain higher-level access.

Posted by Richy George on 15 April, 2021

When Dell announced it was spinning out VMware yesterday, the move itself wasn’t surprising: there had been public speculation for some time. But Dell could have gone a number of ways in this deal, despite its choice to spin VMware out as a separate company with a constituent dividend instead of an outright sale.

The dividend route, which involves a payment to shareholders between $11.5 and $12 billion, has the advantage of being tax-free (or at least that’s what Dell hopes as it petitions the IRS). For Dell, which owns 81% of VMware, the dividend translates to somewhere between $9.3 and $9.7 billion in cash, which the company plans to use to pay down a portion of the huge debt it still holds from its $58 billion EMC purchase in 2016.

VMware was the crown jewel in that transaction, giving Dell an inroad to the cloud it had lacked prior to the deal. For context, VMware popularized the notion of the virtual machine, a concept that led to the development of cloud computing as we know it today. It has since expanded much more broadly beyond that, giving Dell a solid foothold in cloud native computing.

Dell hopes to have its cake and eat it too with this deal: it generates a large slug of cash to use for personal debt relief while securing a five-year commercial deal that should keep the two companies closely aligned. Dell CEO Michael Dell will remain chairman of the VMware board, which should help smooth the post-spinout relationship.

But could Dell have extracted more cash out of the deal?

Doing what’s best for everyone

Patrick Moorhead, principal analyst at Moor Insights and Strategies, says that beyond the cash transaction, the deal provides a way for the companies to continue working closely together with the least amount of disruption.

“In the end, this move is more about maximizing the Dell and VMware stock price [in a way that] doesn’t impact customers, ISVs or the channel. Wall Street wasn’t valuing the two companies together nearly as [strongly] as I believe it will as separate entities,” Moorhead said.

Posted by Richy George on 15 April, 2021

Tecton, the company that pioneered the notion of the machine learning feature store, has teamed up with the founder of the open source feature store project called Feast. Today the company announced the release of version 0.10 of the open source tool.

The feature store is a concept that the Tecton founders came up with when they were engineers at Uber. Shortly thereafter an engineer named Willem Pienaar read the founder’s Uber blog posts on building a feature store and went to work building Feast as an open source version of the concept.

“The idea of Tecton [involved bringing] feature stores to the industry, so we build basically the best in class, enterprise feature store. […] Feast is something that Willem created, which I think was inspired by some of the early designs that we published at Uber. And he built Feast and it evolved as kind of like the standard for open source feature stores, and it’s now part of the Linux Foundation,” Tecton co-founder and CEO Mike Del Balso explained.

Tecton later hired Pienaar, who is today an engineer at the company where he leads their open source team. While the company did not originally start off with a plan to build an open source product, the two products are closely aligned, and it made sense to bring Pienaar on board.

“The products are very similar in a lot of ways. So I think there’s a similarity there that makes this somewhat symbiotic, and there is no explicit convergence necessary. The Tecton product is a superset of what Feast has. So it’s an enterprise version with a lot more advanced functionality, but at Feast we have a battle-tested feature store that’s open source,” Pienaar said.

As we wrote in a December 2020 story on the company’s $35 million Series B, it describes a feature store as “an end-to-end machine learning management system that includes the pipelines to transform the data into what are called feature values, then it stores and manages all of that feature data and finally it serves a consistent set of data.”

Del Balso says that from a business perspective, contributing to the open source feature store exposes his company to a different group of users, and the commercial and open source products can feed off one another as they build the two products.

“What we really like, and what we feel is very powerful here, is that we’re deeply in the Feast community and get to learn from all of the interesting use cases […] to improve the Tecton product. And similarly, we can use the feedback that we’re hearing from our enterprise customers to improve the open source project. That’s the kind of cross learning, and ideally that feedback loop involved there,” he said.

The plan is for Tecton to continue being a primary contributor with a team inside Tecton dedicated to working on Feast. Today, the company is releasing version 0.10 of the project.

Posted by Richy George on 15 April, 2021

As companies create machine learning models, the operations team needs to ensure the data used for the model is of sufficient quality, a process that can be time consuming. BigEye (formerly Toro), an early stage startup is helping by automating data quality.

Today the company announced a $17 million Series A led Sequoia Capital with participation from existing investor Costanoa Ventures. That brings the total raised to $21 million with the $4 million seed, the startup raised last May.

When we spoke to BigEye CEO and co-founder Kyle Kirwan last May, he said the seed round was going to be focussed on hiring a team — they are 11 now — and building more automation into the product, and he says they have achieved that goal.

“The product can now automatically tell users what data quality metrics they should collect from their data, so they can point us at a table in Snowflake or Amazon Redshift or whatever and we can analyze that table and recommend the metrics that they should collect from it to monitor the data quality — and we also automated the alerting,” Kirwan explained.

He says that the company is focusing on data operations issues when it comes to inputs to the model such as the table isn’t updating when it’s supposed to, it’s missing rows or there are duplicate entries. They can automate alerts to those kinds of issues and speed up the process of getting model data ready for training and production.

Bogomil Balkansky, the partner at Sequoia who is leading today’s investment sees the company attacking an important part of the machine learning pipeline. “Having spearheaded the data quality team at Uber, Kyle and Egor have a clear vision to provide always-on insight into the quality of data to all businesses,” Balkansky said in a statement.

As the founding team begins building the company, Kirwan says that building a diverse team is a key goal for them and something they are keenly aware of.

“It’s easy to hire a lot of other people that fit a certain mold, and we want to be really careful that we’re doing the extra work to [understand that just because] it’s easy to source people within our network, we need to push and make sure that we’re hiring a team that has different backgrounds and different viewpoints and different types of people on it because that’s how we’re going to build the strongest team,” he said.

BigEye offers on prem and SaaS solutions, and while it’s working with paying customers like Instacart, Crux Informatics, and Lambda School, the product won’t be generally available until later in the year.

Posted by Richy George on 15 April, 2021

Automation has become a big theme in enterprise IT, with organizations using RPA, no-code and low-code tools, and other  technology to speed up work and bring more insights and analytics into how they do things every day, and today IBM is announcing an acquisition as it hopes to take on a bigger role in providing those automation services. The IT giant has acquired MyInvenio, an Italian startup that builds and operates process mining software.

Process mining is the part of the automation stack that tracks data produced by a company’s software, as well as how the software works, in order to provide guidance on what a company could and should do to improve it. In the case of myInvenio, the company’s approach involves making a “digital twin” of an organization to help track and optimize processes. IBM is interested in how myInvenio’s tools are able to monitor data in areas like sales, procurement, production and accounting to help organizations identify what might be better served with more automation, which it can in turn run using RPA or other tools as needed.

Terms of the deal are not being disclosed. It is not clear if myInvenio had any outside investors (we’ve asked and are awaiting a response). This is the second acquisition IBM has made out of Italy. (The first was in 2014, a company called CrossIdeas that now forms part of the company’s security business.)

IBM and myInvenio are not exactly strangers: the two inked a deal as recently as November 2020 to integrate the Italian startup’s technology into IBM’s bigger automation services business globally.

Dinesh Nirmal, GM of IBM Automation, said in an interview that the reason IBM acquired the company was two-fold. First, it lets IBM integrate the technology more closely into the company’s Cloud Pak for Business Automation, which sits on and is powered by Red Hat OpenShift and has other automation capabilities already embedded within it, specifically robotic process automation (RPA), document processing, workflows and decisions.

Second and perhaps more importantly, it will mean that IBM will not have to tussle for priority for its customers in competition with other solution partners that myInvenio already had. IBM will be the sole provider.

“Partnerships are great but in a partnership you also have the option to partner with others, and when it comes to priority who decides?” he said. “From the customer perspective, will they will work just on our deal, or others first? Now, our customers will get the end result of this… We can bring a single solution to an end user or an enterprise, saying, ‘look you have document processing, RPA, workflow, mining. That is the beauty of this and what customers will see.”

He said that IBM currently serves customers across a range of verticals including financial, insurance, healthcare and manufacturing with its automation products.

Notably, this is not the first acquisition that IBM has made to build out this stack. Last year, it acquired WDG to expand into robotic process automation.

And interestingly, it’s not even the only partnership that IBM has had in process mining. Just earlier this month, it announced a deal with one of the bigger names in the field, Celonis, a German startup valued at $2.5 billion in 2019.

Ironically, at the time, my colleague Ron wondered aloud why IBM wasn’t just buying Celonis outright in that deal. It’s hard to speculate if price was one reason. Remember: we don’t know the terms of this acquisition, but given myInvenio was off the fundraising radar, chances are it’s possibly a little less than Celonis’s pricetag.

We’ve asked and IBM has confirmed that it will continue to work with Celonis alongside now offering its own native process mining tools.

“In keeping with IBM’s open approach and $1 billion investment in ecosystem, [Global Business Services, IBM’s enterprise services division] works with a broad range of technologies based on client and market demand, including IBM AI and Automation software,” a spokesperson said in a statement. “Celonis focuses on execution management which supports GBS’ transformation of clients’ business processes through intelligent workflows across industries and domains. Specifically, Celonis has deep connectivity into enterprise systems such as Salesforce, SAP, Workday or ServiceNow, so the Celonis EMS platform helps GBS accelerate clients’ transformations and BPO engagements with these ERP platforms.”

Indeed, at the end of the day, companies that offer services, especially suites of services, are working in environments where they have to be open to customers using their own technology, or bringing in something else.

There may have been another force pushing IBM to bring more of this technology in-house, and that’s wider competitive climate. Earlier this year, SAP acquired another European startup in the process mining space, Signavio, in a deal reportedly worth about $1.2 billion. As more of these companies get snapped up by would-be IBM rivals, and those left standing are working with a plethora of other parties, maybe it was high time for IBM to make sure it had its own horse in the race.

“Through IBM’s planned acquisition of myInvenio, we are revolutionizing the way companies manage their process operations,” said Massimiliano Delsante, CEO, myInvenio, who will be staying on with the deal. “myInvenio’s unique capability to automatically analyze processes and create simulations — what we call a ‘Digital Twin of an Organization’ —  is joining with IBM’s AI-powered automation capabilities to better manage process execution. Together we will offer a comprehensive solution for digital process transformation and automation to help enterprises continuously transform insights into action.”

Posted by Richy George on 15 April, 2021

As computing systems become increasingly bigger and more complex, forensics have become an increasingly important part of how organizations can better secure them. As the recent Solar Winds breach has shown, it’s not always just a matter of being able to identify data loss, or prevent hackers from coming in in the first place. In cases where a network has already been breached, running a thorough investigation is often the only way to identify what happened, if a breach is still active, and whether a malicious hacker can strike again.

As a sign of this growing priority, a startup called Cado Security, which has built forensics technology native to the cloud to run those investigations, is announcing $10 million in funding to expand its business.

Cado’s tools today are used directly by organizations, but also security companies like Redacted — a somewhat under-the-radar security startup in San Francisco co-founded by Facebook’s former chief security officer Max Kelly and John Hering, the co-founder of Lookout. It uses Cado to carry out the forensics part of its work.

The funding for London-based Cado is being led by Blossom Capital, with existing investors Ten Eleven Ventures also participating, among others. As another signal of demand, this Series A is coming only six months after Cado raised its seed round.

The task of securing data on digital networks has grown increasingly complex over the years: not only are there more devices, more data and a wider range of configurations and uses around it, but malicious hackers have become increasingly sophisticated in their approaches to needling inside networks and doing their dirty work.

The move to the cloud has also been a major factor. While it has helped a wave of organizations expand and run much bigger computing processes are part of their business operations, it has also increased the so-called attack surface and made investigations much more complicated, not least because a lot of organizations run elastic processes, scaling their capacity up and down: this means when something is scaled down, logs of previous activity essentially disappear.

Cado’s Response product — which works proactively on a network and all of its activity after it’s installed — is built to work across cloud, on-premise and hybrid environments. Currently it’s available for AWS EC2 deployments and Docker, Kubernetes, OpenShift and AWS Fargate container systems, and the plan is to expand to Azure very soon. (Google Cloud Platform is less of a priority at the moment, CEO James Campbell said, since it rarely comes up with current and potential customers.)

Campbell co-founded Cado with Christopher Doman (the CTO) last April, with the concept for the company coming out of their respective experiences working on security services together at PwC, and respectively for government organizations (Campbell in Australia) and AlienVault (the security firm acquired by AT&T). In all of those, one persistent issue the two continued to encounter was the issue with adequate forensics data, essential for tracking the most complex breaches.

A lot of legacy forensics tools, in particular those tackling the trove of data in the cloud, was based on “processing data with open source and pulling together analysis in spreadsheets,” Campbell said. “There is a need to modernize this space for the cloud era.”

In a typical breach, it can take up to a month to run a thorough investigation to figure out what is going on, since, as Doman describes it, forensics looks at “every part of the disk, the files in a binary system. You just can’t find what you need without going to that level, those logs. We would look at the whole thing.”

However, that posed a major problem. “Having a month with a hacker running around before you can do something about it is just not acceptable,” Campbell added. The result, typically, is that other forensics tools investigate only about 5% of an organization’s data.

The solution — for which Cado has filed patents, the pair said — has essentially involved building big data tools that can automate and speed up the very labor intensive process of looking through activity logs to figure out what looks unusual and to find patterns within all the ones and zeros.

“That gives security teams more room to focus on what the hacker is getting up to, the remediation aspect,” Campbell explained.

Arguably, if there were better, faster tracking and investigation technology in place, something like Solar Winds could have been better mitigated.

The plan for the company is to bring in more integrations to cover more kinds of systems, and go beyond deployments that you’d generally classify as “infrastructure as a service.”

“Over the past year, enterprises have compressed their cloud adoption timelines while protecting the applications that enable their remote workforces,” said Imran Ghory, partner at Blossom Capital, in a statement. “Yet as high-profile breaches like SolarWinds illustrate, the complexity of cloud environments makes rapid investigation and response extremely difficult since security analysts typically are not trained as cloud experts. Cado Security solves for this with an elegant solution that automates time-consuming tasks like capturing forensically sound cloud data so security teams can move faster and more efficiently. The opportunity to help Cado Security scale rapidly is a terrific one for Blossom Capital.”

Posted by Richy George on 14 April, 2021

Dell announced this afternoon that it’s spinning out VMware, a move that has been suspected for some time. Dell, acquired VMware as part of the massive $58 billion EMC acquisition (announced as $67 billion) in 2015.

The way that the deal works is that Dell plans to offer VMware shareholders a special dividend of between $11.5 and 12 billion. As Dell owns approximately 81% of those shares that would work out to somewhere between $9.3 and $9.7 billion coming into Dell’s coffers when the deal closes later this year.

“By spinning off VMware, we expect to drive additional growth opportunities for Dell Technologies as well as VMware, and unlock significant value for stakeholders. Both companies will remain important partners, with a differentiated advantage in how we bring solutions to customers,” Dell CEO Michael Dell said in a statement.

While there is a fair amount of CEO speak in that statement, it appears to mean that the move is mostly administrative as the companies will continue to work closely together, even after the spin off is official. Dell will remain as chairman of both companies.

In a presentation to investors, the companies indicated that the plan to work together is more than lip service. There is a five year deal commercial agreement in place with plans to revisit that deal each year thereafter. In addition, there is a plan to sell VMware products through Dell sales team and for VMware to continue to work with Dell Financial Services. Finally, there is a formalized governance process in place related to achieving the commercial goals under the agreement, so it’s pretty firm that these companies will continue to work closely together at least for another five years.

For its part, VMware said in a separate release that the deal will allow it “increased freedom to execute its strategy, a simplified capital structure and governance model and additional strategic, operational and financial flexibility, while maintaining the strength of the two companies’ strategic partnership.”

Dell shares are up more than 8% following the announcement. The company intends on using parts of its proceeds to deleverage, writing in a release that it will use “net proceeds to pay down debt, positioning the company well for Investment Grade ratings.” By that it means that Dell will reduce its net debt position and, it hopes, garner a stronger credit rating that will limit its future borrowing costs.

Even when it was part of EMC, VMware had a special status in that it operates as a separate entity with its own executive team, board of directors and the stock has been sold separately as well.

The deal is expected to close at the end of this year, but it has to clear a number of regulatory hurdles first. That includes garnering a favorable ruling from the IRS that the deal qualifies for a tax-free spin-off, which could prove to be a considerable hurdle for a deal like this.

The transaction is not a surprise. The company has been open about its intention to shake up its broader corporate structure. And with Dell bloated in debt terms and, perhaps, in product scope as well, the VMware deal could be an intelligent way forward. Dell investors are more excited about the transaction than VMware shareholders, with the latter company’s stock up a more modest 1.4%.

VMware’s most recent earnings release notes that it had $4.715 billion in “total cash, cash equivalents and short-term investments.” Perhaps its shareholders aren’t enthused at the prospect of levering VMware’s balance sheet to help Dell do the opposite.

Posted by Richy George on 14 April, 2021

PlexTrac, a Boise, ID-based security service that aims to provide a unified workflow automation platform for red and blue teams, today announced that it has raised a $10 million Series A funding round led by Noro-Moseley Partners and Madrona Venture Group. StageDot0 ventures also participated in this round, which the company plans to use to build out its team and grow its platform.

With this new round, the company, which was founded in 2018, has now raised a total of $11 million, with StageDot0 leading its 2019 seed round.

“I have been on both sides of the fence, the specialist who comes in and does the assessment, produces that 300-page report and then comes back a year later to find that some of the critical issues had not been addressed at all.  And not because the organization didn’t want to but because it was lost in that report,” PlexTrac CEO and President Dan DeCloss said. “These are some of the most critical findings for an entity from a risk perspective. By making it collaborative, both red and blue teams are united on the same goal we all share, to protect the network and assets.”

With an extensive career in security that included time as a penetration tester for Veracode and the Mayo Clinic, as well as senior information security advisor for Anthem, among other roles, DeCloss has quite a bit of first-hand experience that led him to found PlexTrac. Specifically, he believes that it’s important to break down the wall between offense-focused red teams and defense-centric blue teams.

Image Credits: PlexTrac

“Historically there has been more of the cloak and dagger relationship but those walls are breaking down– and rightfully so, there isn’t that much of that mentality today– people recognize they are on the same mission whether they are internal security team or an external team,” he said. “With the PlexTrac platform the red and blue teams have a better view into the other teams’ tactics and techniques – and it makes the whole process into an educational exercise for everyone.”

At its core, PlexTrac makes it easier for security teams to produce their reports — and hence free them up to actually focus on ‘real’ security work. To do so, the service integrates with most of the popular scanners like Qualys, and Veracode, but also tools like ServiceNow and Jira in order to help teams coordinate their workflows. All the data flows into real-time reports that then help teams monitor their security posture. The service also features a dedicated tool, WriteupsDB, for managing reusable write-ups to help teams deliver consistent reports for a variety of audiences.

“Current tools for planning, executing, and reporting on security testing workflows are either nonexistent (manual reporting, spreadsheets, documents, etc…) or exist as largely incomplete features of legacy platforms,” Madrona’s S. Somasegar and Chris Picardo write in today’s announcement. “The pain point for security teams is real and PlexTrac is able to streamline their workflows, save time, and greatly improve output quality. These teams are on the leading edge of attempting to find and exploit vulnerabilities (red teams) and defend and/or eliminate threats (blue teams).”

Posted by Richy George on 14 April, 2021

Digital transformation has been one of the biggest catchphrases of the past year, with many an organization forced to reckon with aging IT, a lack of digital strategy, or simply the challenges of growth after being faced with newly-remote workforces, customers doing everything online and other tech demands.

Now, a startup called Upstack that has built a platform to help those businesses evaluate how to grapple with those next steps — including planning and costing out different options and scenarios, and then ultimately buying solutions — is announcing financing to do some growth of its own.

The New York startup has picked up funding of $50 million, money that it will be using to continue building out its platform and expanding its services business.

The funding is coming from Berkshire Partners, and it’s being described as an “initial investment”. The firm, which makes private equity and late-stage growth investments, typically puts between $100 million and $1 billion in its portfolio companies so this could end up as a bigger number, especially when you consider the size of the market that Upstack is tackling: the cloud and internet infrastructure brokerage industry generates annual revenues “in excess of $70 billion,” the company estimates.

We’re asking about the valuation, but PitchBook notes that the median valuation in its deals is around $211 million. Upstack had previously raised around $35 million.

Upstack today already provides tools to large enterprises, government organizations, and smaller businesses to compare offerings and plan out pricing for different scenarios covering a range of IT areas, including private, public and hybrid cloud deployments; data center investments; network connectivity; business continuity and mobile services, and the plan is to bring in more categories to the mix, including unified communications and security.

Notably, Upstack itself is profitable and names a lot of customers that themselves are tech companies — they include Cisco, Accenture, cloud storage company Backblaze, Riverbed and Lumen — a mark of how digital transformation and planning for it are not necessarily a core competency even of digital businesses, but especially those that are not technology companies. It says it has helped complete over 3,700 IT projects across 1,000 engagements to date.

“Upstack was founded to bring enterprise-grade advisory services to businesses of all sizes,” said Christopher Trapp, founder and CEO, in a statement. “Berkshire’s expertise in the data center, connectivity and managed services sectors aligns well with our commitment to enabling and empowering a world-class ecosystem of technology solutions advisors with a platform that delivers higher value to their customers.”

The core of the Upstack’s proposition is a platform that system integrators, or advisors, plus end users themselves, can use to design and compare pricing for different services and solutions. This is an unsung but critical aspect of the ecosystem: We love to hear and write about all the interesting enterprise technology that is being developed, but the truth of the matter is that buying and using that tech is never just a simple click on a “buy” button.

Even for smaller organizations, buying tech can be a hugely time-consuming task. It involves evaluating different companies and what they have to offer — which can differ widely in the same category, and gets more complex when you start to compare different technological approaches to the same problem.

It also includes the task of designing solutions to fit one’s particular network. And finally, there are the calculations that need to be made to determine the real cost of services once implemented in an organization. It also gives users the ability to present their work, which also forms a critical part of the evaluating and decision-making process. When you think about all of this, it’s no wonder that so many organizations have opted to follow the “if it ain’t broke, don’t fix it” school of digital strategy.

As technology has evolved, the concept of digital transformation itself has become more complicated, making tools like Upstack’s more in demand both by companies and the people they hire to do this work for them. Upstack also employs a group of about 15 advisors — consultants — who also provide insight and guidance in the procurement process, and it seems some of the funding will also be used to invest in expanding that team.

(Incidentally, the model of balancing technology with human experts is one used by other enterprise startups that are built around the premise of helping businesses procure technology: BlueVoyant, a security startup that has built a platform to help businesses manage and use different security services, also retains advisors who are experts in that field.)

The advisors are part of the business model: Upstack’s customers can either pay Upstack a consulting fee to work with its advisors, or Upstack receives a commission from suppliers that a company ends up using, having evaluated and selected them via the Upstack platform.

The company competes with traditional systems integrators and consultants, but it seems that the fact that it has built a tech platform that some of its competitors also use is one reason why it’s caught the eye of investors, and also seen strong growth.

Indeed, when you consider the breadth of services that a company might use within their infrastructure — whether it’s software to run sales or marketing, or AI to run a recommendation for products on a site, or business intelligence or RPA — it will be interesting to see how and if Upstack considers deeper moves into these areas.

“Upstack has quickly become a leader in a large, rapidly growing and highly fragmented market,” said Josh Johnson, principal at Berkshire Partners, in a statement. “Our experience has reinforced the importance of the agent channel to enterprises designing and procuring digital infrastructure. Upstack’s platform accelerates this digital transformation by helping its advisors better serve their enterprise customers. We look forward to supporting Upstack’s continued growth through M&A and further investment in the platform.”