YesPress Wire
CYGNVS profile: the room you log into when ransomware locks the boardroom $55M Series A led by Andreessen Horowitz 2,500+ customer organizations across 45 countries Founded 2020 - emerged from stealth January 2023 Engineering offices in California, Ireland, Canada, India Filed under: cyber resilience, out-of-band collaboration, tabletop drills
CYGNVS wordmark
CYGNVS, the wordmark. No U. The constellation reference is intentional.
YesPress / Company File / 2026

CYGNVS.

The Silicon Valley startup that built a quiet, locked room for the worst day at the office.

Filed: Los Altos, CA - Industry: Cyber Resilience - Stage: Series A

It is 3:14 a.m. somewhere on the East Coast. A CISO's phone lights up with a message no one wants: domain controller is encrypted, email is down, the Slack workspace is, ironically, also gone. There is a runbook. There is a phone tree. There is an external counsel. There is an insurer, somewhere. None of them, right now, share a working channel. This is the moment CYGNVS was built for - and the one most companies still walk into blind.

01 / Who they are nowThe grown-up version of a war room

CYGNVS is a Silicon Valley SaaS company that sells what it calls an out-of-band command center for cyber crisis response. In plain English: it is the secure room a company logs into when its own network has been taken hostage. Security teams gather there. So do general counsel, comms, the cyber insurer, the forensic firm, and whoever the board has decided should be in the loop. They share documents, run playbooks, log decisions, and produce the paperwork regulators will eventually ask for.

The company is roughly 120 people, headquartered between Los Altos and San Francisco, with engineering and incident response offices in Ireland, Canada and India. It claims 2,500 customer organizations across 45 countries, and says the platform helps coordinate roughly 200 cyber crises a month. Those are CYGNVS's own figures - but the customer logos (AIG, Beazley, QBE, Marsh, Church & Dwight) suggest the platform has crossed the line from interesting to expected.

"Most companies don't fail at cyber because they lacked a plan. They fail because the plan lived in a PDF on a laptop the attacker just encrypted." - The premise CYGNVS built around
Founded
2020
Series A
$55M
Countries
45
Team
~120
Numbers as reported by the company. The countries figure climbs whenever an insurer wins a new account; the team figure climbs more slowly.

02 / The problem they sawA field full of fire extinguishers, none of them in the kitchen

Before CYGNVS existed, Arvind Parthasarathi spent several years running a nonprofit called CyberCrossroads, a research collaborative pulling in academics from Stanford, MIT, Oxford, LSE and the University of Tokyo. The point of the project was to figure out what a "standard of care" for corporate cybersecurity should actually look like. The answer that came back was unpleasant: most organizations were not even close to ready for a real incident, and the readiness gap was strangely concentrated in the human and process layer, not the tooling.

Plenty of companies sell tools that detect attacks. Far fewer sell the connective tissue that turns detection into a coordinated response across legal, security, executive, board, broker, insurer and the FBI. Even fewer build that connective tissue under the assumption that the company's own communications stack might be unavailable, untrustworthy or actively monitored by the attacker.

"You do not want the first phone call after a breach to be the one where you try to remember which lawyer handles which jurisdiction." - Arvind Parthasarathi, founder & CEO, paraphrased from his Authority Magazine interview

The unromantic conclusion: incident response was, for most companies, an improvisation. Slack threads. Personal Gmail. A WhatsApp group titled "WAR ROOM (FINAL FINAL)". Spreadsheets emailed to attorneys. Evidence collected with no consistent chain of custody. Regulators arriving months later with questions no one had thought to log answers to.

03 / The founders' betBuild the room, then make it boring

Parthasarathi is not a first-time founder, which is worth pausing on. He previously ran Cyence, a cyber risk analytics company that quantified the financial impact of cyber events; Guidewire acquired it in 2017. Before that he ran Yarcdata, a cyber data discovery platform, and earlier still he spent more than a decade at Informatica. The pattern: people who have built and sold cyber-adjacent companies tend to come back with a narrower, more boring problem the second time around. CYGNVS is the boring-problem version.

The founder's bet, in three sentences: cyber response is a process problem, not a software-detection problem. The process problem is bigger than any single company can solve alone, because incidents always cut across vendors and lawyers and regulators. And the place to solve it is an out-of-band platform, ideally one that an insurer or broker has already bought on a customer's behalf - so the security team isn't asked to procure something new during the worst week of their career.

"The product is, in a sense, an admission. The admission is that the breach will happen, and the only honest question is what the first 72 hours look like." - Editorial summary, YesPress

04 / The productA locked room with a checklist on the wall

Under the hood, CYGNVS is a multi-tenant SaaS application with a few unusual choices. It is mobile-first - because if your laptop is encrypted, your phone is what you have. It is patented around out-of-band communication, meaning the company's traffic doesn't ride on the customer's potentially compromised infrastructure. It separates roles cleanly: an insurer sees what an insurer needs to see; the breach coach sees what the breach coach needs to see; the CEO sees a one-page picture.

On top of that scaffolding, CYGNVS layers what it calls "guided" capabilities: dynamic playbooks that change based on incident type, automated incident reporting templates aligned to regulatory regimes, a chain of custody log designed to survive litigation, and CYGNVS AI, a more recent module that drafts updates, summarizes timelines and accelerates triage. There are also tabletop simulation exercises - the company is unusually loud about these, and pitches them as "muscle memory training" rather than slide decks.

"Tabletops used to be a half-day of PowerPoint and a lunch. CYGNVS treats them like fire drills - boring, frequent, slightly inconvenient, and the only reason you survive the real one." - A customer security architect, quoted in customer case study materials

CYGNVS, briefly

From research collaborative to 45-country platform
2020
CYGNVS incorporated. Quiet build mode.
2021
First paying customers. Patent work begins on out-of-band design.
2022
$55M Series A closes, led by Andreessen Horowitz.
2023
Emerges from stealth. First-ever guided cyber crisis platform.
2024-25
CYGNVS AI ships. Cybersecurity Excellence Awards finalist.
A startup timeline that skips the usual fireworks - no rebrand, no pivot, no IPO rumor. The company appears to enjoy being a little unfashionable.

05 / The proofThe customers are louder than the press release

What makes the customer list interesting is not the names, it is the categories. AIG, Beazley, QBE - global cyber insurers. Marsh and Alvarez & Marsal - the broker and the response firm. Church & Dwight, Empower Brands, Mesquite Gaming - operating businesses that are not in tech. EIR, the Irish telco. eHealth, the marketplace. The pattern is that CYGNVS sits between the company having the bad day and the providers paid to make the day end. That sandwich position is rare.

What CYGNVS publishes about itself

Self-reported metrics, 2025
Countries served
45
Customer orgs
2,500+
Crises / month
~204
Series A ($M)
$55M
Headcount
~120
Bars are scaled visually, not arithmetically. Source: cygnvs.com, 2025.
A chart that should make any board comp comm wince at the 204-per-month figure. That is the count of crises CYGNVS itself helps manage - not the total in the world.

06 / The missionGet organizations ready for the day they keep postponing

The official mission line is mild: "help organizations prepare for an inevitable cyber crisis." The interesting word is inevitable. CYGNVS does not promise prevention; it promises competence on the day prevention failed. That is, by cybersecurity-marketing standards, a refreshingly honest framing. Most security companies still sell as if their product is the one that will keep the day from coming.

What the mission translates into operationally is a lot of pre-incident work: integrating CYGNVS into a customer's environment before anything breaks, rehearsing with the right responders in the right roles, pre-loading the right playbooks, and making sure the insurance carrier knows where to point clients. The platform's deepest claim to value is the period before it gets used in anger.

Things CYGNVS is not. Not a SIEM. Not an EDR. Not a threat intel feed. Not a SOAR. Not a forensic firm. Not a breach coach. It plays nicely with all of them - and has to, because no real incident ever uses only one of them.

07 / Why it matters tomorrowThe regulators are tightening, the attackers are not slowing down

Three structural trends keep pushing the CYGNVS thesis forward. First, regulators are getting strict. The SEC's four-day disclosure rule, DORA in Europe, NIS2, mandatory incident reporting in dozens of jurisdictions - all of them assume the company can produce a clean, defensible timeline of who knew what, when. That paperwork is much easier to file if it was logged in real time, by the people doing the work, inside an audited tool.

Second, cyber insurance is reshaping the buyer. Premiums went up, capacity got tight, and carriers started underwriting on preparedness, not just controls. Companies that can show rehearsed playbooks and a working command center get better terms. Carriers, in turn, want to bundle that capability into the policy. CYGNVS has positioned itself squarely on that bundle.

Third, the attackers got better. Ransomware groups now expect to face an external IR firm; they target backups and communications first; they release stolen data on schedules optimized for media coverage. The company that responds well is the one whose response was never invented mid-incident. CYGNVS, with its tabletop drumbeat and pre-integrated tenant model, is essentially a bet that response quality is a function of rehearsal, not heroics.

"It is 3:14 a.m. again. Different company, different city. The CISO opens her phone. There is a number to dial, a checklist already drafted, a room already populated. She is not improvising. She is following a script she has read aloud twice in the last quarter. That is the change CYGNVS is selling." - Back to the opening scene

The platform's most interesting feature, in the end, is not technical. It is the small, professional embarrassment of the security team that no longer has to invent a war room from scratch at three in the morning. The original opening of this profile - panic, scattered phone tree, lost Slack workspace - is the scene CYGNVS is built to delete. Boring is the goal. Boring is the product. Boring, on the worst day of the year, is the entire pitch.

08 / Where to look nextLinks, demos and recent reading

Share this profile