The Gately Report: Mounting Ransomware Attacks Fuel Halcyon's ExpansionThe Gately Report: Mounting Ransomware Attacks Fuel Halcyon's Expansion

The continuing rise of ransomware attacks is increasing demand for Halcyon’s anti-ransomware platform, and therefore the company’s expansion into new regions.

That’s according to Simon Haylock, Halcyon’s EMEA channel manager. Last week, Halcyon announced it is expanding its Revolution Partner Program in the United Kingdom.

As part of the launch, Halcyon has partnered with U.K.-based cybersecurity solutions provider and distributor Distology.

Ransomware Attacks Only Getting Worse

“Essentially ransomware is definitely getting worse,” Haylock said. “We're hearing about it in the headlines all the time, and more and more organizations are being hit and looking to their partners for support in the fight against ransomware. So this is the right technology at the right time, when there is a huge need in the market, and as a result, we are growing quickly.”

Halcyon’s market is channel, and as a result the company is ensuring it has the correct coverage in the channel, he said.

“We're addressing different market segments because this affects any market segment, any profile of organization,” Haylock said, “We're addressing all the verticals and consumption models as well. Signing Distology as part of this journey was an easy one. They have well-established relationships ... and they’re well-respected in the market. And for us as a new vendor in this space, they serve as great validation to the partners that Halcyon is a company to back. They can build a business out of Halcyon.”

Related:Halcyon Expands Revolution Partner Program to UK

Distology to Help Halcyon Grow Faster

In addition, Distology is hungry to take innovative technologies to market and provide value to their partner ecosystem, Haylock said.

“Ultimately, it's going to help us grow faster and help more partners drive more cyber resilience for customers around ransomware, which is the end goal,” he said. “We want to put a stop to ransomware. It's incredibly disruptive.”

In the meantime, ransomware attacks aren’t slowing down because they're proving too profitable for cybercriminals, Haylock said.

“They are very well resourced, and they are starting to help engineer the existing security controls, so that lends to the trend of getting worse,” he said. “This is why customers need help and they need help from their partners.”

In a Q&A with Channel Futures, Halcyon’s Simon Haylock shares more about his company’s plans in 2025.

Channel Futures: How does Halcyon’s anti-ransomware platform work? What does it offer Halcyon’s partners?

Simon Haylock: We stop ransomware; that’s the first thing we do. We also, in the possibility that we fail to stop an attack, stop data exfiltration. And the third thing we do, which is really awesome, is we capture encryption keys and we can get the customer recovered in days, if not hours. So it's a real game-changer in terms of that gap between relying on your endpoint detection and response (EDR), which is super important − we all need EDR − or going to backup. So this is a game-changer in the market in terms of helping customers recover very quickly from a ransomware attack.

Related:The Gately Report: Wiz Partners to Get Boost from Expected IPO

CF: How is Halcyon’s platform different from other anti-ransomware solutions out there?

SH: It's very much in the recovery and the backup. There are fantastic EDR platforms out there and they do an amazing job, and they address a broad range of tactics, techniques and procedures (TTPs). But Halcyon is solely addressing ransomware. We built the company to address ransomware. So if, God forbid, an attack does get through an EDR, then we will catch it. To date we have 100% efficacy, so zero ransoms paid, zero data stolen and zero downtime. That's the kind of core difference with Halcyon.

vchal/Shutterstock

CF: Are ransomware tactics evolving? If so, how is Halcyon staying on top of this?

SH: We've got the best ransomware minds on the planet. Our founders, prior to Halcyon, founded a company called Boldend, which is essentially building weaponized malware for the U.S. government. If you know how to build that type of ransomware and weaponized malware, then you know how to reverse-engineer it. We are definitely leaders in this space. ... We are sitting right in the middle of the EDR and the backup, so customers do not have to spend on average 22 days trying to get their systems restored by going to backup, and that's even if the backup is unaffected and clean. It's a real game-changer for businesses because once they're down, they are losing money, and depending on the size and profile of their organization, they can be losing a lot of money. So if we can reduce that time from initial breach to getting them back on their feet, that's worth its weight in gold.

We need to stay one step ahead of these folks because they're incredibly resourced, and a lot of the time they are out engineering the existing security controls. We are completely open about this and we have been built to fail. We know at some point we will fail to stop an attack and that is why we have the backstop of the data exfiltration preventing that, and also capturing the keys and getting the customers decrypted quickly.

CF: Can you elaborate on what Halcyon is doing with the $100 million Series C funding round it received in November, and how partners will benefit from this?

SH: In terms of the partner program, we're evolving that. We're investing in partners and we're investing in the program. We've just invested in our brand-new partner portal tool. That program is going to make it more efficient for them to support their customers to be more resilient against ransomware attacks, and more importantly, if the worst does happen, get back on their feet quicker. Essentially, we want to make it as easy as possible for the partners to do business with Halcyon. The global partner portal is a fantastic way for new and motivated EMEA partners to have the Halcyon expertise and resources at their fingertips from day one. With the first investment round on that, the priority is to have a structured way to submit deal registrations. The second and imminent priority is focused around MDF submissions and marketing campaigns, content and partner enablement, and so on. This will give partners access to Halcyon expertise and training programs from the best kind of ransomware experts in the business.

CF: What’s prompting Halcyon’s expansion into other countries/regions and how are partners benefiting from this?

SH: It's the right technology at the right time, and we need to enable our partners to be competent in helping their customers take the fight to ransomware. Partners can build a business about what we do, and that's why we're building these programs and making sure we do it in a structured way.

CF: Is Halcyon targeting any specific regions for further expansion?

SH: We've literally landed in the EMEA region in the United Kingdom first, which along with DACH (Germany, Austria and Switzerland) is obviously the primary market. So Halcyon has been active here for three months, and we're acquiring customers and we're acquiring partners. I would imagine the next round of investment would be around the Benelux and Nordics regions, and then the DACH region as well. But we're early for that. 

CF: Is Halcyon growing financially? If so, what role are partners playing in this growth?

SH: We’re growing, absolutely. When we engage with partners here, it’s a super value proposition that's highly topical, that addresses very wide market segments and verticals, and that's very attractive to the partners. They're interested in helping their customers fight ransomware, but obviously building a sustainable business around Halcyon as well.

CF: Is Halcyon’s partner ecosystem growing? If so, what’s fueling this growth?

SH: In the Americas, we've got roughly 100 active partners. In the EMEA region, we are on a recruitment drive right now. In terms of the types and profiles of partners, we're talking to everyone from VARs to MSSPs. We're talking to consultancies and bringing Halcyon in as part of an incident response program. It's being fueled by the need for customers to combat ransomware. We've seen figures of anything like 45% of companies were hit by ransomware last year, and roughly 50% of those attacks go unreported. It's probably double that. And when it takes, on average, 22 days to get back on their feet, they are looking to their partners for help, whether it's an incident response and they go straight to their partner, or it's a case of, "My competitor has been hit; are we good?" So that's what's ... fueling the interest for sure.

CF: What do you find most surprising and dangerous about the current threat landscape?

SH: The one that really gets me is how it affects human lives. When a company has a ransomware attack, it's a bad day at the office. But when it's starting to affect health-care organizations, it's preventing people from going in the ambulance to a certain hospital or they're having operations canceled. That's really bad. That is dangerous from a ransomware perspective. That is why there's so much passion in this company to stop ransomware, because it starts to affect human lives. That's why we all get up and get out of bed in the morning, and work hard to put a stop to this. These are organizations that are almost like conglomerates with chief revenue officers and complex channels to market. They made over $1 billion last year. And that to me is very dangerous.

CF: Are there things organizations can be doing to provide some protections against ransomware?

SH: They can ensure that their EDRs are configured correctly, and they can ensure that their backup processes and that playbook to backup is sound. But the problem is with ransomware, they go for that backup. They target the backup, to either delete the backup or encrypt the backup. So it’s becoming very difficult for customers to maintain those processes.

CF: What can partners expect from Halcyon in 2025?

SH: Partners can expect game-changing technology when it comes to ransomware and getting their customers back on their feet rapidly. They can absolutely expect the support that they need from Halcyon in terms of the ransomware expertise and the partner program as well. I think partners that build a business around Halcyon will be very successful, not only successful to their business, but successful to their clients as well in helping them prevent a real problem.