Egress is a UK‑headquartered cybersecurity company that builds a Human Layer Security platform focused on adaptive cloud email and data protection for enterprises and regulated organizations; it was acquired by KnowBe4 in 2024 and continues to sell cloud-native email security, encryption, classification and data‑loss prevention capabilities to reduce human‑centric risk such as phishing, misdirected emails and data exfiltration[4][5].
High‑Level Overview
- For an investment firm: (Not applicable — Egress is a portfolio company, not an investment firm.)
- For a portfolio company:
- Mission: Egress positions itself to eliminate the greatest insider and human‑layer risks by continuously assessing human risk and adapting policy controls to prevent email‑based threats and outbound data breaches[4][2].
- Product focus: Egress builds a cloud email security and data protection platform (often called Egress Switch and related modules) that includes email/document classification, encryption, secure file transfer and adaptive policy controls driven by contextual machine learning[3][4].
- Customers served: Enterprise and regulated customers across sectors such as financial services, healthcare, government and large organizations that require secure email and data handling[3][1].
- Problem solved & growth momentum: Egress addresses accidental and targeted human‑layer breaches (phishing, misdirected/email data loss) with ML‑driven adaptive controls; the company grew notably around regulatory drivers (for example GDPR) and has attracted funding rounds and an acquisition by KnowBe4 in 2024, signaling commercial traction and exit liquidity for investors[5][1][4].
Origin Story
- Founding and founders: Egress was founded in 2007 by Tony Pepper along with co‑founders including Neil Larkins and John Goodyear[5].
- How the idea emerged: The company was created to secure email and shared information throughout its lifecycle, addressing the persistent problem of insecure email and document sharing in enterprises[3][5].
- Early traction / pivotal moments: Egress won industry recognition early (Security Innovation of the Year, BCS UK IT Industry Awards) and saw customer inflows after GDPR implementation in 2018; it expanded capabilities via acquisition (Aquilai in 2021) and was acquired by KnowBe4 in 2024, marking a major liquidity event and strategic integration into a larger security awareness platform[5][1].
Core Differentiators
- Product differentiators: Egress emphasizes an *adaptive* security model that continuously assesses human risk and dynamically adjusts policy controls rather than static rules, and it employs contextual machine learning and neural networks for threat detection in email flows[4][1].
- Coverage and features: The platform bundles classification, encryption, secure managed file transfer and secure collaboration to protect information across its lifecycle[3].
- Certifications & public sector approval: Egress products have received government and certification recognition (for example, certifications under UK assurance programs and NCSC approvals for certain offerings historically)[5].
- Market positioning: Focused specifically on the human/email layer — combining preventive controls with visibility into human risk — which differentiates it from point products that only scan attachments or deliver gateway filtering[4][3].
Role in the Broader Tech Landscape
- Trend alignment: Egress rides the trends of rising email‑borne threats, increased regulatory data‑protection requirements (e.g., GDPR), and a shift toward cloud‑native, API‑based security stacks[5][4].
- Why timing matters: As organizations adopt cloud mail platforms and hybrid working increases the reliance on email and file sharing, adaptive human‑layer security becomes more critical for preventing accidental and targeted breaches[4][5].
- Market forces in their favor: Regulatory compliance drivers, growing sophistication of phishing and BEC (business e‑mail compromise) attacks, and enterprise interest in integrated data protection are tailwinds for Egress’ offerings[5][3].
- Influence: By combining preventative controls with human risk scoring and integrations into workflows, Egress helped mainstream the concept of “human layer security” within email/data protection product discussions[4].
Quick Take & Future Outlook
- What’s next: As part of KnowBe4, Egress is likely to be more tightly integrated with security‑awareness training and simulated phishing capabilities, enabling a combined technical + behavioral risk reduction offering that can scale across KnowBe4’s customer base[1][4].
- Shaping trends: Continued advances in contextual ML and AI will enable finer‑grained human risk assessments and automated remediation; regulatory scrutiny and demand for end‑to‑end data protection will keep driving enterprise purchases[4][5].
- Potential evolution of influence: If integration with KnowBe4’s platform deepens, Egress’ adaptive controls could become a standard component of combined awareness + technical controls stacks, increasing its reach into mid‑market and enterprise customers who want unified human‑risk management[1][4].
Quick reminder: this profile is based on company information and public reporting including Egress’ website, industry listings and media coverage about its acquisition and history[4][5][1].
