For more than two decades, Shlomo Kramer has been the face of his native Israel’s thriving startup scene after the first one he co-founded, Check Point Software, became one of the nation’s most valuable companies.
But success, Kramer says, comes with burdens. People start to see you not as a person, but as a persona — the entrepreneur with the golden touch. “If you’re lucky to have been successful, you have to make sure you are not frozen in that persona,” he says.
Over the years, Kramer has found that the best way to keep that from happening is to go back to startup life. “Startups are a very human experience,” he says. “They’re all about taking calculated risks. It’s okay to fail as long as you learn as much as you can from that failure, and continue to have real human ambition and dreams.”
And so after leaving Check Point, Kramer, who has been called the “Godfather of Israeli cybersecurity,” jumped back in, co-founding Imperva, a web applications security startup, in 2001. And after Imperva turned into another runaway cybersecurity success, Kramer did it again, co-founding Cato Networks in 2015. Now, as Cato’s CEO, he’s on the verge of achieving a rare entrepreneurial hat trick: founding and leading three startups that turned into multi-billion dollar public companies.
“I hope the third will last for a very long time, because I am not sure there’s going to be a fourth one,” Kramer quips.
A student of cybersecurity history
What’s the secret to Kramer’s repeated success—which has included prescient early investments in other security juggernauts such as Palo Alto Networks? A keen reading of the cybersecurity tea leaves.
Kramer first honed his cybersecurity chops while doing his military service in an Israeli army intelligence unit that over the years produced many of the country’s best-known entrepreneurs. He then earned undergraduate degrees in mathematics and computer science, and a masters in computer science from Hebrew University in Jerusalem.
In the early 1990s, Kramer noticed that a number of companies had begun to develop a range of products and services to protect organizations against a rise in intrusions into corporate networks. But getting these solutions to work was cumbersome and often required the pricey help of a professional services organization. Seeing an opportunity to dramatically simplify the process, Kramer co-founded Check Point Software in 1993. Its main product, a firewall, came on a simple floppy disk and quickly became the most effective way to keep networks safe from intruders. The company went public three years later, and Kramer left in 1998.
After spending time as a startup investor, Kramer co-founded Imperva in 2004, which helped to protect web applications and data by thwarting attackers before they breached networks, and would go public in 2011. Along the way, Kramer became one of the earliest financial backers of a former Check Point engineer, Nir Zuk, who founded Palo Alto Networks. Zuk had spotted a new massive opportunity in cyber. With the emergence of cloud applications and the proliferation of internet devices and other entry points into networks, attackers had found new ways to circumvent firewalls. Palo Alto’s solution was an appliance that packaged a range of capabilities – including firewall, intrusion detection, virus protection – into a single device that protected increasingly complex and heterogeneous corporate networks from intruders. Kramer served on the Palo Alto board of directors for six years as the company developed into a multi-billion dollar enterprise.
Kramer vs. Kramer
Before long, however, the cybersecurity industry that Kramer had helped to create and nurture became a victim of its own success. Defenses got better, but so, too, did criminals. As business requirements and IT infrastructure continued to evolve, each new type of threat was met with a new type of defense mechanism. Soon enough, IT departments were juggling a growing number of cybersecurity tools and services, each with its own need for updates and patches. With increasing complexity, visibility into vulnerabilities decreased, and mistakes became more common. For all but the most deep-pocketed companies, the situation became untenable.
“IT security became so convoluted, so expensive, and so rigid,” Kramer says. “By 2015, we came to the conclusion that it had to be simplified again.”
To do so, Kramer teamed up with an Imperva colleague, Gur Shatz, and co-founded Cato. The two returned to their whiteboarding days — “I really enjoyed it,” Kramer says — and began assembling a team to deliver on their vision: a networking platform that would have security built into it from the ground up. The goal was to do for network security what AWS did for cloud computing. “It was an opportunity to create a generational company, and to build something very meaningful,” he says.
Security paradigm shift
The idea of combining networking and security into one offering was not new. But those who had tried, including well-established companies like Cisco and Juniper Networks, had failed. A big part of the challenge is that computer networks must deliver bullet-proof reliability — what the industry calls “five 9s” — which often means adhering to a rigid, unchanging design. But strong security requires constant updates, patches, and upgrades, which can make the network unstable.
“We had to quickly invent new capabilities to make the network rock solid, even though the security stack is extremely dynamic,” says Kramer. “I would say that it was the most challenging years of my career.”
Within a couple of years, Cato entered the market with the first fully integrated cloud-based networking security solution – essentially creating a new IT security category that would become known as Secure Access Service Edge, or SASE. It protects networks at the source of connection – a user, a device, an IoT gadget, or an edge computing location – rather than at the data center, and has been using AI models since Day 1. It also offloads most of the headaches of cyber from a company’s IT security team to Cato. In five years, the company reached $100 million in annual recurring revenue, a milestone few if any cloud companies have achieved faster.
“The best companies are built by teams who truly empathize with the customer’s pain. With Cato, Shlomo has built a painkiller for IT security teams, and their growth speaks to how crucial their product has become to customers around the world,” says Greylock Partner Jerry Chen, Cato board director who led Greylock’s investment in the company in 2016.
Kramer says a handful of customer stories encapsulate the value Cato is able to deliver. When the Log4J vulnerability exposed hundreds of thousands of systems to attack in 2021, Cato’s customers were the first to be protected. In just 17 hours, with no effort on their part, their networks were secure, while others were busy deploying patches as their systems remained at risk. In 2023, when a ransomware attack shut down the operations of Häfele, a German manufacturer, Cato was able to get its 180 sites in more than 50 countries back up in less than 30 days.
Kramer says Cato also allows customers to operate more efficiently. For example, in 2023, Carlsberg Group, the Danish multinational brewer, replaced all of its existing networking and security infrastructure with Cato, covering 25,000 employees in more than 200 locations seamlessly. “We started referring to them as the Apple of networking,” said Tal Arad, vice president of global security & technology at Carlsberg.
“You don’t need to own it,” Kramer says of Cato’s networking security solution. “You just get the results. It provides more agility for the business. So IT security, for once, is not an inhibitor to the business but rather a collaborator that enables the business.”
Alert and protecting thousands
The Cato name was inspired by the Pink Panther movie series, which Kramer watched as a kid in Israel. In it, Peter Sellers’ character, Inspector Clouseau, relies on Cato Fong, a manservant in his employ, to attack him regularly and unexpectedly simply to keep him on his toes: alert and ready to defend himself in a fight.
With more than 5,000 updates to its network in 2023, or nearly 14 each day, Cato’s SASE platform is just that: alert and ready to protect the company’s more than 2,200 enterprise customers. Its growth rate of 59% in 2023 was double the forecast for the SASE sector. During that year, its workforce grew to 1,000 employees across 30 countries, and Cato was valued at more than $3 billion, following a $238 million equity investment.
Kramer says its value is a testament to the “ton of IP” that the company invented as it built the first converged networking and security platform. “It’s a huge moat,” he adds.
Kramer’s vision for Cato’s place in the history of cybersecurity remains as clear as it is concise: “We want to be remembered as the AWS of IT security.”