Ready to build your own Founder-Led Growth engine? Book a Strategy Call
Frontlines.io | Where B2B Founders Talk GTM.
Strategic Communications Advisory For Visionary Founders
Conversation
Highlights
Why Protecting Data Itself Beats Layering Security: Lessons from Calamu’s Category Creation Journey
The cybersecurity industry has been solving the same problem the same way for decades. Layer more security on the infrastructure. Build bigger walls around the walls. But what if the entire approach is fundamentally flawed?
In a recent episode of Category Visionaries, Paul Lewis, CEO and Co-Founder of Calamu, shared how a moment of inspiration from his golden retriever led to a completely different way of thinking about data security—one that’s creating a new market category called cyber storage.
The Origin Story: When Your Dog Teaches You About Data Security
Paul’s path to founding Calamu came from years of frustration working in incident response. “I was working with multi global corporations that were just getting hammered in cyber attacks, like over and over again. And I thought there had to be a better way to do this and there had to be a better solution,” Paul explains. “At the time, I was going to all the security conferences, and really, quite literally, I got tired of seeing like, 3000 companies selling the same ten things, and none of those things really were working.”
The breakthrough came in an unexpected moment. “I was sitting on my porch literally one night, and my dog, my golden retriever, was sitting next to me. And he got up and he picked up his bone and he trotted across the street and he buried a hole in my neighbor’s yard and put his bone there and covered it up and came back, and I could swear he was smiling,” Paul recalls. “And that was the moment of inspiration that I had that said, wow, he just put his most prized possession in the public domain, and he’s cool with it. He’s not worried about anybody accessing it.”
That simple observation fundamentally changed Paul’s thinking. “That really was the change in mindset that I needed to start thinking about how can we put our data in the cloud, which really is the public domain in a way that makes it truly safe?”
Breaking Through Market Noise: Anti-Fear Marketing in Cybersecurity
Walking through Black Hat or any major security conference reveals a troubling pattern: everyone’s messaging looks the same. Scary red colors. Fear tactics. Doom and gloom. Paul took a radically different approach with Calamu.
“It’s not about doom and gloom and it’s not about trying to scare people into buying our product. It’s about understanding that there is a better way, right? And there’s a better way to protect your data,” Paul says. “We’re not trying to say, hey, you’re going to be the next victim or watch over your shoulder, or you’ve got all these problems with your infrastructure. We’re saying, hey, we live in a real world and there are real world problems and we’re just a solution to help you and help your organization continue to stay in business and absorb an attack without having downtime from an attack.”
This messaging strategy resonates because security leaders have become numb to fear-based marketing. “Maybe it worked 15 years ago, but I think today everybody knows all the stats, everybody knows all the problems. Everybody’s tired of hearing about the problems. We know what they are,” Paul notes. “So it’s innovative solutions that I think they’re getting the attention and the CEOs are responding, right. They don’t want to hear about how can I be same old and just put another layer of security on or build a bigger wall around the wall. It’s more about what’s something that’s innovative, what’s a new way of looking at things?”
Creating a New Category: The Cyber Storage Market
Calamu isn’t just building another security product—they’re defining an entirely new category. “We’re in a category called cyber storage. So it’s cybersecurity, but cyber storage is the way that we think about storing data in a way where we’re protecting the data itself. And it’s actually a new category. So Gartner recognizes this as a new category. Just recently, they recognize it as an emerging category,” Paul explains.
The fundamental difference in approach is significant. “Instead of putting layered security on the infrastructure, and instead of trying to protect the network that holds the data, Calamu protects the data itself, regardless of what infrastructure happens to be on.”
This is particularly critical for addressing the real ransomware problem—double extortion. “Ransomware doesn’t address the problem really, that ransomware is all about when we talk about these backup store solutions, which is double extortion. So we have double extortion where data is actually stolen from the network and that data is then weaponized back against the company and used against the company and threatened to be released. And that’s really where we see the biggest growing kind of pain that we’ve got around ransomware.”
The Market Education Challenge
Creating a new category means changing how people think. “The single greatest challenge for us is it’s a change in mindset, right? So nobody really before was thinking about protecting the data at the data layer. They were thinking about protecting the infrastructure. And there’s billions, trillions of dollars spent protecting the infrastructure,” Paul shares.
The good news? Once the concept clicks, adoption follows quickly. “We’re not saying you don’t need to do that, but we’re saying, look, that’s not working as well as we all hoped it would work. So let’s look at protecting the data. Even if the data is removed from your control. So changing that mindset is really the greatest thing, the greatest challenge that we’ve had partly education, not a lot of education, because as soon as we kind of talk through it and explain the process and how it works, people kind of get it right away, and then they get excited about it.”
Working with analyst firms like Gartner plays a key role in this education process. “We’re not trying to obviously we’d love to get market, we’d love to see if we can get exposure in market, but it’s really more trying to educate because what we’re going through is a change in mindset. We’re changing from this layered security model where we’re layering on more and more security onto the infrastructure, into we don’t have to worry about that so much because we’re really now just trying to protect the data, especially if the data gets into the hands of third party or someone that shouldn’t have it.”
Finding Product-Market Fit: The Surprising Bell Curve
Calamu’s adoption pattern reveals interesting insights about market dynamics. “We’re really seeing a real bell curve here. So we’re seeing small, medium businesses are kind of signing up pretty quickly. They get it. They see the value prop. They get it. And then we’re getting a lot of attention from large enterprise, which is interesting to me,” Paul notes. “It’s really the two ends of the bell curve that we’re seeing the most activity right now.”
Large enterprises, despite their reputation for moving slowly, are quick to adopt innovative security technologies. “Large enterprise, they are innovators. While they typically move slowly, they don’t move slowly, necessarily with cyber. And they see emerging technologies as being very important to their future.”
The sweet spot for early adoption centers on sensitive data with retention requirements. “The first applications that we’re seeing are typically around sensitive data, where there’s a long term data requirement and data has to be moved from on prem to the cloud. And this is a great solution to make that happen.”
The Cloud Trust Problem Calamu Solves
As enterprises move to the cloud, they face a fundamental trust issue. “When you go to the cloud, you’re actually putting your hands, your data into the hands of a third party. Right? So for the first time, you’re taking it out of your complete control and you have to control one of the hyperscalers, whether it be Amazon or Microsoft or Google oracle or whoever else. But you have to trust another company. And that’s scary. That’s a scary thing,” Paul explains.
This is where Calamu’s approach provides unique value. “The way that we process data with Calamu is we’re kind of reducing the burden of the fear of putting your data into the hands of a third party. Because when we process it, we keep it really, truly safe, even in a cloud environment or a multi cloud environment.”
Crossing the Chasm in Cybersecurity
Paul is candid about where Calamu sits in its market journey. “We’re right in the middle of crossing it. So we’re in that kind of scary land where we’re not quite at scale. We’re just getting to that point. And we’re looking at all things product market, fit, messaging. What exactly is the value prop that we’re going after? We’re kind of multifaceted with benefits that we bring. So we feel like we bring so much benefit, but we can’t boil the ocean. So what we’re trying to do is we’re really trying to zone in on the one thing that is really going to allow us to get to scale.”
This focus becomes even more critical in category creation, where the temptation to showcase every benefit can dilute the core message that drives adoption.
A Bold Vision: Eliminating Ransomware
Paul’s five-year vision is ambitious. “Today we do a great job of protecting data at rest in the cloud, and we have a vision of protecting all data. Right. So all data, whether it be transactional data in motion, any kind of data, we’ve got a big vision to do that. I’d love to see some of these cyber problems like ransomware completely eliminated, just a thing of the past, part of our history and not something that we’re still talking about.”
When pressed on whether ransomware can truly be eliminated, Paul remains optimistic. “People think I’m crazy because the bad guys are always smarter, the mouse is always faster than the cat. But I think in this case, I could see a difference because we’re changing the battle surface. Right. We’re kind of changing the attack vector. And if we can eliminate that attack vector altogether, luck. I think there could be some ransomware extortion, or it’s always going to be bad guys for trying to get money out of companies, but they’re not going to do it by what we traditionally call ransomware. Today, that’s going to be gone.”
The key insight driving this confidence? “We start with the premise that the bad actor has reached the data. So there’s been a failure somewhere in the system and they’ve actually reached the data. So we’re trying to cut through the noise by putting out messaging that the attack has happened. And we need to be comfortable with the fact that attacks continue to happen even with great technologies and great emerging technologies to protect the data. Eventually the data is reached and when the data is reached, that’s where Kalamu kicks in.”
By accepting that breaches will happen and focusing on protecting the data itself rather than preventing every possible intrusion, Calamu has found a fundamentally different approach to an industry problem. For founders building in crowded markets, Paul’s journey offers a clear lesson: sometimes the breakthrough isn’t a better version of what everyone else is doing—it’s questioning whether the entire approach needs to change.
Recommended Founder
Interviews
Jean Le Bouthillier
CEO of Qohash
Jean Le Bouthillier, CEO of Qohash: $20 Million Raised to Build the Future of Data Security
Pukar Hamal
CEO and Founder of SecurityPal
Pukar Hamal, CEO and Founder of SecurityPal: $21 Million Raised to Power the Future of Customer Assurance
Nadav Arbel
CEO & Co-Founder of Cyrebro
Nadav Arbel, CEO & Co-Founder of Cyrebro: $51 Million Raised to Build the Future of ML-Backed MDR
Idan Bar-Dov
CEO and Co-Founder of Heka Global
How Heka Global positioned web intelligence as a fourth fraud detection layer to avoid vendor comparison | Idan Bar-Dov
Dan Lorenc
CEO & Founder of Chainguard
Dan Lorenc, CEO & Founder of Chainguard: $250 Million Raised to Power the Future of Software Supply Chain Security
Dimitri Sirota
CEO & Co-Founder of BigID
Dimitri Sirota: The GTM Story of BigID ($1.25 Billion Valuation)
Ian Amit
CEO and Founder of Gomboc
Ian Amit, CEO & Founder of Gomboc: $5 Million Raised to Build the Future of Cloud Security Remediation
Lisa O’Reilly
Vice President of Marketing of iVerify
How iVerify’s First Marketing Hire Built a Research-Driven Engine
Bob Tinker
CEO & Co-Founder of BlueRock
How BlueRock identified three distinct buyer personas by asking “How would you describe what we do to your peers?” | Bob Tinker
David Etue
CEO of Nisos
David Etue, CEO of Nisos: $33 Million Raised to Build the Future of Managed Intelligence
Ben Levine
Senior Director of Product Management and Marketing of Axiado Corporation
Building Marketing Guidelines That Actually Stick Across Teams
Jessica Pratt
Director of Marketing and Communications of Peak Metrics
How PeakMetrics Turns Product Data Into Marketing Gold
Dave Mor
CEO and Co-Founder of OneLayer
Dave Mor, CEO and Co-Founder of OneLayer: $15 Million Raised to Protect Private Cellular Networks
Joe Levy
CEO of Sophos
Joe Levy, CEO of Sophos: $1.5 Billion ARR and the Future of Cybersecurity at Scale
Austin Gadient
CTO & Co-Founder of Vali Cyber
Austin Gadient, CTO & Co-Founder of Vali Cyber: $15 Million Raised to Build the Future of Linux Security
Peter Dvorak
Founder & CEO of Wultra
How Wultra built category leadership as the only post-quantum provider for banking digital identity | Peter Dvorak
Kyle Hanslovan
CEO & Co-Founder of Huntress
Kyle Hanslovan, CEO of Huntress: $160 Million Raised to Build the Future of Managed Security
Joshua Motta
CEO & Co-Founder of Coalition
Joshua Motta: How Coalition Created the “Active Insurance” Category ($5B Valuation)
Robert Cowart
CEO & Co-Founder of ElastiFlow
Robert Cowart, CEO & Co-Founder of ElastiFlow: $8 Million Raised to Power the Future of Network Performance and Security Analytics
Justin Beals
CEO, Co-Founder of Strike Graph
Justin Beals, CEO of Strike Graph: $12 Million Raised to Build the Future of Automated Security and Compliance
Tiffany Ricks
CEO and Founder of HacWare
Tiffany Ricks, CEO and Founder of HacWare: $2.6 Million Raised to Build the Future of Security Awareness
Carole Winqwist
CMO of GitGuardian
How to Win with Rapid Response: GitGuardian’s Media Playbook
Dimitri Sirota
CEO & Co-Founder of BigID
Dimitri Sirota: The GTM Story of BigID ($1.25 Billion Valuation)
Sebastian Stranieri
CEO & Founder of VU Security
Sebastian Stranieri, CEO & Founder of VU Security: $24 Million Raised to Build the Future of Digital Identity & Fraud Prevention
Josh Shaul
CEO of Allure Security
Josh Shaul, CEO of Allure Security: $6 Million Raised to Help Businesses Win the Battle Against Online Scammers
Michael Assraf
CEO & Co-Founder of Vicarius
Michael Assraf, CEO of Vicarius: $29 Million Raised to Build the Future of Vulnerability Prioritization
Russell Spitler
CEO & Co-Founder of Nudge Security
Russell Spitler, CEO & Co-Founder of Nudge Security: $17 Million Raised to Build the Future of SaaS Security
Danny Lopez
CEO of Glasswall
Danny Lopez CEO of Glasswall: $60+ Million Raised to Make the Content Disarm and Reconstruction (CDR) Category Mainstream
Neil Serebryany
CEO and Co-Founder of CalypsoAI
Neil Serebryany, CEO & Co-Founder of CalypsoAI: $38 Million Raised to Power the Future of AI Security
Harley Sugarman
Founder & CEO of Anagram
Harley Sugarman, Founder & CEO of Anagram: $10 Million Raised to Transform Human-Driven Security
Arjun Bhatnagar
CEO & Co-Founder of Cloaked
Arjun Bhatnagar, CEO of Cloaked: $25 Million Raised to Build the Future of Data Privacy
Rodrigo Leme
Marketing Director of Right-Hand Cybersecurity
Rodrigo Leme, Marketing Director at Right-Hand Cybersecurity: Standing Out in a Crowded Market – Niche Targeting and Customer-Centric Approach
Mehul Revankar
Co-Founder & CPO of Quantro Security
AI vs. AI: why Quantro Security is building defense for the era of AI-native offense
Aurelie Guerrieri
Chief Marketing & Alliances Officer of DataDome
Aurelie Guerrieri, Chief Marketing & Alliances Officer at DataDome: 20 Years in Silicon Valley – Insights on the Evolving Tech Landscape
Eric Olden
CEO and Founder of Strata Identity
Eric Olden, CEO and Founder of Strata Identity: $42 Million Raised to Build the Identity Orchestration Category
Mike Janke
Co-Founder of Data Tribe
Funding the Future: Mike Janke, Co-Founder of Data Tribe
Philippe Humeau
CEO of CrowdSec
Philippe Humeau, CEO of CrowdSec: $21 Million Raised to Build the Future of Cyber Threat Intelligence
Spencer Thompson
CEO and Co-Founder of Prelude
Spencer Thompson, CEO and Co-Founder of Prelude: Over $30 Million Raised to Build the Future of Continuous Security Testing
David Brumley
CEO of Mayhem
David Brumley, CEO of Mayhem: $38 Million Raised to Build the Future of Security Testing
Stephen de Vries
CEO and Co-Founder of IriusRisk
Stephen de Vries, CEO and Co-Founder of IriusRisk: $40 Million Raised to Build the Future of Threat Modeling
Edward Wu
CEO and Founder of Dropzone AI
Edward Wu, CEO & Founder of Dropzone AI: $20 Million Raised to Build the Future of AI SOC Analysts
Paul Valente
CEO and Co-Founder of VISO Trust
Paul Valente, CEO and Co-Founder of VISO Trust: $17 Million Raised to Build the Future of Third-Party Cyber Risk Management
Alan LeFort
CEO of StrongestLayer
How StrongestLayer achieved 85% meeting-to-POC and 100% POC-to-win rates using transparent one-week pilots | Alan LeFort
Umaimah Khan
CEO and Co-Founder of Opal Security
Umaimah Khan, CEO & Co-Founder of Opal Security: $32 Million Raised to Build the Future of Identity Security
John Milburn
CEO of Clear Skye
John Milburn, CEO of Clear Skye: More Than $20 Million Raised to Build the Future of Identity and Access Governance
Christian Almenar
CEO & Co-Founder of Monad
Christian Almenar, CEO of Monad: $19 Million Raised to Solve the Cybersecurity Big Data Problem
Tony Scott
CEO & President of Intrusion
How the ex-White House CIO turned around a failing cybersecurity company by fixing the product first | Tony Scott
Ben Kliger
CEO and Co-Founder of Zenity
Ben Kliger, CEO and Co-Founder of Zenity: $21.5 Million Raised to Build the Future of Security and Governance for AI, Low-Code, and No-Code Development
Marina Segal
CEO and Co-Founder of Tamnoon
Marina Segal, CEO & Co-Founder of Tamnoon: Over $5 Million Raised to Build the Future of Cloud Security
Itzik Alvas
CEO & Co-Founder of Entro Security
Itzik Alvas, CEO & Co-Founder of Entro Security: $24 Million Raised to Build the Future of Non-Human Identity Management
Dan Lowden
CMO of Blackbird.AI
How to Create a Category: Dan Lowden’s 8-Exit CMO Playbook
Ani Chaudhuri
CEO & Co-Founder of Dasera
Ani Chaudhuri, CEO & Co-Founder of Dasera: $21 Million Raised to Build the Future of Data Security
Ayal Yogev
CEO and Co-Founder of Anjuna
Ayal Yogev, CEO and Co-Founder of Anjuna: $42 Million to Build The Future of Confidential Computing
Ori Eisen
CEO & Founder of Trusona
Ori Eisen, CEO & Founder of Trusona: $38 Million Raised to Power the Future of Account Takeover Prevention
Amit Gupta
Senior Director of Marketing Operations of Fortanix
Why Marketing Ops Should Be Your First GTM Hire
Ken Bagnall
CEO & Founder of Silent Push
Ken Bagnall, CEO & Founder of Silent Push: $22 Million Raised to Transform Threat Intelligence Through Adversary Infrastructure Monitoring
Matteo Bogana
CEO and Co-Founder of Cleafy
Matteo Bogana, CEO & Co-Founder of Cleafy: $12 Million Raised to Build the Future of Online Fraud Prevention
Tony Lombardo
VP of Marketing of ThreatModeler Software
Why 99% of Cybersecurity Marketers Are Doing Demand Gen Wrong
Oren Kaniel
CEO & Co-Founder of AppsFlyer
Oren Kaniel: The GTM Story of AppsFlyer ($2 Billion Valuation)
Michael Assraf
CEO & Founder of Flamingo
How Flamingo generated 1,000 waitlist signups before launching a product using a free community tool | Michael Assraf
Mollie Breen
CEO and Co-Founder of Perygee
Mollie Breen, CEO and Co-Founder of Perygee: $6.4 Million Raised to Build the Future of IT/OT Security
Tom Tovar
CEO and Co-Founder of AppDome
Tom Tovar, CEO of AppDome: Over $26 Million Raised to Build the Future of Mobile App Security
Sivan Tehila
Founder and CEO of Onyxia
Sivan Tehila, Founder and CEO of Onyxia: $5 Million Raised to Build the Future of Cybersecurity Performance Management
Tom Jermoluk
CEO of Beyond Identity
Tom “TJ” Jermoluk: The GTM Storyteller of Beyond Identity ($1.1 Billion Valuation)
Tom Jermoluk
CEO of Beyond Identity
Tom “TJ” Jermoluk, CEO of Beyond Identity: $200 Million Raised to Build the Future of Multi-Factor Authentication
Colby Proffitt
VP of Marketing of Shift5
From the Pentagon to B2B: Colby Proffitt’s Journey and ABM Insights
Stijn Vande Casteele
Founder of Sweepatic
Stijn Vande Casteele, Founder of Sweepatic: $4.4 Million Raised to Build the Future of External Attack Surface Management
Diana Rabba
Head of Marketing of Exein
Long Game Marketing: Building Trust in High-Stakes B2B Sales
Adam Cecchetti
CEO & Co-Founder of Staris AI
Adam Cecchetti, CEO & Co-Founder of Staris AI: $5.7 Million Raised to Build Total Context Security for Application Protection
Denny LeCompte
CEO of Portnox
Why Portnox’s CEO refuses to measure Net Promoter Score | Denny LeCompte
Eddie DeCurtis
Co-Founder and CEO of Shush
How Shush differentiated against competitors by solving business operations, not just deploying technology | Eddie DeCurtis, Co-Founder & CEO of Shush Inc.
Arie Zilberstein
CEO and Co-Founder of Gem Security
Arie Zilberstein, CEO and Co-Founder of Gem Security: $34 Million Raised to Power the Future of Cloud Detection and Response
Peter Prizio Jr
CEO of SnapAttack
Peter Prizio Jr, CEO of SnapAttack: $8 Million Raised to Power the Future of Threat Management
Ryan Lasmaili
CEO & Co-Founder of Vaultree
Ryan Lasmaili, CEO of Vaultree: $16 Million Raised to Build the World’s First Fully Functional Data-in-Use Encryption
Mykolas Rambus
CEO & Co-Founder of Hush
Mykolas Rambus, CEO & Co-Founder of Hush: $7.5 Million Raised to Build the Future of Data Privacy
Ryan Schonfeld
Founder & CEO of Hivewatch
Ryan Schonfeld, CEO of Hivewatch: $25 Million Raised to Build the OS of Physical Security
Julie Preiss
Chief Marketing Officer of Centripetal
Why Your Cybersecurity Brand Sounds Like Everyone Else
Kyle Hanslovan
CEO & Co-Founder of Huntress
What happens when you outgrow your messaging? w/ Huntress CEO Kyle Hanslovan
Matthew Howard
SVP & CMO of Virtru
How to Time Analyst Relations for Maximum Category Impact
Jason Martin
Co-Founder and Co-CEO of Permiso Security
Jason Martin, Co-Founder and Co-CEO of Permiso Security: $10 Million Raised to Build the Future of Cloud Security
Bill Moore
CEO and Founder of XONA
Bill Moore, CEO and Founder of XONA: $30 Million Raised to Build the Future of OT User Access
Scott McCrady
CEO of SolCyber
Scott McCrady, CEO of SolCyber: $20 Million Raised to Build the Future of Managed Security
Rohan Sathe
Co-Founder & CEO of Nightfall AI
How Nightfall AI uses CISO dinners to generate pipeline | Rohan Sathe