Gili Raanan's Sunrise payment model suspended as CISOs question ethics

Concerns about influence and incentives are leading to high-profile withdrawals and calling into question Cyberstarts’ advisory approach.

“Cynical allegations of ethical issues in the Sunrise program have forced us to suspend payments under the program. To be clear: the Sunrise program is not going anywhere. Connecting practitioners from leading companies with emerging companies is one of our proudest achievements. upcoming startups,” Gili Raanan, founder of venture capital fund Cyberstarts, wrote in a June 27 letter to 75 cyber executives (CISOs). These executives participated in Cyberstarts’ Sunrise program, which offers startups a profit share in exchange for their advice. This letter has been exposed in detail Forbes investigationwas sent after a June 13th Calcalist report highlighting the controversial model behind cyberstarts. The Calcalist article titled “The Gili Ra’anan Model: Questions Raised by the Remarkable Success of Cyberstarts” offered a first behind-the-scenes look at this highly successful cybersecurity-focused fund.
The Sunrise model recruits CISOs as product development consultants with the incentive of earning tens of thousands of dollars by deepening relationships with Cyberstarts portfolio companies, thereby accelerating those companies’ growth. According to Forbes, major companies such as Chipotle, JLL and Takeda – whose cybersecurity leaders participated in Sunrise – have signed several contracts with Cyberstarts-backed startups. However, JLL and Takeda insist that their cyber executives received no rewards from Cyberstarts for purchasing these services. For some cyber industry veterans, it remains unclear why large companies would adopt products from early-stage startups. Forbes reviewed documents that suggest some CISOs may have received compensation of up to $250,000 for their participation.
1 View gallery 
Gili Raanan. 
(Photo: Ron Shelef)
Since Calcalist’s report, about a third of cyber leaders in the Sunrise program have been removed from the Cyberstarts website. In some cases, corporate contracts with Cyberstarts portfolio companies were not renewed. “I left because it was getting more aggressive,” one participating CISO told Forbes. “The line was crossed for me when CISOs started influencing decision-making within their own companies to promote products,” noted a second. Two other executives expressed similar sentiments: “I was completely horrified. It was against my principles,” one said after receiving the program’s compensation menu. Another manager noted the “gray areas” of the program and potential conflicts of interest.
According to Forbes, a long-time investor in Cyberstarts declined to participate in the latest fundraising round due to ethical concerns raised in Calcalist’s report. Raanan denied this and claimed that the latest $60 million fund    was oversubscribed and the amount was limited to a modest level given the fund’s focus on early-stage investments.
Cyberstarts, led by Raanan, has funded several successful Israeli cybersecurity firms, including unicorns like Wiz, which recently rejected a $23 billion takeover offer from Google, as well as Cyera and Fireblocks. Since its inception in 2018, Cyberstarts companies have recorded exits totaling $1.6 billion. This rapid success is due to early partnerships with major U.S. companies that help position Cyberstarts startups for subsequent rounds of funding. Although consulting cybersecurity managers to identify organizational vulnerabilities is common in venture capital, Forbes revealed that Cyberstarts has expanded this approach beyond consultation to influence purchasing decisions, drawing comparisons to how financial incentives can impact objectivity in other sectors.
In a recent conversation with Forbes, Raanan mentioned that half of the participating security managers chose financial rewards. However, in a later interview he corrected the figure to 20%. Regarding the program’s suspension, Raanan explained that CISOs involved in Sunrise were faced with excessive requests, leading to what he called a “perception problem.” He emphasized that the program was ultimately not essential to the fund.