Cyber-security VCs are holding onto their cash – but that’s OK

Are VCs cooling their interest in cyber-security companies?

Cybersecurity has never been hotter. Analysts say that $3.8 billion went into cybersecurity companies in 2015, a year which saw five private companies in the market reach more than $1 billion in valuations, and others – such as Rapid7, Sophos and Mimecast -- filed for IPO.

The market’s rise has been impressive – CB Insights says that last year’s funding figure represented a 235 percent increase from the $1.1 billion ploughed into 166 deals in 2011. No surprise then that big firms like Intel Capital, Google Ventures and Qualcomm Ventures have become the sector’s most active investors, all eyeing up the next potential unicorn.

cybersec vcfunding chart

This explosion in funding hasn’t solely been confined with VCs, with the cybersecurity M&A market exploding in recent months. PwC reports that total deal activity since 2008 has exceeded $22 billion globally, with 451 Research noting that the number of security acquisitions has risen 41 percent in the last two years.

Most notably in 2015, Symantec gobbled up the Bain Capital-backed Blue Coat for $4.6 billion.

In many ways, none of this should come as any great surprise. After all, over the last three years we’ve seen a record number of data breaches, including some of the most notable such as OPM, Target, Sony and JP Morgan, some of which have resulted from the discovery of (and exploitation of) zero-days like Shellshock and Heartbleed.

All of the above may point to a booming cyber-security market, but this is not strictly the case.

Recent figures suggest that while funding does continue to flow to more established vendors, and promising start-ups, deals now take longer to piece together. Market consolidation is on its way and VCs, it appears, are not parting with their cash as easily they once were.

Does this mean that the big boom has stopped? And could that actually be a good thing for the market as a whole?

Funding slowdown

Cybersecurity has been on a rocket ride, but the record growth of 2015 is petering out. CBI says that cybersecurity deals peaked last year but slowed down in the first two quarters of this year.

But the market isn’t slowing down too much – CBI still expects funding for such companies to surpass $3 billion of investment, across more than 300 deals, by the end of 2016. This is admittedly below the level of the 2015 but still “well above” those figures reported for 2014.

But is this slowdown actually a good thing? Is this a sign of a maturing market, or perhaps or more considered, thought-out investments? Experts seem to be split.

William Altman, tech industry analyst at CB Insights

William Altman, tech industry analyst at CB Insights, explains that the slowdown is because VCs are essentially becoming more picky in who they invest in.

“The overall slowdown in funding is happening because VCs are becoming more discerning with their cybersecurity investments,” he tells CSO Online.

From 2012 to 2015 the rising number of high-profile attacks prompted cybersecurity spending across both government and corporations to increase, creating massive potential for start-ups promising "next-gen solutions.” Consequently, lots of new companies with overlapping products and services emerged — especially in endpoint protection — and VCs flooded the market with cash in anticipation of the windfalls.

Consequently, Altman says that VCs are now spending more time on due diligence and scrutinizing possible investments. He adds that they are looking for technology differentiation amid an over-saturated market of similar players, and admits there is now less appetite for single-solution vendors.

“VCs are holding out for companies that are merging to offer more unified-security platforms.”

Furthermore, he continues that early-stage companies that were funded in 2015 have since slipped below expectations, with their products quickly shown to be copies, obsolete or simply with revenues that “were not up to expectations.”

Jack Gold, principal analyst and founder at J. Gold Associates, agrees that VCs may have got swept away with market hype.

“Here’s the problem…if I as a VC find a nice cool company with a new twist on security and I invest in them, there’s a chance I will find six other companies doing the same thing in the same marketplace.

“There is an over-abundance of companies trying to get a different bite of the same security meal.”

Alex Van Someren, managing partner of the early stage funds at Amadeus Capital, believes though that the market will continue to grow.

“Cybersecurity remains a very active investment area which has no trouble overcoming any slowdown, perceived or real, in the general investment environment.

“[It] will continue to be a significant investment area for the foreseeable future, since it is a horizontal technology required by many vertical sectors.”

AI and IoT security drive new VC dollars

If, as Gold suggests, there is an over-supply of vendors competing for cash in this space, it would seem that the successful ones will tweak their products for an evolving threat landscape. After all, all companies must move with the times.

Sean Cunningham, managing director of Trident Capital, illustrated this perfectly when speaking to new site Third Certainty last month, saying that the cybersecurity world has moved on from prevention to detection and response.

“Cybersecurity is moving away from the era of building walls toward more flexible and proactive approaches,” he said. “This requires constant monitoring for breaches and vulnerabilities and remedial responses. So we’re seeing a wave of consolidation among cybersecurity companies of all sizes.”

The insatiable pace of new technology has not only caught the attention of existing security suppliers – eager to boost their IP and stockpile talent -- it is also shaping the security firms of tomorrow.

CBI reports that established market sectors like enterprise data and network security still see big deals from VCs, such as the $130 million going to network monitoring firm LogicMonitor in June, but also highlights growing interest in predictive threat intelligence, smartphone security, the Internet of Things (IoT) and Big Data.

Join the CSO newsletter!

Error: Please check your email address.

More about AutonomyCentrifyCrowdStrikeCSOCylanceDarktraceEUGoogleIntelIntel CapitalJP MorganMimecastMorganQualcommRapid7RSASkyhigh NetworksSonySophosSymantecTrident

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by By Doug Drinkwater

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts

Market Place