More Cyber IPOs Expected for 2018
Big solutions, more IPOs and products that offer comprehensive protection are among the trends for the upcoming year
For daily updates, subscribe to our newsletter by clicking here.
The evident gap between the capabilities and resources of the attackers and the ones available to defenders is not showing any signs of narrowing, and the lure for investors is as strong as ever. Furthermore, the growing sophistication and ‘automation’ of the cyber perpetrators has led to increasing enterprise awareness regarding cyber-attacks, as well as to the increasing accountability of management.
Until a few years ago, cybersecurity products mostly ‘defended’ against cyber attacks (e.g., firewalls, endpoint detection, etc.). As enterprises acknowledged that their defenses could be penetrated, ‘detection’ and ‘remediation’ became required classes of products. Additionally, most enterprises began to use the public cloud, creating the need for cyber defenses that extend from on-premises data centers to applications and data running on IaaS. Enterprises also recognized the fact that insider threats need to be monitored, further expanding the defensive landscape.
In 2017, the cybersecurity market faced a peculiar dichotomy: while cyber attacks and cyber crimes continued to escalate, with rising financial damages and increased funding from private companies, we also witnessed a decline in the value of mergers and acquisitions compared to 2016, and only one IPO of a cybersecurity company during this year. Many of the companies that have been funded for the past few years and are growing moderately, continue to operate in a dense category or have a technology that does not substantially assist the IT security team anymore.
The slowdown in valuations is driven by the challenges that face cyber defense adoption. Most enterprises now have over 40 cyber products (ranging from defense to detection and remediation). Companies and cyber analysts cannot effectively monitor and manage all these cyber products due to poor integration and an unmanageable number of alerts, driven mostly by false positives. As a result, spending levels are muted because of the companies’ inability to properly integrate and leverage all the new technologies.
Looking at hundreds of venture-backed companies, what are the unique indicators that can predict an increased likelihood of success for an early stage cybersecurity start-up over the next few years?
“Green light” signs
Securing uncharted territories: fast growing technology domains (e.g., IoT and autonomous vehicles) create new security challenges. Companies that will be able to dominate these new markets will enjoy fast growth, while facing less intense competition.
Promoting simplicity: overworked and understaffed security teams are too often overwhelmed by complex products. Effective and simple-to-use products and technologies will have a significant advantage. Products that can help relieve the burden on the technical teams, and assist the decision-making on the management and even board levels, will gain a competitive edge.
Performance improvement by ten-fold (compared to existing solutions): many new companies claim that they use advanced artificial intelligence technologies to better prevent, detect, remediate, and stop attacks. But using AI by itself does not necessarily guarantee a major advantage over incumbent solutions. In this dense market, only a significant performance improvement can motivate a potential customer to consider adding a new product to their current stack, let alone replace one.
Workforce efficiency: the growing shortage of skilled cybersecurity professionals will work to the advantage of products that semi or fully automate work processes, decision making and intervention activities, especially if they are easy to deploy, train for use, and maintain.
Efficient and smart Go-to-Market: sales and marketing expenses that do not scale will not be accepted favorably by investors in the coming years. Products that are easy to demonstrate, are channel-ready early on, and can leverage partnerships will accelerate sales and grab market share faster.
Smart pricing and business models: pricing models that adapt to the fast rate of changes in technology, offer value-added upsell, as well as reduce the fear of prospective customers from long-term lock up, will thrive faster.
Outward and inward facing: solutions that can handle both external and internal threats and offer comprehensive protection will be more competitive and appealing to prospective clients.
Replacing multiple vendors: CISOs want to work with the least number of products as possible.
Helping security analysts: solutions that increase efficiency and effectiveness, for example by using visualization, will attract more positive attention.
Providing comprehensive risk assessment: solutions that assist technical teams, management, board and cyber insurers in this aspect will fill a much-needed space.
“Red light” signs
Lagging in dense categories: companies that are placed in the 4th place and below in a 10+ players’ category face a major challenge, because the number of potential acquirers in most cybersecurity categories is limited. Moreover, their potential of grabbing a significant market share in a market where CISOs are hesitant to engage with new vendors is small as well.
Not using AI/ML/big data analytics: to fight advanced cyber-attacks one needs advanced technologies that learn and adapt rapidly to a constantly changing threat environment.
Stand alone: products that do not integrate with popular platforms or lack interfaces that can connect to the existing stack cannot effectively contribute to the critical need of businesses to detect and respond quickly to looming cyber attacks.
Ignoring regulatory risks: solutions that collect data on their cybersecurity platform without meeting new regulatory requirements, such as GDPR, will not only deter CISOs but will end up failing because of the repercussions of their non-compliant features or operations.
Alerts, alerts, alerts: a typical SOC is already flooded with untreated alerts. Solutions that will not be able to help lower the burden of tasks and separate the false or minor alarms from the major and critical ones will not generate the right effect, offering very little value, if any.
Solving small problems: when dealing with big and small cyber challenges, companies prefer to focus only on products that tackle the big ones.
The cybersecurity arena will continue to produce interesting news throughout 2018. On the positive side, we can expect to see more IPOs and acquisitions than in recent years. Unfortunately, we can also expect to see more negative news with companies shutting down after losing the faith of their investors.
Arik Kleinstein holds a MBA from Tel-Aviv University’s Recenati Business School. He is a founding managing partner at Glilot Capital Partners, a seed and early stage venture fund focused on cybersecurity and enterprise software.