‹#› confidential security startups the good, bad & ugly april 14, 2015 confidential
TRANSCRIPT
‹#›CONFIDENTIAL
Security StartupsThe Good, Bad & Ugly
April 14, 2015
CONFIDENTIAL
‹#›CONFIDENTIAL
Background
2
Entrepreneur, Investor and Author
Conceived and launched SF Bay Area’s first cyber security accelerator
Invested in 50+ startups
Author of 2 books:
“The Business of Venture Capital” (2014)• The art and science of being a VC
“Startup Boards” – Co-author w/ Brad Feld (2014) How to maximize your board’s value
Background
‹#›CONFIDENTIAL
Agenda
• Cyber-security startups
• Investment trends and opportunities
• Fireside chat
‹#›CONFIDENTIAL
The Good
‹#›CONFIDENTIAL
The dawn of cloud security
Source: Amazon estimates based on 1000 compute cycles (300 compute cycles, 700 peak cycles) and data transfer (3000 GB of In data and 6,000 GB of “out” data).Source: Gartner, “Private Cloud Matures, Hybrid Cloud Is Next,” Thomas J. Bittman,
‹#›CONFIDENTIAL
Security innovation lags technology innovation
Source: Managing Storage: Trends, Challenges, and Options (2013-2014). (EMC, 2013) survey of 1000 IT professionals in 800 organizations
‹#›CONFIDENTIAL
Evolution of cybersecurityThen
Security Perimeter based
Applications On Premise
Threats Static
Types of adversaries Technical chops
Frequency of attacks ??
Security Assessment Periodic
Cyber-security Products
Good enough
Now
Data based
SaaS / Cloud
Dynamic
Financially / Political motivated
200 / minute
Real Time / Continuous
Precision, Relevance & Speed
Impact / Opportunities
Mobile /Encryption/ Key Management
Security-as-a-service
Event Management / Incident Response
Regulation
Monitoring tools
Vulnerability / Pen Testing
Contextual relevance
‹#›CONFIDENTIAL
The established and the new
‹#›CONFIDENTIAL
The dance of giants
* Business Week / BCG CEO Most Innovative Companies Survey; Accenture CEO Survey, 2014
‹#›CONFIDENTIAL
The Bad
‹#›CONFIDENTIAL
Security spending to reach $86 bn
Source: Gartner
2012 2013 20160
22.5
45
67.5
90
112.5
61.867.2
86
Worldwide spending ($bn)
‹#›CONFIDENTIAL
Yet, most enterprises lack security capabilities
‹#›CONFIDENTIAL
Security Sector Highlights Cloud and Virtualization Trends
– Volume of Data has exploded– Monitoring Virtual Machines / Cloud– BYOX Endpoints and access points have increased– Consumerization of IT creates headaches for CISOs
Visibility on security
Technological Complexity
Motivated adversaries
Fragmented market
Financial drivers Political motivations – theft of IP Reputational damage Sophisticated adversaries
Minimal investment can create significant damage Systematic efforts – Target and Home Depot used the same payload
Large number of tools / vendors Quality of tools is just about “Good Enough” Shift towards Managed Security Service Providers (MSSPs) Potential acquirers face structural challenges
‹#›CONFIDENTIAL
And the Ugly
‹#›CONFIDENTIAL
The rise of crimeware
Source: Verizon DBIR 2015
‹#›CONFIDENTIAL
Phishing in the sea
Source: Verizon DBIR 2015
‹#›CONFIDENTIAL
No sector left behind
‹#›CONFIDENTIAL
VC Funding in cyber security
Source: Crunchbase
‹#›CONFIDENTIAL
What VCs look for
19
Market
•Size of the market (How big?)
•End User (Who cares?)
•Willing to pay (How much?)
•Sense of urgency (How fast?)
Management
First mover advantage
Entrepreneurial expertise
Domain expertise / Thought Leaders
Tenacity and Comfort in Ambiguity
Team cohesion
What VCs looks for
‹#›CONFIDENTIAL
The VC dilemma
The information required to make decisive investments in disruptive technology simply does not exist…
It needs to be created through fast, inexpensive and flexible forays into the market
– Clayton Christensen, The Innovator’s Dilemma
‹#›CONFIDENTIAL
VC Funding – it always takes longer
‹#›CONFIDENTIAL
Attention: Appreciation of security in the era of WhatsApp
Value: Feature v Platform• Niche versus broad
Sales: Fear based / ROI / Self-serve
Noisy / Fragmented Market: Overwhelmed CISOs
Returns: No Unicorns• Fireye took 10+ years to go IPO
Security Investments
‹#›CONFIDENTIAL
The dawn of innovation
Its always hard• Capital and Customers
It takes 2X as longer• Patience and fortitude
Fact: The adversary is making more money than the entrepreneurs & VCs combined
Summary
