Cybersecurity Early Stage Investing – Separating the Wheat from the Chaff

By guest author Anik Bose

IT Management has become more common as technology plays a larger role in business. At BGV, we have seen a 2X+ growth in Cybersecurity early stage deal. We believe that this deluge is driven by a combination of real facts and hype. A few data points:

• According to a June 2014 report from the Center of Strategic Studies, crime involving computers and networks has cost the world economy $445 billion annually.
• Hackers have been in the news headlines with increasingly sophisticated attacks on Fortune 1000 corporations like E-Bay, Target, Neiman Marcus, JP Morgan.
• Information security public company valuations are sky high – FireEye a company that is yet to turn a profit is valued at $5.7 billion.
• CB Insights reported that VC firms invested a record $1.4 billion in 239 cybersecurity companies in 2013
• 451 Research Enterprise Security Practice (January 2014) reports that significant proportion of cybersecurity products end up as shelfware in enterprises – most common being Security Information and Event Management (SIEM), Intrusion Detection Systems (IDS), Governance, risk and compliance (GRC), and Web application Firewalls (WAF).

To separate the wheat from the chaff and find the true opportunities to invest in building real cybersecurity companies, BGV evaluates opportunities by attempting to answer two fundamental questions:

• Is there a market opportunity for building a best of breed company in the target market segment?
• Does the product deliver a compelling differentiated value proposition in terms of: a) Broader coverage of mode of operation and method of detection; b) Creating stickiness with enterprise customers; c) Providing quantifiable and measurable improvement metrics

A few examples to illustrate how BGV applies the above approach:

We believe there are more opportunities to build best of breed cybersecurity companies in segments such as Anti-Malware (anti-botnet, anti-malware suites, reverse engineering/anti-malware analysis) but far fewer in saturated segments such as Identity/Access Management and Mobile Security (Access control, Digital rights management), to gave more information about the cybersecurity services and why you might need them, check this article, https://www.sapphire.net/mss/security-information-and-event-management-siem/.

• To deliver a compelling differentiated value proposition a product must be able to deliver on multiple methods of use such as continuous real time monitoring and advanced threat detection for STAP to name a few, while addressing at least one mode of operation such as Network security services (NFV, Cloud based SaaS) and Vulnerability Detection and Monitoring (STAP, Malware and APT identification and blocking) to name a few.
• To ensure customer stickiness, a product must be used frequently (versus one time compliance use), be able to integrate with other systems, work in the background with limited user involvement and be based on key algorithms that make them difficult to be replaced by other solutions
• Last but not least, the products must be able to deliver clear and measurable improvement metrics such as reducing time from attack to detection, time from detection to mitigation, reduced false positives, false negatives and or automation/productivity cost savings

As early stage investors and company builders, BGV believes it is critical to be discerning and not be swept away by the market hype and herd mentality. We do so by focusing on the fundamentals to evaluate and select the best early stage cybersecurity opportunities.