DataTribe Insights - Q1 2021:
Pwnd But Optimistic
The DataTribe Team
As we come out of Q121, mass vaccinations create a ray of light at the end of the COVID tunnel. Warmer weather is bringing us outside. Planes are filling. The worst has passed. The ‘20s are about to roar.
At the end of last year, the SolarWinds incident broke, affecting more than 18,000 organizations who continue to struggle with the impact of the event. Then, in March, we learned another 30,000 U.S. organizations, and more than 100,000 worldwide, have been potentially compromised by a zero-day attributed to Chinese threat actor HAFNIUM. Back-to-back, the world has experienced some of the farthest-reaching nation state cyber attacks to date.
It’s in the context of optimism about the receding pandemic and nation state-driven mega breaches that cybersecurity continues to become increasingly strategic with strong growth fueled by both cyclical as well as secular trends.
Venture Is Coming Out of the Pandemic Changed — Faster Deals With Greater Geographic Reach
It has yet to be seen exactly what new behaviors will stick post-pandemic, but it’s clear that we’ll continue to exercise many of the muscles developed this past year long after the pandemic has passed. While many have moved away from major tech hubs in the past year, we believe that the network effects associated with densely populated tech centers and the intangible benefits of in-person work will remain important. The Bay Area and New York will be just fine. At the same time, we believe that early-stage investing will continue to leverage the Zoom-ified work model leading long-term to faster investment processes and broader geographic reach.
It’s Not BYOD — It’s BYOH (Bring Your Own House)
Hybrid work is here to stay. This represents a disruptive shift in architecture of enterprise networks and computing. The full impact of this (and the related opportunities that emerge) will continue to play out for years. As hybrid work becomes permanent, CISOs will be increasingly responsible for security on networks and devices they scarcely control – nor should they want to — given delicate issues such as the privacy of non-work-related device usage and non-employee users on home networks.
Q1 Cybersecurity Deal Activity — Cyber Founders Have Been Busy
In Q1, DataTribe experienced a significant increase in the number of companies seeking financing. The number of startups approaching DataTribe for investment were up 80 percent for Q1 2021 over Q1 2020; however, Pitchbook reported a dip in early stage cyber deals closing for the quarter. This may be driven in part by factors specific just to DataTribe. However, we believe it’s a sign that deal volumes in the coming quarter will increase since the number of companies seeking investment is a forward-looking indicator of early stage cyber investments. The lower seed deal count in Q1 can likely be attributed to the impact of the pandemic on the process of entrepreneurs engaging with investors in Q3 and Q4 last year.
As we reported in our last update at the end of 2020, the round size continues to rise, alongside a steeper rise in valuations. While it is tempting to look for a relationship between these two data points, the data does not exist to support it – in many deals either capital invested or pre-money valuation might be reported, but rarely are both provided. As a result, this information gives us a directional outlook only. Both of these upward trends are in line with what we see in our day-to-day here at DataTribe.
Astonishing Unicorn Procreation
In Q121 there were 12 cyber companies that became unicorns. In fact, there have been a total of 31 cyber unicorns since 2008. Below you can see the pace of unicorn formation over time – the first quarter alone of 2021 established more unicorns than any prior year.
According to SecurityWeek, this is the list of cybersecurity unicorns as of March 30, 2021:
Illumio, Druva, KnowBe4, Cybereason, Kaseya, Acronis, Riskified
Armis, Verkada, SentinelOne, Snyk, Arctic Wolf Networks, Forter, Cato Networks, BigID, Venafi
Q1 – 2021
Lacework, OwnBackup, Feedzai, Aqua, Axonius, Wiz, ID.me, Socure, Orca Security, Coalition
An important driver in this unicorn trend is what is happening in broader financial markets. In the past ten years or so, we have seen one of the strongest bull markets in history. From 2011 to 2021, the NASDAQ has increased nearly 4x. This combined with historically low interest rates, produce a lot of capital seeking return. In an environment where there is robust capital availability, valuations will continue to rise given the scarcity of mature, growth-stage companies to invest in. With some later-stage startups returning spectacularly for investors, it has further accelerated the feedback loop drawing additional investment to unicorn-stage growth equity.
In addition to financial market drivers, there are also a number of factors contributing to cyber unicorn creation:
- Cyber is a large market that doesn’t exhibit strong winner-take-all dynamics like other parts of tech. So, there is space in the market for multiple unicorn-scale companies to form.
- Strong fundamental trends continue to attract investor interest:
- Cyber and privacy have increasingly become mainstream.
- The ongoing and pandemic-accelerated pace of digitalization of all aspects of life.
- Cybersecurity is less susceptible to downside risk in tough market conditions.
Thought of the Quarter
Security and Code Are Becoming One and the Same
Whether it’s traditional software development, firmware, or provisioning virtualized infrastructure through scripts — increasingly security is enforced through code. As well, lapses in security are increasingly rooted in software bugs. Application security and infrastructure-as-code, while seemingly mature, are still in the very early stages of enterprise adoption. It’s hard to overstate how big of a deal it is that software developers need to become more security-minded — and security teams need to level-up their software development skills. It’s a tectonic shift. The very foundation of how organizations have been set up to deliver and manage software and digital platforms is in flux. In looking at how companies truly get work done and ship software products, our sense of it is: the tail on the dog is sec not dev.
The New Presidential Administration Could Be a Big Influence on U.S. Cyber Strategy and Policy
Can it only have been a few months since Biden was sworn in…? Given the increasingly strategic nature of nation state activity in cybersecurity, and the urgency and attention created in the wake of the SolarWinds incident, changes in national leadership can have significant impact. President Biden seems to be leaning into cyber and has appointed a number of highly-respected career cybersecurity experts to key posts:
- Anne Neuberger, former NSA Director of Cybersecurity, to Deputy National Security Advisor for Cybersecurity on the National Security Council
- Jen Easterly, former NSA official and Senior Director for Counterterrorism on the National Security Council staff under Obama, to head CISA
- Chris Inglis, former NSA Deputy Director, to National Cyber Director
- Ron Moultrie, former Director of NSA National Security Operations Center, to Under Secretary of Defense Intelligence
Already this year, there have been executive orders issued or announced as in planning stages that cover: supply chain security, industrial control systems, and software product security. We’ll be continuing to watch as these orders and policy leadership drive change.
The Rise of China Will Continue to Bolster the Cyber Industry
Reports published by the intelligence community in April, documenting both near- and long-term risks, include cyber attacks from China as a leading threat to national security and private sector commerce. As a continuation of trends we have already seen widely publicized, the 2021 Annual Threat Assessment highlights that these attacks are increasingly likely to affect civilians, will continue to compromise software and IT service supply chains, to steal from U.S. and foreign businesses, and undermine financial institutions with laundering schemes.
The Center for Strategic & International Studies (CSIS) maintains a list of major cyber attacks worldwide, and documents nine major international attacks led by the Chinese since the start of 2021 alone. The most significant attack attributed to the Chinese against the United States this year was the widely reported hack of Microsoft email servers reported in March. Because the impacts of these attacks are growing, and the public is increasingly more aware of their vulnerabilities and their significance, the cybersecurity industry worldwide will continue to grow. We expect the impact of these attacks to bring what were once considered technical nuances to the fore of public discourse as critical infrastructure, much in the way the SolarWinds incident has.