Data Breaches Boost Funding for Cybersecurity Startups

BT-AD101_CYBERV_16U_20150715182705.jpg

In the 2015 first half, venture firms invested $1.2 billion in cybersecurity startups
 
Before Max Krohn, the OkCupid co-founder, played online matchmaker, he had a far-less-romantic interest in cryptography. But he couldn’t see a way to make a living at it.
“Security startups never really did so well,” says Mr. Krohn, who studied computer science at Harvard University and the Massachusetts Institute of Technology. “There was not an example of a runaway success.”
That is changing, following major data breaches, as corporate customers and venture capitalists show increased interest in cybersecurity. Mr. Krohn and another OkCupid co-founder have a new startup, Keybase, which aims to make encryption easier to use. Wednesday drew its first outside investment, a $10.8 million round led by venture-capital firm Andreessen Horowitz.
On Monday, Google Capital, the search giant’s growth-equity fund, made its first cybersecurity investment, leading a $100 million round in Crowdstrike, known for outing Chinese and Russian hackers. Allegis Capital this month said it closed on $100 million toward a fund focused on cybersecurity. Three years ago, private-equity fund Blackstone Group had no cybersecurity investments; now it has seven.
“It’s almost like, ‘Who hasn’t been hacked?’ ” said Venky Ganesan, a managing director at Menlo Ventures who led the firm’s investment in BitSight Technologies, which gives companies a credit-score-like rating for computer defenses. In 2011, Menlo directed about 5% of a $400 million fund toward security startups, Mr. Ganesan said, and its current fund has dedicated about 20% to the field.

In the 2015 first half, venture firms invested $1.2 billion in cybersecurity startups, according to researcher CB Insights. That is down slightly from $1.4 billion a year earlier but up sharply from $771 million in 2013’s first half.
The shift is particularly notable at Andreessen Horowitz, which used to view security companies as necessary for Internet safety but less lucrative than other technology niches.
One reason is that cybersecurity startups were often acquired prior to an initial public offering, says Scott Weiss, an Andreessen Horowitz partner. Mr. Weiss sold his own security startup, IronPort Systems Inc., to Cisco Systems Inc. for $830 million in 2007.
Well-received offerings from companies including Palo Alto Networks Inc. in 2012 and FireEye Inc. in 2013 have altered that view. Partners at Andreessen Horowitz say they likely wouldn't have invested in a company like Keybase even two years ago. Over the past 13 months, the firm also made an unusually large $142 million bet on Tanium Inc., which tries to make it easier for companies to find vulnerable and infected machines on their networks.
Ted Schlein, a partner at Kleiner Perkins Caufield & Byers who has invested in security startups for two decades, says he has noticed more investors jumping into cybersecurity.
That is a risk for investors in cybersecurity companies, as is the rush of entrepreneurs suddenly flooding the space. Bob Ackerman, a managing director of Allegis Capital and another longtime investor in cybersecurity, says he sees a lot of me-too companies led by founders without experience in the field.
“This isn’t sharing-economy stuff,” says Mr. Ackerman, referring to companies like Uber Technologies Inc. and Airbnb Inc. that connect individuals looking for rides or rooms. “This is nerdy stuff.”
Another risk, Mr. Ackerman notes, is that every new piece of security technology is one data breach away from being obsolete.
Core to Keybase’s pitch is making it easier for users to trade public encryption keys, a crucial step in using PGP, the encryption protocol formally called Pretty Good Privacy. PGP is considered secure, but it’s clunky and nowhere near as simple as Facebook or Google.
Chris Dixon, the Andreessen Horowitz partner who led the investment, said he expects Keybase to let individuals use the service for free but charge enterprises for extra features. Krohn, the cofounder, said he wants to offer users an encrypted file-sharing tool and encrypted chat applications.
As a Harvard student in the late 1990s, Mr. Krohn worked on websites during the first tech boom alongside programmers with a hacking background. The interest rubbed off, he said.
After graduating in 1999, however, he and his friends were more interested solving more immediate problems, like dating. Hence OkCupid.
Mr. Krohn left the dating site in 2012 and pondered his next move with cofounder Chris Coyne. They became intrigued with simplifying encryption, and launched Keybase last year.
They initially didn’t see much commercial future in the startup, and spurned investment offers from venture capitalists, Messrs. Krohn and Dixon said.
A few breaches later, they too began to see it as a business.
“Five years ago, it would have been a very hard sell,” Mr. Krohn said. “Probably, it would have been, ’Sorry, no one cares about security, therefore this product doesn’t have much of a hope.’ ”
WSJ: http://on.wsj.com/1HweA7Z

« SurfWatch Labs Rolls Out Dark Web Intelligence Service
How Analytics Will Influence Connected Cars »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Ascentor

Ascentor

Ascentor specialises in independent information and cyber security consultancy. We’re experienced industry experts, providing cyber security services since 2004.

Webroot

Webroot

Webroot delivers next-generation endpoint security and threat intelligence services to protect businesses and individuals around the globe.

Eden Legal

Eden Legal

Eden Legal provides legal services on commercial and regulatory issues affecting digital businesses.

Micron Technology

Micron Technology

Micron is a global leader in the semiconductor industry providing memory and secure storage devices for Networks, Mobile devices and IoT applications.

Cysec Resource Co (CRC)

Cysec Resource Co (CRC)

We offer expertise in information and cyber security, sourcing individuals and teams who provide information security expertise to the public and private sector.

Westminster eForum

Westminster eForum

Wesrtminster eForum runs a series of conferences on matters relating to the UKs Digital Strategy. Topics include Smart Cities and Cyber Security.

Secnology

Secnology

Secnology is dedicated to developing and providing the most powerful and user friendly event analysis and security management solution.

TCN

TCN

TCN is an advanced System Integrator and Infrastructure Company in Albania.

Samoby

Samoby

Samoby provide a subscription solution for Mobile Threat Protection and usage control on Android and iOS devices.

Global Cybersecurity Forum (GCF)

Global Cybersecurity Forum (GCF)

Global Cybersecurity Forum is a catalyst platform designed to create a more resilient and better cyberworld for all.

Mobileum

Mobileum

Mobileum is a leading provider of Telecom analytics for roaming, security and risk management and end-to-end domestic and roaming testing solutions.

iSTORM

iSTORM

iStorm specialise in supporting organisations who require a range of Privacy, Security and Penetration testing related services.

Magna5

Magna5

Magna5 is a managed IT service provider focusing in network and server monitoring, backup and disaster recovery, cybersecurity, help desk and SD-WAN.

SphereX Technologies

SphereX Technologies

SphereX is the first on-chain security solution for Web3 applications.

Pango

Pango

Pango is a leading provider of digital consumer security solutions.

SOC-E

SOC-E

SOC-E is a leading technology provider for high-availability and deterministic networking, sub-microsecond synchronization and cybersecurity solutions for critical sectors.