YOU ARE DOWNLOADING DOCUMENT

Please tick the box to continue:

Transcript
Page 1: The Cyber Security Landscape: An OurCrowd Briefing for Investors

Copyright ©2014 MTC. All rights reserved. All trademarks, trade names, services marks and logos referenced herein belong to their respective companies. 1

The Cyber Security Landscape An OurCrowd Briefing

Ron Moritz 27 May 2014

Page 2: The Cyber Security Landscape: An OurCrowd Briefing for Investors

Copyright ©2014 MTC. All rights reserved. All trademarks, trade names, services marks and logos referenced herein belong to their respective companies.

Your hosts

2

Zack Miller

Head of investor community @OurCrowd

Ron Moritz

Advisor, consultant and OurCrowd mentor

Page 3: The Cyber Security Landscape: An OurCrowd Briefing for Investors

Copyright ©2014 MTC. All rights reserved. All trademarks, trade names, services marks and logos referenced herein belong to their respective companies.

OurCrowd’s portfolio

3

Cyber Security companies in our portfolio

Page 4: The Cyber Security Landscape: An OurCrowd Briefing for Investors

Copyright ©2014 MTC. All rights reserved. All trademarks, trade names, services marks and logos referenced herein belong to their respective companies.

What is Cyber Security?

§ Cyber security – the evolution of a name - EDP controls à IT audit à IT security à computer security à

network security à OT security à cyber security - Practices, tools and concepts dealing with CIA

§ CIA: confidentiality, integrity, and availability of information § But also CIA of systems, network communications, operations

- Terminology and solutions often derived from defense industry

§ Cyber security includes offensive capabilities - The use of IT to respond to threats by attacking adversaries

§ Why spray RAID to kill what you see when you can spread ant honey that is carried back to the nest and destroys the colony?

- Historically government domain, emerging enterprise capability

§ The dog in the night that has not yet barked? - Often likened to insurance, today compared to braking systems

that enable high-performance cars to go faster 4

Page 5: The Cyber Security Landscape: An OurCrowd Briefing for Investors

Copyright ©2014 MTC. All rights reserved. All trademarks, trade names, services marks and logos referenced herein belong to their respective companies.

Security Cycles & Investor Appetite: Generations of Cyber Security

§ Before the Web: early viruses, LANs, PCs, floppy disks -  Limited access, isolated networks, slow propagation of threat

§ 1993: Mosaic and the rise of the commercial Internet (FUD 1.0) -  First generation of program code travelling across the ‘net

§ 2000: dot-com bubble burst (double-digit sec spend as % of IT) -  Most IT spend slowed but Internet on-ramp required cyber security

§ 2002: inflection point (FUD 1.5) -  Global technology companies proclaim commitment to security (MSFT, CSCO, CA)

§ 2005: consumer Internet distraction -  Web 2.0, the rise of social media, industrial disintermediation, $50K startups

§ 2008: global economic crash -  No appetite for enterprise infrastructure solutions (IT budget squeeze)

§ 2011: media focus on all things cyber (FUD 2.0) -  Plus emerging pressure from mobile personal device (smartphone) market

§ 2013: Snowden and the fragility of the Internet (anti-FUD?) -  Risk becomes real, NSA disclosure become personal, Target breach impacts CxOs

5

Page 6: The Cyber Security Landscape: An OurCrowd Briefing for Investors

Copyright ©2014 MTC. All rights reserved. All trademarks, trade names, services marks and logos referenced herein belong to their respective companies.

Two Real Cyber Security Drivers

§ Governments and corporations are under attack - Cyber hack problem is no longer simply a nuisance

§  litigation and criminal complaints based on weak systems of control and the lack of reasonable cyber security strategy

- Snowden was sensational but NSA snooping was personal § validated and went beyond what experts thought was possible

- 05/2014 DoJ China nation-state industrial espionage disclosure § aggressive government-sponsored electronic espionage

against corporations (and other governments)

§ Direct impact on executive officer careers - Convergence of risk following Target, Niemen Marcus, and other

well publicized breaches (impact broad, shockwaves resonate) -  IT budgets again being freed-up for the development of new

products, services which require strengthening of digital defenses

6

Page 7: The Cyber Security Landscape: An OurCrowd Briefing for Investors

Copyright ©2014 MTC. All rights reserved. All trademarks, trade names, services marks and logos referenced herein belong to their respective companies.

Businesses Under Fire

§ Organizations are exposed more than ever -  Increasing number and variety of threats and risks - New attacks - targeted and purposeful

§ Hackers are stealing around $250B/year in IP - NSA Director, Gen. Keith Alexander, calls these attacks "the

greatest wealth transfer in history"

§ Significant YoY increases in cyber attacks - DHS reported a 68% increase in cyber attacks in 2012 at federal

agencies, government partners, and against critical infrastructure - Symantec reported attacks on companies rose 42% in 2012

§ U.S. government is increasing spending in cyber security (despite cuts elsewhere)

7

Page 8: The Cyber Security Landscape: An OurCrowd Briefing for Investors

Copyright ©2014 MTC. All rights reserved. All trademarks, trade names, services marks and logos referenced herein belong to their respective companies.

Macro Cyber Security Topics

§ Cloud Computing: Data Center Security Redefined - Distributed Control, Ownership of Data Assets

§ Advanced Persistent Threats (Network & End-Point) - Detect and Contain Sophisticated and Targeted Attacks -  Intelligence Dissemination and Threat Remediation

§ Mobility and Device Security - Secure Mobile Applications, Consumerization (BYOD)

§ Risk Management - Regulatory, Integrity, Compliance, Business Continuity, Social Media

§ Identity & Access Management - Authentication, Authorization, Access Control

§ Verticalization: Security with a Sector / Industry Focus - No longer one-size-fits all: industries (govt., healthcare, finserv,

energy & utilities, oil & gas, manufacturing, education) are demanding solutions more attune with their unique challenges

8

Page 9: The Cyber Security Landscape: An OurCrowd Briefing for Investors

Copyright ©2014 MTC. All rights reserved. All trademarks, trade names, services marks and logos referenced herein belong to their respective companies.

Gartner Nexus of Forces

§ Pervasive Access - mobile

§ Global Delivery - cloud

§ Big Context - information

§ Extreme Behavior - social

9

A tsunami of change rocking the IT world (David Cowen, Bessemer)

Page 10: The Cyber Security Landscape: An OurCrowd Briefing for Investors

Copyright ©2014 MTC. All rights reserved. All trademarks, trade names, services marks and logos referenced herein belong to their respective companies.

Cyber Security Trends (1 of 3)

§ Enhanced use of encryption - more careful attention to the maintenance and proper

configuration of existing encryption systems

§ Increased scrutiny of internal data use - behavioral analytic technologies to monitor users within the

company as well as end users accessing company apps -  increasing alerts (situational awareness) around suspicious

behavior that accompanies theft or attack with malware

§ Resistance to cloud technology - huge rewards for companies and end users in terms of efficiency

and access to both information and applications - offset by security liabilities that accompany cloud technology and

create a drag on the speed of adoption (cybersec ≈ car brakes)

10

Page 11: The Cyber Security Landscape: An OurCrowd Briefing for Investors

Copyright ©2014 MTC. All rights reserved. All trademarks, trade names, services marks and logos referenced herein belong to their respective companies.

Cyber Security Trends (2 of 3)

§ Risk assessment and software analysis -  front-line (but back-office) defenses such as screening software

for vulnerabilities, keeping software up-to-date (patched) to avoid known weaknesses, improved exercising of software

- better engineering due to secure coding standards and practices

§ More destructive attacks -  real damage to computer systems and stored data from targeted

attacks launched by political and cause-focused hacktivist groups

§ Rising levels of smartphone malware - more security efforts directed to mobile platforms and biz apps

§ Phishing and hacking of individual users - access to account credentials while avoiding sophisticated

enterprise security measures (people are the weakest link)

11

Page 12: The Cyber Security Landscape: An OurCrowd Briefing for Investors

Copyright ©2014 MTC. All rights reserved. All trademarks, trade names, services marks and logos referenced herein belong to their respective companies.

Cyber Security Trends (3 of 3)

§ More sophisticated malware - better encryption of and more sophisticated malicious code allow

attackers to evade virus detection and removal tools (AV dead?)

§ Active defense (honeypots and other traps) -  to convince hackers that they are in their target area, when

they’ve actually been diverted and trapped in a shell where they can be easily identified and in some cases, retaliated against

§ Threat follow up (MSSP ≈ Associated Press model) -  requires manpower organizations don’t have so active monitoring

and maintenance by MSSPs and external forensics experts

§ Fast response (security and threat intelligence)*

-  fraud tools and intelligence platforms to investigate, track and analyze events post-facto with near real-time clarity (e-forensics) and to make actionable information available to IT staff

12

*Security and threat intelligence is like teen sex …

Page 13: The Cyber Security Landscape: An OurCrowd Briefing for Investors

Copyright ©2014 MTC. All rights reserved. All trademarks, trade names, services marks and logos referenced herein belong to their respective companies.

Money Follows Problems: A Concentration of Risk

§ New threat vectors once again an obstacle to Internet-fueled growth plans (mobile and cloud) - So cash is being thrown at possible solutions

§ Security is in the conversation at the board level - 80% of G2K reporting cyber security preparations to the board

§ Gartner estimates 39% increase in security spend: - From $67B (in 2013) to $93B (in 2017)

§ Makes cyber security ripe for the harvest - The 8.7% annual growth rate is compelling metric for investors

§ Cyberattack news onslaught is making a difference - VCs move quickly to fund startups that could solve problems

discussed in cyberattack headlines

13

Page 14: The Cyber Security Landscape: An OurCrowd Briefing for Investors

Copyright ©2014 MTC. All rights reserved. All trademarks, trade names, services marks and logos referenced herein belong to their respective companies.

Money Follows Problems: A Cyber Security Boom?

§ The cyber security market is in a renaissance - Estimated global investment in private cyber security companies:

§ 2011 cybersecurity funding was up 94% over 2010 § 2012 funding was estimated to have been $1.0B §  In 2013, ~$1.5B was invested in ~240 cyber security startups

§ No end in sight -  Likely in anticipation of a deal-making boom:

§  The average valuation for each VC round raised in 2013 rose by 41% over 2012 to $31.5 million

§  In comparison, the increase between 2011 and 2012 was 26%

§ Caveat emptor - Are we in or approaching a cyber security bubble?

§ Because cyber security private company valuations more than doubled in past two years, there is an uneasy feeling.

§ Demands exceptional diligence and the art of the long view

14

Page 15: The Cyber Security Landscape: An OurCrowd Briefing for Investors

Copyright ©2014 MTC. All rights reserved. All trademarks, trade names, services marks and logos referenced herein belong to their respective companies.

Money Follows Problems: New Exit Opportunities

§ Mergers and Acquisitions (M&A) - 23 cyber security M&A deals in 2013, 9 in Q1 2014, 8 in Q2 2014

§ Cisco ß NDS, ProofPoint ß Amortize Technologies, Blue Coat ß Solera Networks, Cisco ß Sourcefire ($2.7B or ~10x annual revenue), IBM ß Trusteer ($800M or ~10x annual revenue), Fireeye ß Mandiant ($1B)

- Average cyber security enterprise value / revenue multiple of 9.9x §  Impressive but will always be dwarfed by consumer internet and

social media deals since cyber security growth and risk are lower

§ Initial Public Offering (IPO) -  Palo Alto Networks, Imperva, Qualys, Baracuda, FireEye (hot $300M

IPO in September 2013 with $5B market cap today), Varonis, Cyber-Ark (in process)

§ Private Equity Carve-Outs and Roll-Ups - $200M Insight (PE) bet on Airwatch (2013) followed by $1.5B

VMWare acquisition (2014)

15

Page 16: The Cyber Security Landscape: An OurCrowd Briefing for Investors

Copyright ©2014 MTC. All rights reserved. All trademarks, trade names, services marks and logos referenced herein belong to their respective companies.

Money Follows Problems: A Fragmented Market

§ No dominant leader -  There is no single enterprise with a large enough share of the market

to be able to influence the industry’s direction § Symantec and McAfee, the two biggest players in the industry, are

followers and not leaders; they have been unable to influence - An acquisitive growth strategy that will position one company to

dominate the industry, like Cisco in the 1990s, remains a possibility

§ The increasing variety of threats … - Requires rapid innovation and short development cycles

§  a challenge for bigcos and an opportunity for nimble startups who can carve out a market niche via unique products and services

§ Coddling via cyber-security focused initiatives - Mach37 Cybersecurity Accelerator (Virginia) -  JVP National Cybersecurity Incubator (BGU, Beer Sheva) - Cisco Israel Cybersecurity Incubator (John Chambers, May 2013) -  Lockheed Martin and GE cyber security R&D centers in Israel

16

Page 17: The Cyber Security Landscape: An OurCrowd Briefing for Investors

Copyright ©2014 MTC. All rights reserved. All trademarks, trade names, services marks and logos referenced herein belong to their respective companies.

On Cyber Security M&As

§ Multiples are at all-time high - Big players must buy revenue growth through acquisitions - M&A activity will remain high (energize brands, buy mkt. share)

§ Money pouring in but a VC pull-back is possible - Not likely in the near term but probable as value plays dry up - Great “A” tech but limited execution capability in “B” teams

§ IPO option open but consolidation will continue - Hackers thwart legacy solutions forcing innovation acquisitions - With limited growth-stage funding available, M&A activity jumps

§ M&A drivers -  Integrated software suite leaders in need of innovation - Evolving platforms such as software-defined data centers - Online (cloud) service providers creating new security challenges - Non-traditional acquirers (outside or adjacent spaces or eco-system)

17

Page 18: The Cyber Security Landscape: An OurCrowd Briefing for Investors

Copyright ©2014 MTC. All rights reserved. All trademarks, trade names, services marks and logos referenced herein belong to their respective companies.

Expertise Counts: Finding the Winners

§ Domain expertise is key (for investors and buyers) - Does the team have deep backgrounds in the sector? - Do they understand how customers bought software in the past? - Do they know how they are buying now (the buying cycle)? - Do they understand how and what channels work? - Do they grasp the intricacies of and how pricing models work? - Do they know how to listen to customers and prioritize features?

§ Does the team really know its vertical market? - How many people really understand healthcare and cloud technology

and how to roll that out? - Do they understand their position in and are they attuned to nuances

of and know how to leverage their eco-system? - What do they know about their target customer and buyer and how

to access them? - Do they really understand and value their competitors and do they

have a legitimate “break-out” plan?

18

Page 19: The Cyber Security Landscape: An OurCrowd Briefing for Investors

Copyright ©2014 MTC. All rights reserved. All trademarks, trade names, services marks and logos referenced herein belong to their respective companies.

Pre-Submitted Questions § What was the process to funding regarding traction of an idea and or product? -  Entrepreneur team commitment and full engagement: is this an “A” team? -  Pitch review (new venture business plan outline): is this an “A” opportunity? -  Initial meetings (phone, face-to-face) and vetting of team: can they execute? -  Term sheet enables deep-dive (technical due diligence): is the solution real? -  Customer (or prospect) and independent expert validation: is the market real? -  Finally, is this something that can be explained clearly and is it exciting?

§ How were the first customers captured? -  Street-fighting: Typically entrepreneurs leverage personal networks to secure

initial meetings and lock-in a sponsor or champion

§ What level of funding are they raising and what is the use of funds? -  If they’ve validated the solution and market and secured early adopters then

funds are typically for sales and marketing in the United States and $3M is the recommended minimum gunpowder (above and beyond cost of maintaining existing operations)

-  If they’ve not yet validated then $250K to $500K will typically allow them to develop early prototypes, secure development partners, and validate some basic assumptions (first milestone)

19

Page 20: The Cyber Security Landscape: An OurCrowd Briefing for Investors

Copyright ©2014 MTC. All rights reserved. All trademarks, trade names, services marks and logos referenced herein belong to their respective companies.

Ron’s Radar

§ Encryption – it is time yet? - Secure communication – the need is not universal but timing is

relevant: Silent Circle (Zimmerman’s PGP reboot)*, Wikr (message self-destruction), Threema (encrypted What’s App)

-  Protecting the data inside the cloud and in transit – security, policy carried w/data (Vaultive, Porticor, Covertix)

§ Cloud-based security services – enabling the cloud - Easier to deploy, cheaper to manage, code is always up-to-date - Correlation of data from multiple incidents (SumoLogic, CTCH) - Web site security and acceleration (Fireblade)

§ Threat intelligence – needle in the haystack - Cylance, ThreatMetrix and Seculert are examples

§ Fraud-prevention – sensor-supported policies -  Transaction decisions based on more than user ID and password like

geo-location input (XYVerify) and continuous authentication of users throughout transaction session (BioCatch)

- Device fingerprinting/reputation and big-data analysis (Iovation)

20

*Just raised $30M to develop a “blackphone”

Page 21: The Cyber Security Landscape: An OurCrowd Briefing for Investors

Copyright ©2014 MTC. All rights reserved. All trademarks, trade names, services marks and logos referenced herein belong to their respective companies.

Big Data will Revolutionize the Future of Cyber Security

§ Big data offers intelligence-driven models -  Analytics will play key role in detecting crime, security infractions

§ Big data analytics à Bigger threat map = TMI -  Enables enterprises to combine and correlate external and internal information

to better assess threats to them and their industry

§ Data analysis evolution enables advances in predictive capabilities and real-time decision automation -  Moving closer to precognition (science imitates art: “Minority Report”) -  Gartner claims that by 2016, more than 25% of global firms will adopt big

data analytics for at least one security and fraud detection use case (such as detection of advanced threats, insider threats and account takeover) up from current 8%

§ Big data will change most of the product categories in the field of computer security (but we’re in the early days) -  Impact on all existing solutions (conventional firewalls, anti-malware, data

loss prevention, network monitoring, authentication and authorization of users, identity management, fraud detection, systems of governance, risk and compliance, etc.)

-  Disruption creates all sorts of opportunities for emerging tech companies -  Result is ongoing industry fragmentation, no dominant market share leader

21

Page 22: The Cyber Security Landscape: An OurCrowd Briefing for Investors

Copyright ©2014 MTC. All rights reserved. All trademarks, trade names, services marks and logos referenced herein belong to their respective companies.

“Character is much easier kept than recovered”

§ Security still a knee-jerk reaction to an attack - Spend not correlated to revenue (or direct expense reduction) - BYOD as an example

§ IT infra security still a one-time, ad hoc effort - But more security is now embedded within daily operations

§ Security as a broad collection of technologies - Still not an inherent, proactive and continual aspect of

governance

§ Cybersecurity never gets solved - Like an antibiotic-resistant bacteria: attackers adapt to defenses

and render them obsolete (David Cowen, Bessemer)

22

Thomas Paine, US patriot & political philosopher (1737 - 1809)

Page 23: The Cyber Security Landscape: An OurCrowd Briefing for Investors

The Cyber Security Landscape An OurCrowd Briefing

Ron Moritz Managing Director, MTC Venture Consulting

+972 72 272 4450 +1 650 618 9560

[email protected]

@RonMoritz

http://www.il.linkedin.com/in/ronmoritz/

Page 24: The Cyber Security Landscape: An OurCrowd Briefing for Investors

Copyright ©2014 MTC. All rights reserved. All trademarks, trade names, services marks and logos referenced herein belong to their respective companies.

Questions about OurCrowd

24

Any Questions?

For feedback or more information:

[email protected]

https://www.ourcrowd.com/


Related Documents