The document provides an overview of the security industry, including current technologies, the startup landscape, and industry regulation. It discusses how data breaches are increasing in frequency and cost, driving growth in the security market from $55 billion in 2015 to a projected $128 billion by 2020. The top security technologies cover access control, endpoint protection, network threats, monitoring/forensics, and other areas. Recent investments have focused on infrastructure, cloud, and mobile security startups. Regulations have aimed to protect systems and information through laws like HIPAA, GLBA, and various cybersecurity acts.
3. Data breaches are here, and they’re not going away anytime soon
“We believe that data is the phenomenon of our time. It is the world’s
new natural resource. It is the new basis of competitive advantage, and it
is transforming every profession and industry. If all of this is true – even
inevitable – then cyber crime, by definition, is the greatest threat to every
profession, every industry, every company in the world.”
– IBM chairman, CEO and President Ginni Rometty
3
4. These trends get us most excited about security
4Source: Morgan Stanley
• Targeted attacks: sophisticated malware
attacks are avoiding traditional firewalls and
seeking vulnerable entities
• Nation-state involvement: nation-states are
increasingly funding attacks, driven by not
only economic incentives but also political
motives
• Dynamic malware: attackers can now sense
potential environment detection and
manipulate appearance
With the increase in the number of breaches in recent years, there is a growing perception amongst CISOs that the current security
paradigm isn’t effective enough.
Increasingly
malicious threat
environment
Expanding surface
area
Current security
ineffectiveness
• Cloud apps and infrastructure: we’re
witnessing a rise in vulnerability from the
increased adoption of cloud-based
applications
• Mobility: enterprises are looking to secure
mobile applications, as bring-your-own-
device (BYOD) becomes the new standard
• Internet of Things (IoT): rapid growth in the
number of connected devices is evident
• Incident count: number of security incidents
occurring annually is at an all-time high
• Incident cost: as it becomes more and more
costly to remediate hacks, enterprises will
continue to allocate a higher portion of their
IT budget on superior security products
5. 0
10
20
30
40
50
60
2009 2010 2011 2012 2013 2014 2015
5
Cybersecurity is a growing problem, despite increased spend on technology & services
Source: Morgan Stanley, press
Total number of cybersecurity incidents,
worldwide
Recent high-profile hacks
September 2016
May 2016
March 2016
September 2016
August 2016
7. Typical attack life cycle
7
Step 1
Research:
Hackers want PII, PHI
and PEI.
Step 5
Monetization:
They sell the data to
people who want it.
Step 4
Capture:
They take the data & store
it away slowly.
Step 2
Infiltration:
They attack.
Step 3
Discovery:
They’re inside. They find what
they are looking for.
8. $0
$20
$40
$60
$80
$100
$120
$140
2015 2016E 2017E 2018E 2019E 2020E
8
The security market is poised for robust growth
Source: Morgan Stanley
$55B
market
in 2015
$128B
market
by 2020
Security market (US$B)
10. …while non-government security spend is also on the rise
10Source: Forbes
$500m $400m $300m $250m
$1.5B spent on cybersecurity annually between these four alone…
AND THAT NUMBER IS EXPECTED TO GROW
The U.S. financial services cybersecurity market reached $9.5B in 2015, becoming the largest non-government cybersecurity market.
Annual
budget:
12. Access control
12Source: IDC, Morgan Stanley, Gartner
1) Identity & access management (IAM):
• Captures user identities and controls access to resources by checking user rights
and restrictions
• Is an area of increasing focus for enterprises as a number of recent high profile
breaches have resulted from insiders gaining access to critical files
• $5.5B market in 2015
2) Virtual private network (VPN):
• Creates secure connections between users at home or in remote offices and the
corporate network
• Creates a virtual tunnel using encryption and authentication protocols
• $0.5B market in 2015
3) Data loss prevention (DLP):
• Makes sure that users do not send critical information outside a corporate network,
with a dedicated administrator controlling what data users can transfer
• $0.9B market in 2015
Selective restriction of access to a place or other resource. Technologies include:
13. Endpoint threat prevention
13Source: IDC, Morgan Stanley, Gartner
1) Consumer endpoint:
• Includes personal firewalls and anti-virus
protection
• Also now beginning to prevent malware,
secure mobile devices and safeguard against
identity theft & online transactions
• $4.8B market in 2015
2) Corporate endpoint:
• Protects corporate devices from the
installation of malicious software that seeks
to disrupt business processes and / or steal
confidential data
• Multiple layers of protection, aiming to
identify, prevent, block and contain known
and unknown threats on devices themselves
• $4.4B market in 2015
Aims to protect the perimeter of the company. Technologies include:
14. Network threat prevention
14Source: IDC, Morgan Stanley, Momentum Partners
1) Firewall / unified threat management (UTM):
• Firewall: assesses traffic over a network and subsequently allows or denies network
access based on previously determined specifications and policies
• UTM: integrates a number of security features into one device, namely a firewall, network
intrusion detection & prevention as well as the securing of web / email gateways
• $7.7B market in 2015
2) Intrusion detection & prevention (IDP):
• Monitors the network continuously, informing IT teams when detecting security
violations or information leakage
• $2.2B market in 2015
3) Email / messaging security:
• Scans emails for spam, malware, viruses and phishing attempts; encrypts outbounds
• $2.0B market in 2015
4) Web security:
• Employs anti-malware to protect employees from accessing malicious websites, while
using web application firewalls (WAFs) to protect against external users attempting to
gain access to internal systems
• $2.0B market in 2015
Seeks to prevent unauthorized access to the corporate network. Technologies include:
15. Monitoring / forensics
15Source: IDC, Morgan Stanley, Gartner
1) Security information & event management (SIEM):
• Aggregates, standardizes and stores all of the data from network &
security devices
• Allows greater visibility into user activity, enabling enterprises to more
quickly identify malicious behavior
• $1.9B market in 2015
2) Vulnerability assessment:
• Scans enterprise infrastructure to identify vulnerabilities and remediate
exposure to threats
• Employs penetration testing products, which simulate attacks to find
potential areas of weakness
• $1.7B market in 2015
3) Forensics & incident investigation:
• Captures how an intrusion affects a company’s files & systems
• Uncovers historical vulnerabilities, which may have caused breaches, to
remediate future attacks
• $0.5B market in 2015
Aims to detect potential breaches quickly, remediate the problem and prevent future occurrences. Technologies include:
16. Other
16Source: IDC, Morgan Stanley
1) Policy & compliance:
• Helps companies remain compliant with the increasingly complex set
of security regulations
• Involves writing reports, providing audit information and establishing
security policies
• $1.2B market in 2015
2) Security system & configuration management:
• Increases visibility over enterprise perimeter security products, such as
firewalls and web security
• Used to configure and monitor the health of security systems
• $0.1B market in 2015
3) Security services:
• Include IT consulting and systems integration
• Help enterprises design their security architecture, deploy software
and integrate security products
• $19.4B market in 2015
Essentially anything else that hasn’t already been covered but falls within the larger cybersecurity umbrella. Technologies include:
17. Network threat
prevention, 25%
Endpoint threat
prevention, 17%
Access control,
13%Monitoring /
forensics, 7%
Other, 38%
Security industry by use case
17Source: Gartner
$55B market in
2015
Network and
endpoint protection
lead the way, with
the $19B security
services market
captured in “other”
Global security market breakdown, 2015
Note: “Other” bucket is comprised of policy & compliance, security system & configuration management and security services.
19. Selection criteria & analysis of sub segments
19Source: PitchBook
Tier 1:
1) Vertical: cybersecurity
2) Stage: incubator / angel (limited to Bay Area deals including either Y Combinator or 500 Startups), seed, series A
3) Deal date: last two years
4) Headquarters: California, Texas, Washington, Oregon, Colorado
Tier 2:
1) Vertical: cybersecurity
2) Stage: seed, series A
3) Deal date: last two years
4) Headquarters: New York, Massachusetts, D.C. area
PitchBook screen employing the following criteria:
Note: Data as of October 28, 2016.
20. 19
10
9 9
8
7
6
5 5
4 4 4 4
3
2 2 2
1 1 1 1 1 1 1
0
2
4
6
8
10
12
14
16
18
20
Tier 1 – led by infrastructure and cloud security
20Source: PitchBook
Note: Data as of October 28, 2016.
Security investments by type
110 companies total
21. 10
3 3
2 2 2 2
1 1 1 1 1 1 1 1
0
2
4
6
8
10
12
Tier 2 – east coast led by infrastructure, email / messaging and mobile security
21Source: PitchBook
Note: Data as of October 28, 2016.
Security investments by type
32 companies total
22. Areas we will be exploring for future security investments
22Source: Forbes, IDC, Gartner, TechEmergence, Grand View Research
IAM Infonomics
Cloud
security
IoT
IAM: $25B market projected
by 2022
Infonomics: “are all these
products worth their cost?” –
every CISO ever
IoT: over 25% of identified
attacks in enterprises will
involve IoT by 2020
Cloud security: 15% of
enterprise spend today, rising
to 33% by 2018
AI & machine learning
Verticals:
Horizontal
technology:
AI & machine learning: 22%
cyber intelligence market share
(#1 end market)
23. Prominent players within our focus areas
23Source: Morgan Stanley, PitchBook, Gartner, press
IAM Infonomics
Cloud
security
IoT
AI & machine learning
(Blue Coat & Elastica)
(Palerra)
24. Where our portfolio companies fit in all of this
24
Cloud / CASB
Endpoint – AI &
machine learning
Network
26. Top security investors – last three years
26
28
23
21
20 20
19
18
17
16
14 14 14 14 14
0
5
10
15
20
25
30
Source: Pitchbook
Note: Data as of October 18, 2016. Excludes accelerator & pre-seed rounds. Excludes individuals.
Top investors by # of security investments
Not considered top investor in last 12 months
27. 13
9
7 7 7
6 6 6
5 5 5 5 5 5
0
2
4
6
8
10
12
14
Top security investors – last twelve months
27Source: Pitchbook
Note: Data as of October 18, 2016. Excludes accelerator & pre-seed rounds. Excludes individuals.
Top investors by # of security investments
Only recently considered top investor in last 12 months
29. Regulations within the security industry have seen increased attention in recent years
29
Among other things, mandated that
healthcare organizations, financial
institutions and federal agencies
protect their systems & information.
However, some argued the language
within was too vague
1996 1999 2002 2003 2012 2013 2013
Health
Insurance
Portability and
Accountability
Act (HIPAA)
Gramm-Leach-
Bliley Act
Federal
Information
Security
Management
Act (FISMA);
part of
Homeland
Security Act
President’s
National
Strategy to
Secure
Cyberspace
(Bush)
Made Dept. of
Homeland
Security
responsible for
national security
guidance &
solutions
Aimed to create
standards for
protecting vital
infrastructure
Cybersecurity
Act of 2012
(failed to pass
through
Senate)
Improving
Critical
Infrastructure
Cybersecurity
(White House-
issued)
Allows the
Executive Branch
to share
information
about threats
with companies
& individuals
Protects against
lawsuits aimed
at companies
that disclose
breach
information
Cyber
Intelligence
Sharing and
Protection Act
(CISPA)
2015
Cybersecurity
National
Emergency
Declared
(Obama)
Executive order
to include $14B
for cybersecurity
spending in
2016 budget