2014-15 Cybersecurity Venture Funding and M&A

N
Nick Normile
S 2014-15 Cybersecurity Venture and M&A What are the Trends? Nick Normile August 2015
Which subsectors are getting funded? These 16 stand out: Subsector Purpose Anomaly Detection Detects anomalous activity on the network. Usually used for Insider threats (DarkTrace, RedOwl) Bug Bounty Platform for hosting bug bounties (HackerOne, Synack). Cloud Security Protects corporate data / applications in the cloud (Adallom, HyTrust). Code Security Analysis Scans source code for vulnerabilities (Checkmarx, BugCrowd). Data Security Traditional DLP and companies that protect data (enSilo, Ionic). Endpoint Protection Traditional and next-gen antivirus and related tools (CrowdStrike, Tanium). Fraud detection Detection / mitigation of transaction fraud (Pindrop Security, fraudmetrix) Identity & Access Mgmt Identity verification and permissions management solutions (Thycotic, Duo). I used data from CB Insights, Mattermark, and CrunchBase. I scrubbed the data, and categorized each company by subsector.
Subsector Purpose Incident Management Companies that manage the necessary workflow post-incident (PagerDuty, Co3 Systems). Mobile Security Mobile device management and other companies focused on securing mobile phones (Hypori, Mocana). Network Security Traditional intrusion prevention, network monitoring and related solutions (Tenable, AirTight). Secure Communications Solutions for secure email, text and other forms of communication (Silent Circle, Rubicon Labs). Security Ratings Companies that provide ratings on companies’ security status (Bitsight, Security Scorecard). Security Training Anti-phishing and related training for corporate employees (PhishMe, Wombat) Threat Intelligence Solutions that monitor external and internal networks for potential threats (Cyphort, iSight). Web Security Secure web gateways and related products (Zscaler, Menlo Security) Which subsectors are getting funded (cont)?
Where did the Money Go? 2014 $2.1 Billion in cybersecurity funding across 231 rounds $0 $50 $100 $150 $200 $250 $300 $350 0 5 10 15 20 25 30 35 40 45 50 # of Rounds Funding
Anomaly Detection 2% Cloud Security 10% Code Security Analysis 1% Data Security 8% Endpoint Protection 6% Fraud detection 10% IAM 16% Incident Management 4% Mobile Security 6% Network Security 19% Secure Communi- cations 4% Threat Intelligence 7% Web Security 5% Companies Funded Anomaly Detection 2% Cloud Security 14% Code Security Analysis 2% Data Security 5% Endpoint Protection 12% Fraud detection 5% IAM 15% Incident Management 3% Mobile Security 12% Network Security 14% Secure Communi- cations 3% Threat Intelligence 7% Web Security 5% Funding Received 2014 Endpoint protection companies received 12% of funding despite representing just 6% of funded companies
Where did the Money Go? 2015 $1.87 Billion in cybersecurity funding across 164 rounds thus far (8/12) $0 $50 $100 $150 $200 $250 $300 $350 0 5 10 15 20 25 30 # of Rounds Funding
Anomaly Detection 6% Bug Bounty 1% Cloud Security 7% Code Security Analysis 1% Data Security 9% Endpoint Protection 7% Fraud detection 10% IAM 15% Mobile Security 8% Network Security 13% Secure Communi- cations 4% Security Ratings 1% Security Training 1% Threat Intelligence 7% Web Security 9% Companies Funded Anomaly Detection 5% Bug Bounty 3% Cloud Security 12% Code Security Analysis 5% Data Security 8% Endpoint Protection 16%Fraud detection 6% IAM 9% Mobile Security 5% Network Security 7% Secure Communi- cations 4% Security Ratings 2% Security Training 1% Threat Intelligence 8% Web Security 10% Funding Received Endpoint protection companies continue to get the big checks: EPP companies received 16% of funding despite representing just 8% of funded companies 2015
Compare 2015 to this time 2014* We’ve seen an 11% increase in # of rounds over this time last year (164 vs. 147), but a more than 36% increase in funding ($1.87B vs. $1.37B) *The period 1/1/14 through 8/12/14 0 5 10 15 20 25 30 35 # of Funding Rounds 2014 2015 $0 $50 $100 $150 $200 $250 $300 $350 Total Funding 2014 2015
Where is the increase coming from? Not from the distribution of round type — that has stayed relatively constant. Pre Series A 27% Series A 32% Series B 13% Series C 8% Late 12% Debt 8% 2014 # of Rounds (through 8/12) Pre Series A 26% Series A 27% Series B 16% Series C 12% Late 9% Debt 10% 2015 # of Rounds
Not from the distribution of funding by round type — late stage funding as a share of total funding decreased by 10% in 2015 (although the share of funding coming from late + Series C rounds stayed constant at around 50%). Pre Series A 3% Series A 18% Series B 26% Series C 28% Late 22% Debt 3% 2015 Funding Pre Series A 3% Series A 22% Series B 24% Series C 17% Late 32% Debt 2% 2014 Funding (through 8/12)
It is coming from the across-the-board increase in amount of funding provided in each round. This largely holds for both the mean and median. 0.9 6.4 17.5 19.4 25.8 2.3 1.3 7.4 17.7 27.7 27.6 3.8 $0 $5 $10 $15 $20 $25 $30 Pre Series A Series A Series B Series C Late Debt Mean Round Size 2014 2015 0.5 6.0 12.0 19.0 16.5 0.51.0 6.9 17.0 24.5 13.4 2.3 $0 $5 $10 $15 $20 $25 $30 Pre Series A Series A Series B Series C Late Debt Median Round Size 2014 2015
What About the Exits? IAM companies represented ¼ of the 60 cybersecurity exits in 2014. There have been just 23 exits in 2015 (as of 8/12). There were 40 by this time last year. Cloud Security, 6, 10% Data Security, 3, 5% Endpoint Protection, 3, 5% Fraud detection, 7, 12% IAM, 15, 25% Mobile Security, 10, 17% Network Security, 8, 13% Secure Communicatio ns, 3, 5% Threat Intelligence, 2, 3% Web Security, 3, 5% 2014 Anomaly Detection, 1, 4% Cloud Security, 4, 17% Code Security Analysis, 1, 4% Data Security, 2, 9% Fraud detection, 2, 9% IAM, 3, 13% Mobile Security, 2, 9% Network Security, 3, 13% Unified Threat Management*, 3, 13% Threat Intelligence, 1, 4% Web Security, 1, 4% 2015 *Unified Threat Management refers to Websense, Fidelis and Blue Coat
Key Takeaways S Endpoint protection companies continue to receive an outsized portion of funding relative to the # of companies funded (think Tanium, Cylance, Crowdstrike). S Round sizes are increasing — especially in Series C rounds (think Crowdstrike and Illumio). Is the Series C the new pre-IPO round? S Cybersecurity M&A (in # of deals) is way down. Are high valuations scaring strategic buyers away? I’m wary about drawing conclusions from less than two full years of data, but…
Thanks for Reading! S I’m a college student at the University of Pennsylvania going into my senior year. I’m passionate about tech and tech investing. You can sign up for my cybersecurity newsletter here, and read past issues here. S Email me with any questions or feedback! normile@wharton.upenn.edu
1 of 14

2014-15 Cybersecurity Venture Funding and M&A

Download to read offline
Data & Analytics

An overview of the subsectors and industry trends

N
Nick Normile

Recommended

Where Flow Charts Don’t Go -- Website Security Statistics Report (2015) by
Where Flow Charts Don’t Go -- Website Security Statistics Report (2015)Where Flow Charts Don’t Go -- Website Security Statistics Report (2015)
Where Flow Charts Don’t Go -- Website Security Statistics Report (2015)Jeremiah Grossman
2.1K views34 slides
15 Years of Web Security: The Rebellious Teenage Years by
15 Years of Web Security: The Rebellious Teenage Years15 Years of Web Security: The Rebellious Teenage Years
15 Years of Web Security: The Rebellious Teenage YearsJeremiah Grossman
2.6K views29 slides
No More Snake Oil: Why InfoSec Needs Security Guarantees by
No More Snake Oil: Why InfoSec Needs Security GuaranteesNo More Snake Oil: Why InfoSec Needs Security Guarantees
No More Snake Oil: Why InfoSec Needs Security GuaranteesJeremiah Grossman
4.6K views39 slides
Best of Both Worlds: Correlating Static and Dynamic Analysis Results by
Best of Both Worlds: Correlating Static and Dynamic Analysis ResultsBest of Both Worlds: Correlating Static and Dynamic Analysis Results
Best of Both Worlds: Correlating Static and Dynamic Analysis ResultsJeremiah Grossman
2.7K views43 slides
Cost of Cybercrime Study in Financial Services: 2019 Report by
Cost of Cybercrime Study in Financial Services: 2019 ReportCost of Cybercrime Study in Financial Services: 2019 Report
Cost of Cybercrime Study in Financial Services: 2019 Reportaccenture
21.4K views26 slides
Risk Management on the Internet by
Risk Management on the InternetRisk Management on the Internet
Risk Management on the Internetsekiur
469 views32 slides

More Related Content

What's hot

The CyberScope - Q2 2015 Market Review by
The CyberScope - Q2 2015 Market ReviewThe CyberScope - Q2 2015 Market Review
The CyberScope - Q2 2015 Market Reviewresultsig
648 views11 slides
Building Cyber Resilience in the Digital Economy by
Building Cyber Resilience in the Digital EconomyBuilding Cyber Resilience in the Digital Economy
Building Cyber Resilience in the Digital EconomyAgus Wicaksono
419 views11 slides
WhiteHat Security Website Statistics [Full Report] (2013) by
WhiteHat Security Website Statistics [Full Report] (2013)WhiteHat Security Website Statistics [Full Report] (2013)
WhiteHat Security Website Statistics [Full Report] (2013)Jeremiah Grossman
3K views53 slides
Innovate for Cyber Resilience by
Innovate for Cyber ResilienceInnovate for Cyber Resilience
Innovate for Cyber Resilienceaccenture
24.3K views7 slides
Is the SOC working as a viable business model (or security model)? by
Is the SOC working as a viable business model (or security model)?Is the SOC working as a viable business model (or security model)?
Is the SOC working as a viable business model (or security model)?Jonathan Sinclair
140 views30 slides
India Threat Lanscape as per Symantec Research by
India Threat Lanscape as per Symantec ResearchIndia Threat Lanscape as per Symantec Research
India Threat Lanscape as per Symantec ResearchMehul Doshi
265 views3 slides

What's hot(20)

The CyberScope - Q2 2015 Market Review by resultsig
The CyberScope - Q2 2015 Market ReviewThe CyberScope - Q2 2015 Market Review
The CyberScope - Q2 2015 Market Review
resultsig648 views
Building Cyber Resilience in the Digital Economy by Agus Wicaksono
Building Cyber Resilience in the Digital EconomyBuilding Cyber Resilience in the Digital Economy
Building Cyber Resilience in the Digital Economy
Agus Wicaksono419 views
WhiteHat Security Website Statistics [Full Report] (2013) by Jeremiah Grossman
WhiteHat Security Website Statistics [Full Report] (2013)WhiteHat Security Website Statistics [Full Report] (2013)
WhiteHat Security Website Statistics [Full Report] (2013)
Jeremiah Grossman3K views
Innovate for Cyber Resilience by accenture
Innovate for Cyber ResilienceInnovate for Cyber Resilience
Innovate for Cyber Resilience
accenture24.3K views
Is the SOC working as a viable business model (or security model)? by Jonathan Sinclair
Is the SOC working as a viable business model (or security model)?Is the SOC working as a viable business model (or security model)?
Is the SOC working as a viable business model (or security model)?
Jonathan Sinclair140 views
India Threat Lanscape as per Symantec Research by Mehul Doshi
India Threat Lanscape as per Symantec ResearchIndia Threat Lanscape as per Symantec Research
India Threat Lanscape as per Symantec Research
Mehul Doshi265 views
A CISO's Guide to Cyber Liability Insurance by SecureAuth
A CISO's Guide to Cyber Liability InsuranceA CISO's Guide to Cyber Liability Insurance
A CISO's Guide to Cyber Liability Insurance
SecureAuth507 views
Verizon DBIR 2021 by SOCRadar Inc
Verizon DBIR 2021Verizon DBIR 2021
Verizon DBIR 2021
SOCRadar Inc499 views
Cyber-Defenders-2020 by Takayuki Yamazaki
Cyber-Defenders-2020Cyber-Defenders-2020
Cyber-Defenders-2020
Takayuki Yamazaki141 views
6º Resseguro - A Evolução do Risco Cibernético e seu Impacto no Seguro - Kara... by CNseg
6º Resseguro - A Evolução do Risco Cibernético e seu Impacto no Seguro - Kara...6º Resseguro - A Evolução do Risco Cibernético e seu Impacto no Seguro - Kara...
6º Resseguro - A Evolução do Risco Cibernético e seu Impacto no Seguro - Kara...
CNseg151 views
12 Top Talks from the 2017 R-CISC Summit by Tripwire
12 Top Talks from the 2017 R-CISC Summit12 Top Talks from the 2017 R-CISC Summit
12 Top Talks from the 2017 R-CISC Summit
Tripwire2.2K views
Issp for Uadigitals 2019 by Elena Peday
Issp for Uadigitals 2019Issp for Uadigitals 2019
Issp for Uadigitals 2019
Elena Peday89 views
Innovate for Cyber Resilience by accenture
Innovate for Cyber ResilienceInnovate for Cyber Resilience
Innovate for Cyber Resilience
accenture10.8K views
How secure is your company's information? by eLeaP
How secure is your company's information?How secure is your company's information?
How secure is your company's information?
eLeaP78 views
Scalar_Security_Overview October 2015 by patmisasi
Scalar_Security_Overview October 2015Scalar_Security_Overview October 2015
Scalar_Security_Overview October 2015
patmisasi221 views
Networkers cyber security market intelligence report by Simon Clements FIRP DipRP
Networkers cyber security market intelligence reportNetworkers cyber security market intelligence report
Networkers cyber security market intelligence report
Simon Clements FIRP DipRP173 views
Ponemon Report: When Trust Online Breaks, Businesses Lose Customers by Venafi
Ponemon Report: When Trust Online Breaks, Businesses Lose CustomersPonemon Report: When Trust Online Breaks, Businesses Lose Customers
Ponemon Report: When Trust Online Breaks, Businesses Lose Customers
Venafi762 views
CIS 2015- #FAIL No More, The Rise of the Self Defending Enterprise- Nishant K... by CloudIDSummit
CIS 2015- #FAIL No More, The Rise of the Self Defending Enterprise- Nishant K...CIS 2015- #FAIL No More, The Rise of the Self Defending Enterprise- Nishant K...
CIS 2015- #FAIL No More, The Rise of the Self Defending Enterprise- Nishant K...
CloudIDSummit390 views
Cyber_security_survey201415_2 by Stephanie Crates
Cyber_security_survey201415_2Cyber_security_survey201415_2
Cyber_security_survey201415_2
Stephanie Crates338 views
Rising Menace of Phishing Attacks | Info Graphic | QPS by Quatrro Processing Services (QPS)
Rising Menace of Phishing Attacks | Info Graphic | QPSRising Menace of Phishing Attacks | Info Graphic | QPS
Rising Menace of Phishing Attacks | Info Graphic | QPS
Quatrro Processing Services (QPS)215 views

Similar to 2014-15 Cybersecurity Venture Funding and M&A

Joint Presentation on The State of Cybersecurity ('15-'16) & Third Party Cyb... by
Joint Presentation on The State of Cybersecurity ('15-'16) & Third Party Cyb...Joint Presentation on The State of Cybersecurity ('15-'16) & Third Party Cyb...
Joint Presentation on The State of Cybersecurity ('15-'16) & Third Party Cyb...Rishi Singh
325 views42 slides
Scale vp wisegate-investing-in_security_innovation_aug2014-gartner_catalyst by
Scale vp wisegate-investing-in_security_innovation_aug2014-gartner_catalystScale vp wisegate-investing-in_security_innovation_aug2014-gartner_catalyst
Scale vp wisegate-investing-in_security_innovation_aug2014-gartner_catalystBill Burns
1K views48 slides
11 19-2015 - iasaca membership conference - the state of security by
11 19-2015 - iasaca membership conference - the state of security11 19-2015 - iasaca membership conference - the state of security
11 19-2015 - iasaca membership conference - the state of securityMatthew Pascucci
229 views29 slides
Securing the Cloud by
Securing the CloudSecuring the Cloud
Securing the CloudGGV Capital
40.8K views19 slides
Segurinfo2014 Santiago Cavanna by
Segurinfo2014 Santiago CavannaSegurinfo2014 Santiago Cavanna
Segurinfo2014 Santiago CavannaSantiago Cavanna
2.2K views39 slides
Retail Week: Cloud Security by
Retail Week: Cloud SecurityRetail Week: Cloud Security
Retail Week: Cloud SecurityDatapipe
555 views18 slides

Similar to 2014-15 Cybersecurity Venture Funding and M&A(20)

Joint Presentation on The State of Cybersecurity ('15-'16) & Third Party Cyb... by Rishi Singh
Joint Presentation on The State of Cybersecurity ('15-'16) & Third Party Cyb...Joint Presentation on The State of Cybersecurity ('15-'16) & Third Party Cyb...
Joint Presentation on The State of Cybersecurity ('15-'16) & Third Party Cyb...
Rishi Singh325 views
Scale vp wisegate-investing-in_security_innovation_aug2014-gartner_catalyst by Bill Burns
Scale vp wisegate-investing-in_security_innovation_aug2014-gartner_catalystScale vp wisegate-investing-in_security_innovation_aug2014-gartner_catalyst
Scale vp wisegate-investing-in_security_innovation_aug2014-gartner_catalyst
Bill Burns1K views
11 19-2015 - iasaca membership conference - the state of security by Matthew Pascucci
11 19-2015 - iasaca membership conference - the state of security11 19-2015 - iasaca membership conference - the state of security
11 19-2015 - iasaca membership conference - the state of security
Matthew Pascucci229 views
Securing the Cloud by GGV Capital
Securing the CloudSecuring the Cloud
Securing the Cloud
GGV Capital40.8K views
Segurinfo2014 Santiago Cavanna by Santiago Cavanna
Segurinfo2014 Santiago CavannaSegurinfo2014 Santiago Cavanna
Segurinfo2014 Santiago Cavanna
Santiago Cavanna2.2K views
Retail Week: Cloud Security by Datapipe
Retail Week: Cloud SecurityRetail Week: Cloud Security
Retail Week: Cloud Security
Datapipe555 views
PandaLabs Reveals its Predictions for Cybersecurity Trends in 2018 by Panda Security
PandaLabs Reveals its Predictions for Cybersecurity Trends in 2018PandaLabs Reveals its Predictions for Cybersecurity Trends in 2018
PandaLabs Reveals its Predictions for Cybersecurity Trends in 2018
Panda Security 485 views
ThreatMetrix ARRC 2016 presentation by Ted Egan by Ken Lam
ThreatMetrix ARRC 2016 presentation by Ted EganThreatMetrix ARRC 2016 presentation by Ted Egan
ThreatMetrix ARRC 2016 presentation by Ted Egan
Ken Lam643 views
15 Years of Web Security: The Rebellious Teenage Years by Jeremiah Grossman
15 Years of Web Security: The Rebellious Teenage Years15 Years of Web Security: The Rebellious Teenage Years
15 Years of Web Security: The Rebellious Teenage Years
Jeremiah Grossman6.2K views
What lies ahead? 2016 Cyber Security Predictions from Symantec in the EMEA (E... by Symantec
What lies ahead? 2016 Cyber Security Predictions from Symantec in the EMEA (E...What lies ahead? 2016 Cyber Security Predictions from Symantec in the EMEA (E...
What lies ahead? 2016 Cyber Security Predictions from Symantec in the EMEA (E...
Symantec2.2K views
The 10 most trusted cyber security solution providers 2018 by Insights success media and technology pvt ltd
The 10 most trusted cyber security solution providers 2018The 10 most trusted cyber security solution providers 2018
The 10 most trusted cyber security solution providers 2018
Insights success media and technology pvt ltd343 views
Luncheon - 2016-05-19 IBM Security - Threat Intelligence by Michael Montecillo by North Texas Chapter of the ISSA
Luncheon - 2016-05-19 IBM Security - Threat Intelligence by Michael MontecilloLuncheon - 2016-05-19 IBM Security - Threat Intelligence by Michael Montecillo
Luncheon - 2016-05-19 IBM Security - Threat Intelligence by Michael Montecillo
North Texas Chapter of the ISSA507 views
Complicate, detect, respond: stopping cyber attacks with identity analytics by CA Technologies
Complicate, detect, respond: stopping cyber attacks with identity analyticsComplicate, detect, respond: stopping cyber attacks with identity analytics
Complicate, detect, respond: stopping cyber attacks with identity analytics
CA Technologies1.7K views
2016 trustwave global security report by Marco Antonio Agnese
2016 trustwave global security report2016 trustwave global security report
2016 trustwave global security report
Marco Antonio Agnese120 views
Accounting for Cyber Risks - How much does Cyber actually cost the Industry? by Jef Lacson
Accounting for Cyber Risks - How much does Cyber actually cost the Industry?Accounting for Cyber Risks - How much does Cyber actually cost the Industry?
Accounting for Cyber Risks - How much does Cyber actually cost the Industry?
Jef Lacson511 views
Key Findings from the 2015 IBM Cyber Security Intelligence Index by IBM Security
Key Findings from the 2015 IBM Cyber Security Intelligence IndexKey Findings from the 2015 IBM Cyber Security Intelligence Index
Key Findings from the 2015 IBM Cyber Security Intelligence Index
IBM Security6.2K views
EndpointSecurityConcerns2014 by Peggy Lawless
EndpointSecurityConcerns2014EndpointSecurityConcerns2014
EndpointSecurityConcerns2014
Peggy Lawless133 views
Transport Forum 201511 lin by Danie Schoeman
Transport Forum 201511 linTransport Forum 201511 lin
Transport Forum 201511 lin
Danie Schoeman323 views
Security in the Hybrid Cloud Now and in 2016 by IDG Connect
Security in the Hybrid Cloud Now and in 2016 Security in the Hybrid Cloud Now and in 2016
Security in the Hybrid Cloud Now and in 2016
IDG Connect630 views
Cybersecurity In The Cognitive Era: Priming Your Digital Immune System by IBM Security
Cybersecurity In The Cognitive Era: Priming Your Digital Immune SystemCybersecurity In The Cognitive Era: Priming Your Digital Immune System
Cybersecurity In The Cognitive Era: Priming Your Digital Immune System
IBM Security675 views

Recently uploaded

Customer Data Cleansing Project.pptx by
Customer Data Cleansing Project.pptxCustomer Data Cleansing Project.pptx
Customer Data Cleansing Project.pptxNat O
6 views23 slides
Running PostgreSQL in a Kubernetes cluster: CloudNativePG by
Running PostgreSQL in a Kubernetes cluster: CloudNativePGRunning PostgreSQL in a Kubernetes cluster: CloudNativePG
Running PostgreSQL in a Kubernetes cluster: CloudNativePGNick Ivanov
7 views29 slides
Inawsidom - Data Journey by
Inawsidom - Data JourneyInawsidom - Data Journey
Inawsidom - Data JourneyPhilipBasford
9 views38 slides
6498-Butun_Beyinli_Cocuq-Daniel_J.Siegel-Tina_Payne_Bryson-2011-259s.pdf by
6498-Butun_Beyinli_Cocuq-Daniel_J.Siegel-Tina_Payne_Bryson-2011-259s.pdf6498-Butun_Beyinli_Cocuq-Daniel_J.Siegel-Tina_Payne_Bryson-2011-259s.pdf
6498-Butun_Beyinli_Cocuq-Daniel_J.Siegel-Tina_Payne_Bryson-2011-259s.pdf10urkyr34
7 views259 slides
Listed Instruments Survey 2022.pptx by
Listed Instruments Survey 2022.pptxListed Instruments Survey 2022.pptx
Listed Instruments Survey 2022.pptxsecretariat4
130 views12 slides
Underfunded.pptx by
Underfunded.pptxUnderfunded.pptx
Underfunded.pptxvgarcia19
15 views7 slides

Recently uploaded(20)

Customer Data Cleansing Project.pptx by Nat O
Customer Data Cleansing Project.pptxCustomer Data Cleansing Project.pptx
Customer Data Cleansing Project.pptx
Nat O6 views
Running PostgreSQL in a Kubernetes cluster: CloudNativePG by Nick Ivanov
Running PostgreSQL in a Kubernetes cluster: CloudNativePGRunning PostgreSQL in a Kubernetes cluster: CloudNativePG
Running PostgreSQL in a Kubernetes cluster: CloudNativePG
Nick Ivanov7 views
Inawsidom - Data Journey by PhilipBasford
Inawsidom - Data JourneyInawsidom - Data Journey
Inawsidom - Data Journey
PhilipBasford9 views
6498-Butun_Beyinli_Cocuq-Daniel_J.Siegel-Tina_Payne_Bryson-2011-259s.pdf by 10urkyr34
6498-Butun_Beyinli_Cocuq-Daniel_J.Siegel-Tina_Payne_Bryson-2011-259s.pdf6498-Butun_Beyinli_Cocuq-Daniel_J.Siegel-Tina_Payne_Bryson-2011-259s.pdf
6498-Butun_Beyinli_Cocuq-Daniel_J.Siegel-Tina_Payne_Bryson-2011-259s.pdf
10urkyr347 views
Listed Instruments Survey 2022.pptx by secretariat4
Listed Instruments Survey 2022.pptxListed Instruments Survey 2022.pptx
Listed Instruments Survey 2022.pptx
secretariat4130 views
Underfunded.pptx by vgarcia19
Underfunded.pptxUnderfunded.pptx
Underfunded.pptx
vgarcia1915 views
PRIVACY AWRE PERSONAL DATA STORAGE by antony420421
PRIVACY AWRE PERSONAL DATA STORAGEPRIVACY AWRE PERSONAL DATA STORAGE
PRIVACY AWRE PERSONAL DATA STORAGE
antony4204218 views
DGST Methodology Presentation.pdf by maddierlegum
DGST Methodology Presentation.pdfDGST Methodology Presentation.pdf
DGST Methodology Presentation.pdf
maddierlegum7 views
shivam tiwari.pptx by AanyaMishra4
shivam tiwari.pptxshivam tiwari.pptx
shivam tiwari.pptx
AanyaMishra49 views
Lack of communication among family.pptx by ahmed164023
Lack of communication among family.pptxLack of communication among family.pptx
Lack of communication among family.pptx
ahmed16402316 views
AvizoImageSegmentation.pptx by nathanielbutterworth1
AvizoImageSegmentation.pptxAvizoImageSegmentation.pptx
AvizoImageSegmentation.pptx
nathanielbutterworth17 views
Dr. Ousmane Badiane-2023 ReSAKSS Conference by AKADEMIYA2063
Dr. Ousmane Badiane-2023 ReSAKSS ConferenceDr. Ousmane Badiane-2023 ReSAKSS Conference
Dr. Ousmane Badiane-2023 ReSAKSS Conference
AKADEMIYA20635 views
LIVE OAK MEMORIAL PARK.pptx by ms2332always
LIVE OAK MEMORIAL PARK.pptxLIVE OAK MEMORIAL PARK.pptx
LIVE OAK MEMORIAL PARK.pptx
ms2332always8 views
Analytics Center of Excellence | Data CoE |Analytics CoE| WNS Triange by RNayak3
Analytics Center of Excellence | Data CoE |Analytics CoE| WNS TriangeAnalytics Center of Excellence | Data CoE |Analytics CoE| WNS Triange
Analytics Center of Excellence | Data CoE |Analytics CoE| WNS Triange
RNayak35 views
CRM stick or twist workshop by info828217
CRM stick or twist workshopCRM stick or twist workshop
CRM stick or twist workshop
info82821714 views
Inawisdom Quick Sight by PhilipBasford
Inawisdom Quick SightInawisdom Quick Sight
Inawisdom Quick Sight
PhilipBasford8 views
CRM stick or twist.pptx by info828217
CRM stick or twist.pptxCRM stick or twist.pptx
CRM stick or twist.pptx
info82821711 views
Best Home Security Systems.pptx by mogalang
Best Home Security Systems.pptxBest Home Security Systems.pptx
Best Home Security Systems.pptx
mogalang9 views
AZConf 2023 - Considerations for LLMOps: Running LLMs in production by SARADINDU SENGUPTA
AZConf 2023 - Considerations for LLMOps: Running LLMs in productionAZConf 2023 - Considerations for LLMOps: Running LLMs in production
AZConf 2023 - Considerations for LLMOps: Running LLMs in production
SARADINDU SENGUPTA9 views
VoxelNet by taeseon ryu
VoxelNetVoxelNet
VoxelNet
taeseon ryu20 views

2014-15 Cybersecurity Venture Funding and M&A

  • 1. S 2014-15 Cybersecurity Venture and M&A What are the Trends? Nick Normile August 2015
  • 2. Which subsectors are getting funded? These 16 stand out: Subsector Purpose Anomaly Detection Detects anomalous activity on the network. Usually used for Insider threats (DarkTrace, RedOwl) Bug Bounty Platform for hosting bug bounties (HackerOne, Synack). Cloud Security Protects corporate data / applications in the cloud (Adallom, HyTrust). Code Security Analysis Scans source code for vulnerabilities (Checkmarx, BugCrowd). Data Security Traditional DLP and companies that protect data (enSilo, Ionic). Endpoint Protection Traditional and next-gen antivirus and related tools (CrowdStrike, Tanium). Fraud detection Detection / mitigation of transaction fraud (Pindrop Security, fraudmetrix) Identity & Access Mgmt Identity verification and permissions management solutions (Thycotic, Duo). I used data from CB Insights, Mattermark, and CrunchBase. I scrubbed the data, and categorized each company by subsector.
  • 3. Subsector Purpose Incident Management Companies that manage the necessary workflow post-incident (PagerDuty, Co3 Systems). Mobile Security Mobile device management and other companies focused on securing mobile phones (Hypori, Mocana). Network Security Traditional intrusion prevention, network monitoring and related solutions (Tenable, AirTight). Secure Communications Solutions for secure email, text and other forms of communication (Silent Circle, Rubicon Labs). Security Ratings Companies that provide ratings on companies’ security status (Bitsight, Security Scorecard). Security Training Anti-phishing and related training for corporate employees (PhishMe, Wombat) Threat Intelligence Solutions that monitor external and internal networks for potential threats (Cyphort, iSight). Web Security Secure web gateways and related products (Zscaler, Menlo Security) Which subsectors are getting funded (cont)?
  • 4. Where did the Money Go? 2014 $2.1 Billion in cybersecurity funding across 231 rounds $0 $50 $100 $150 $200 $250 $300 $350 0 5 10 15 20 25 30 35 40 45 50 # of Rounds Funding
  • 5. Anomaly Detection 2% Cloud Security 10% Code Security Analysis 1% Data Security 8% Endpoint Protection 6% Fraud detection 10% IAM 16% Incident Management 4% Mobile Security 6% Network Security 19% Secure Communi- cations 4% Threat Intelligence 7% Web Security 5% Companies Funded Anomaly Detection 2% Cloud Security 14% Code Security Analysis 2% Data Security 5% Endpoint Protection 12% Fraud detection 5% IAM 15% Incident Management 3% Mobile Security 12% Network Security 14% Secure Communi- cations 3% Threat Intelligence 7% Web Security 5% Funding Received 2014 Endpoint protection companies received 12% of funding despite representing just 6% of funded companies
  • 6. Where did the Money Go? 2015 $1.87 Billion in cybersecurity funding across 164 rounds thus far (8/12) $0 $50 $100 $150 $200 $250 $300 $350 0 5 10 15 20 25 30 # of Rounds Funding
  • 7. Anomaly Detection 6% Bug Bounty 1% Cloud Security 7% Code Security Analysis 1% Data Security 9% Endpoint Protection 7% Fraud detection 10% IAM 15% Mobile Security 8% Network Security 13% Secure Communi- cations 4% Security Ratings 1% Security Training 1% Threat Intelligence 7% Web Security 9% Companies Funded Anomaly Detection 5% Bug Bounty 3% Cloud Security 12% Code Security Analysis 5% Data Security 8% Endpoint Protection 16%Fraud detection 6% IAM 9% Mobile Security 5% Network Security 7% Secure Communi- cations 4% Security Ratings 2% Security Training 1% Threat Intelligence 8% Web Security 10% Funding Received Endpoint protection companies continue to get the big checks: EPP companies received 16% of funding despite representing just 8% of funded companies 2015
  • 8. Compare 2015 to this time 2014* We’ve seen an 11% increase in # of rounds over this time last year (164 vs. 147), but a more than 36% increase in funding ($1.87B vs. $1.37B) *The period 1/1/14 through 8/12/14 0 5 10 15 20 25 30 35 # of Funding Rounds 2014 2015 $0 $50 $100 $150 $200 $250 $300 $350 Total Funding 2014 2015
  • 9. Where is the increase coming from? Not from the distribution of round type — that has stayed relatively constant. Pre Series A 27% Series A 32% Series B 13% Series C 8% Late 12% Debt 8% 2014 # of Rounds (through 8/12) Pre Series A 26% Series A 27% Series B 16% Series C 12% Late 9% Debt 10% 2015 # of Rounds
  • 10. Not from the distribution of funding by round type — late stage funding as a share of total funding decreased by 10% in 2015 (although the share of funding coming from late + Series C rounds stayed constant at around 50%). Pre Series A 3% Series A 18% Series B 26% Series C 28% Late 22% Debt 3% 2015 Funding Pre Series A 3% Series A 22% Series B 24% Series C 17% Late 32% Debt 2% 2014 Funding (through 8/12)
  • 11. It is coming from the across-the-board increase in amount of funding provided in each round. This largely holds for both the mean and median. 0.9 6.4 17.5 19.4 25.8 2.3 1.3 7.4 17.7 27.7 27.6 3.8 $0 $5 $10 $15 $20 $25 $30 Pre Series A Series A Series B Series C Late Debt Mean Round Size 2014 2015 0.5 6.0 12.0 19.0 16.5 0.51.0 6.9 17.0 24.5 13.4 2.3 $0 $5 $10 $15 $20 $25 $30 Pre Series A Series A Series B Series C Late Debt Median Round Size 2014 2015
  • 12. What About the Exits? IAM companies represented ¼ of the 60 cybersecurity exits in 2014. There have been just 23 exits in 2015 (as of 8/12). There were 40 by this time last year. Cloud Security, 6, 10% Data Security, 3, 5% Endpoint Protection, 3, 5% Fraud detection, 7, 12% IAM, 15, 25% Mobile Security, 10, 17% Network Security, 8, 13% Secure Communicatio ns, 3, 5% Threat Intelligence, 2, 3% Web Security, 3, 5% 2014 Anomaly Detection, 1, 4% Cloud Security, 4, 17% Code Security Analysis, 1, 4% Data Security, 2, 9% Fraud detection, 2, 9% IAM, 3, 13% Mobile Security, 2, 9% Network Security, 3, 13% Unified Threat Management*, 3, 13% Threat Intelligence, 1, 4% Web Security, 1, 4% 2015 *Unified Threat Management refers to Websense, Fidelis and Blue Coat
  • 13. Key Takeaways S Endpoint protection companies continue to receive an outsized portion of funding relative to the # of companies funded (think Tanium, Cylance, Crowdstrike). S Round sizes are increasing — especially in Series C rounds (think Crowdstrike and Illumio). Is the Series C the new pre-IPO round? S Cybersecurity M&A (in # of deals) is way down. Are high valuations scaring strategic buyers away? I’m wary about drawing conclusions from less than two full years of data, but…
  • 14. Thanks for Reading! S I’m a college student at the University of Pennsylvania going into my senior year. I’m passionate about tech and tech investing. You can sign up for my cybersecurity newsletter here, and read past issues here. S Email me with any questions or feedback! normile@wharton.upenn.edu