Investing in Cyber Security Companies Swenson Advisors, LLP 7 th Annual Hot Topics October 7, 2014
Table of Contents Evolving Themes in the Threat landscape Gov t/commercial Market Opportunities Mapping Investment $$ to Themes/Markets Public Company Valuations Venture Capital Exits Trends For the Future Summary
Cyber Semantics Historical financial data does not exist as Cyber per se but is found in many traditional IT related categories such as: This also holds true for future budgeting and forecasting purposes; especially w/r/t the Gov t/dod world The point being is that you really have to look in several places and even then info is not classified in a consistent manner
Evolving Themes in the Threat Landscape
Evolving Themes in the Threat Landscape
Evolving Themes in the Threat Landscape
Evolving Themes in the Threat Landscape
Gov t/commercial Market Opportunities American Business Under Fire Currently, hackers are stealing ~$400B a year in intellectual property; (estimates vary but # is BIG) Homeland Security reported a 68% increase in cyber attacks at federal agencies, critical infrastructure and government partners. Gen. Keith Alexander, Director of the National Security Agency, describes these attacks as "the greatest wealth transfer in history." According to Gartner, corporations are expected to spend $67B in Info Sec this year and will grow to $93B in 2017 U.S. Government is increasing spending on cyber security (despite cuts elsewhere) Direct impact on Executive Officer Careers (Target, Nieman etc.) Boards are being held accountable
Gov t/commercial Market Opportunities Global Market From $68B in2013 to $120B in 2017 US Fed Gov $65B from 2013 to 2018
Public Company Valuations
Public Company Valuations
Venture Capital Investments Highlights: $5.2B across 807 deals in past 5 years 2013 record $1.7B in 240 deals and 18% deal growth and 31% funding growth YoY 2014 Notable Deals: Cloudera $160M (X) Okta $75M (E) Centrify $42M(E) Skyhigh $40M (C ) Shape $40M(X) Bit9 $38M (E) OpenDNS $35M (C ) Illumio $34M (B)
Venture Capital Investments Highlights: Series E grew 1% to 19% from 2009 to 2013 Mid-range fell from 54% to 33% in same period Big bets are now in Series A
Venture Capital Investments VC firms are expected to funnel $788 million in 2014 a 74% increase into ~40 early-stage cybersecurity startups this year; Examples of hot areas are cloud, mobile malware and botwalls..vc s are Looking for Innovative small companies with radical ideas.. Andreessen Horowitz is one of the most active venture capital investors in the security space
Venture Capital Investments Most Well-Funded Companies in Cybersecurity (Mobile Security) (Cloud identity mgmt)
Venture Capital Investments
Exits: M&A
Exits: M&A Highlights: M&A is dominant path ~95% IPO s are 4% of exits in past 3 years including: 2013 Fireye and Barracuda 2014 MobileIron and Imprivita
Exits: M&A Have each acquired 8 companies Acquired Sourcefire for $2.7B Cisco Banks On Sourcefire And Snort For Its Security Future.
$1B $2.7B ~10X R $.8B ~10XR
Select Initial Public Offerings Prior to 2013 Palo Alto Networks(Appliance based Firewall/Perimeter Defense Protection) (2012/$2.8B), Imperva (Data Center Security)(2011/$332M), Fortinet(Network Security appliances) (2009/$700M) Qualys(Network Security/Vulnerability Mgmt.) (2012/$400M) 2013 Barracuda Networks ($1.1B) Email and web security developer FireEye ($300M) Malware and Cyber attack protection 2014 MobileIron ($672M) Enterprise mobility management Imprivata ($342M) Identity and access management appliance CyberArk ($425M) Priveleged account protection Next up??..(good Technologies, Okta,..)
Select Initial Public Offerings
Trends for the Future
Trends for the Future Cisco says 50B connected Every Thing Becomes things by 2020 Big Data. a Point of Attack.Predictive analytics..cyber
Keys Going Forward There are two types of companies: those that know they ve been breached and those that haven t figured it out yet.the game is no longer about prevention; it s about detection Ted Schlein (Kleiner..) The business is pivoting into the egress issue more than the ingress issue. How do you limit the impact of the attack? If they want to get in really badly, they probably will Shaygan Kheradpir, CEO of Juniper Networks Inc.. In Closing: He Who Defends Everything Defends Nothing Frederick The Great FOCUS on PROTECTING CRITICAL DATA Security and Privacy need to be designed in not just Patch and Pray Band-Aids
Suggested Reading/Viewing The CyberWire (Daily Cyber News Feed) Rise Of The Hackers aired on the PBS show Nova(http://www.pbs.org/wgbh/nova/tech/rise-of-the-hackers.html) Threat Vector by Tom Clancy Cybersecurity: What Everyone Needs to Know (Dr. Peter Singer, Brookings Institute)