Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.


09:10 AM

Rapid Growth in Security Market Raises Question: How to Pick a Startup

VCs weigh in with their advice on how to select a startup with staying power when purchasing security solutions and services.

VCs have invested more than $2.7 billion into cybersecurity companies so far this year, funding a new round of startups in a market that already supports more than 1,400 vendors, according to estimates. Most experts agree that despite skyrocketing market growth, not all of these startups will survive.

For enterprises, the rapid growth of startups and new ventures presents an opportunity to find better, faster and cheaper solutions to security challenges. But it also presents a dilemma: how to choose startups that will be around for the long haul.

Market Growth

Information security spending is expected to surge to $101 billion by 2020 – up 36.5% from 2016 figures, according to IDC. Meanwhile, nearly 40% of organizations surveyed in Dark Reading's 2017 Security Spending Survey Report indicated they expect to spend 10% or more of their IT budgets on cybersecurity.

But rapid market growth doesn't automatically translate to success for the many startups entering the market. In fact, many venture capitalists believe a number of today's startups will eventually fail.

"Venture money is shifting to the winners in each category and those winners will get bigger. We're starting to see this shift happen now. What could eventually happen is some companies in this space will fall out and not survive," says Arun Mathew, a partner at venture capital firm Accel Partners. "Five years from now, it is more likely than not that we'll see fewer security companies than we do now, but it will happen gradually."

He adds that his sense is the industry overall is at a plateau in terms of an expansion.

Endpoint security is one sector where fallout is likely, Mathew says. "CrowdStrike is an endpoint company in our portfolio. At last count, there were 100 endpoint vendors - and not all of them will survive."

The security industry is currently undergoing a massive shift in the type of products and services customers are seeking and, as a result, as with any industry facing a large shift consolidation usually accompanies it, says Martin Casado, a general partner with venture capital firm Andreessen Horowitz. But that consolidation is usually followed by an explosion of new players similar to an occurrence of a Cambrian explosion, he adds. (A Cambrian explosion is the evolutionary burst that is believed to have created most major animal groups).

Strong Startup Partners

Startups offer a range of intriguing solutions for enterprises, ranging from next-gen antivirus to machine learning. Many startups promise to solve cybersecurity problems that still plague organizations, often with technology that is faster and cheaper than current alternatives.

But the harsh reality is that 25% of startups across all industries fail after the first year and 44% by the third, according to figures from Statistic Brain Research Institute. And in the information technology sector, specifically, only 37% are still operating after four years, the Statistic Brain report notes.

The question for enterprises, then, is how to choose a security startup that not only has good technology, but that will still be around to support it in a few years.

One data point is to look at emerging technologies that seem to be garnering the most traction among venture capitalists, who will help their financial future until they are ready to fly solo.

One factor to look for is the startup's ability to cut down on the noise in security operations, experts say. "The market is shifting to simplification. We now have more alerts than people want to deal with, so they are seeking ways to simplify the security operations center [SOC]," Casado says. Security for industrial IoT and physical security for drones, smart cameras, and smart locks are also areas to watch, he states.  

Consolidation of security technology in the data center is another shift occurring in the security industry, says Mathew. He notes customers want to standardize their security products across fewer platforms. Over a period of time, customers want to try everything, but then switch to just a few vendors, Mathew says.

Other security technologies that are catching attention include security detection and mitigation technology, along with application security, BYOD security, and intelligence and analytics security technologies, say industry analysts and experts.

Not Just a Technology Issue

Enterprises should not only evaluate a startup's technology, but its financial standing and its management before entering into a multi-year contract with a young company, experts say.

For example, evaluate the caliber of the venture capitalists who have invested in the company. Enterprises should ask themselves if it is a well-known, tier 1 venture capital company, says Aaron Jacobson, a principal at venture firm New Enterprise Associates (NEA).

Another critical area to consider is the experience of the management team.

"When you look at the management team, it helps if they have domain expertise, or have been a successful security entrepreneur in the past that is able to attract continued funding," Jacobson says. "Serial entrepreneurs will be more likely to make that company successful."                                                                                              

Request the startup's customer list and specifically look for organizations that are of similar size, industry, geography, and face common problems as your own organization, Mathew advises. Jacobson also noted companies need to ask the startup when was the last time they signed up a customer - if it has been awhile, then that should raise a red flag,

Members of the security industry can also be a valuable resource. "The security industry is a tight, close-knit group of people and you should talk to those in the industry who you respect and see if they have ever used the startup before," Mathew says.

Enterprises should also look for signs that a startup may soon be going under. One sign is an inability to raise another funding round from previous or new investors, Jacobson says.

"You should ask how long it's been since they raised money and did it come from existing investors," Jacobson says. "If they've had a lot of change in management and can't get investors, then that is a sign things are not going well."

Future Cybersecurity Startup Market

Before plunging into a contract to secure solutions or services from a cybersecurity startup, organizations should ask these five key questions:

  • When did your organization receive its last funding round and did it come from existing investors?
  • Who are your investors?
  • Can you tell me about your management team and their experience in this industry and running a startup?
  • How long has each of your management team members been with the company and did they replace someone?
  • Can you provide me a customer list and tell me the last time you signed up a customer?

Related Content:

Dawn Kawamoto is an Associate Editor for Dark Reading, where she covers cybersecurity news and trends. She is an award-winning journalist who has written and edited technology, management, leadership, career, finance, and innovation stories for such publications as CNET's ... View Full Bio

Recommended Reading:

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
User Rank: Apprentice
12/31/2017 | 3:37:16 PM
perfect Dawn Kawamoto excellent article :)
COVID-19: Latest Security News & Commentary
Dark Reading Staff 8/3/2020
Pen Testers Who Got Arrested Doing Their Jobs Tell All
Kelly Jackson Higgins, Executive Editor at Dark Reading,  8/5/2020
Browsers to Enforce Shorter Certificate Life Spans: What Businesses Should Know
Kelly Sheridan, Staff Editor, Dark Reading,  7/30/2020
Register for Dark Reading Newsletters
White Papers
Cartoon Contest
Current Issue
Special Report: Computing's New Normal, a Dark Reading Perspective
This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
Flash Poll
The Changing Face of Threat Intelligence
The Changing Face of Threat Intelligence
This special report takes a look at how enterprises are using threat intelligence, as well as emerging best practices for integrating threat intel into security operations and incident response. Download it today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
PUBLISHED: 2020-08-05
In Contour ( Ingress controller for Kubernetes) before version 1.7.0, a bad actor can shut down all instances of Envoy, essentially killing the entire ingress data plane. GET requests to /shutdown on port 8090 of the Envoy pod initiate Envoy's shutdown procedure. The shutdown procedure includes flip...
PUBLISHED: 2020-08-05
In Sulu before versions 1.6.35, 2.0.10, and 2.1.1, when the "Forget password" feature on the login screen is used, Sulu asks the user for a username or email address. If the given string is not found, a response with a `400` error code is returned, along with a error message saying that th...
PUBLISHED: 2020-08-05
Unexpected behavior violation in McAfee Total Protection (MTP) prior to 16.0.R26 allows local users to turn off real time scanning via a specially crafted object making a specific function call.
PUBLISHED: 2020-08-05
The ATOS/Sips (aka Atos-Magento) community module 3.0.0 to 3.0.5 for Magento allows command injection.
PUBLISHED: 2020-08-05
In etcd before versions 3.3.23 and 3.4.10, it is possible to have an entry index greater then the number of entries in the ReadAll method in wal/wal.go. This could cause issues when WAL entries are being read during consensus as an arbitrary etcd consensus participant could go down from a runtime pa...