Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Threat Intelligence

12:00 PM
Connect Directly

Spending Spree: What's on Security Investors' Minds for 2019

Cybersecurity threats, technology, and investment trends that are poised to dictate venture capital funding in 2019.

The new year will bring waves of consolidation and innovation to the cybersecurity market as investors decide which startups will provide the strongest defenses to businesses in need of them.

Global spending on security products and services will close out the year in excess of $114 billion, marking a 12.4% increase from 2017, Gartner research indicates. Next year, the security market is expected to grow 8.7% and hit $124 billion as security leaders aim to use technology to help organizations become more competitive, addressing a broad landscape of risks and varying corporate needs.

As we look to 2019, investors are weighing these risks and needs as they allocate funds toward the companies and technologies holding the most promise for next year. But before we think about the year ahead, let's first recap the year we're leaving behind.

A Look Back: 2018 in Hindsight
According to Hank Thomas, CEO and partner at Strategic Cyber Ventures (SCV), 2018 "was really about people playing catch-up with the attack surface that had gotten out of control." 

The top questions companies were asking this past year: "Where is my data?" "What is my most important data?" "Where does my network begin and end?" "What do I need to protect?" "What does my rapidly expanding attack surface look like, and how do I protect it?"

Security was top-of-mind for private equity firms, which spent 2018 building out their infosec portfolios. Thoma Bravo, for example, in May took a majority stake in LogRhythm, a security information and event management (SIEM) company. It later bought security firm Imperva for $2.1 billion in October, which was followed by a $950 million acquisition of Veracode the next month.

The trend affected both large and early-stage companies as private equity players were willing to consider startups in their B or C funding rounds and bring them into the fold, explains Jeff Pollard, Forrester vice president and principal analyst serving security and risk professionals.

"It definitely appears the private equity firms … they've figured out a way to make money off cybersecurity," he explains. While their end game is still "a bit up in the air," he also expects the trend of private equity cybersecurity investment to continue into 2019.

This year also saw security startups exit as bigger firms snapped them up. Automation and analytics were hot technologies for giants including Microsoft and Amazon, neither of which are traditional security firms but are interested in integrating analytics into their feature sets. Other traditional firms invested to address weak spots like identity, says Pollard: Cisco's purchase of Duo Security for $2.35 billion was one of the giant's largest security deals to date.

Investors will be watching as larger firms aim to shore up defenses. Cloud security, for example, is a top priority for Palo Alto Networks, which in March acquired Evident.io for $300 million  to strengthen the cloud. Later this year, it doubled its efforts with a $173 million purchase of RedLock.

Future Funding: What's Coming in 2019
Thinking about next year, Pollard expects "a wave of innovation and consolidation" as startups founded to build specific solutions see their technologies integrated into broader platforms.

"Whenever you have a flurry of startup activity, what you find is a lot of vendors trying to solve very similar problems," he explains. What happens in the enterprise is these capabilities make more sense as features of bigger products. The endpoint space, for example, has a wealth of advanced technology and has experienced much consolidation as firms aim to offer a suite instead of a single tool.

Which technologies are investors thinking about in 2019? Unlike in years past, artificial intelligence (AI) and machine learning will not set startups apart, Pollard says. In 2018 we saw "a bit of a swerve," and much of the allure of AI and machine learning disappeared as both became expected features in other technologies. They're not nice-to-have, but must-have, additions.

"It's not that machine learning and artificial intelligence will go away – it's just a default expectation," he explains. "You're not going to be funded because you do cool artificial intelligence and machine learning for security. The people who make more sophisticated use of that and show how it makes a solution will be the organizations that can power forward."

SCV's Thomas foresees the rise of different up-and-coming security products that aren't specifically built for security but have many applications in the space. Computer vision technology, a form of AI, is one example and has varying use cases, from facial recognition to collaboration tools. It can also be used to identify "deep fake" videos that can be used to spread disinformation.

This is an area SCV has been closely considering, Thomas says. Deep fake videos are realistic videos that circulate online and can prompt corporations to ask security teams to react. He describes it as similar to fake news but in the form of an incident that could affect a major organization's security posture. A hacker group that wanted to add a layer of obfuscation and hide their activity could use a deep fake video to distract security teams from their work.

Threats are "potentially catastrophic" and could have major security implications, Thomas adds. SCV has been looking at tech that can confirm with high probability whether content is fake and untangle the "spiderweb of disinformation" online. Corporate America might have to get into the business of identifying fake news as it pertains to network threat activity, he explains.

"A Fortune 100 company could save a lot of money on a threat that's not real," Thomas says. "It's going to be important they have a capability to confirm or deny these threats if it's gonna be in the public domain."

He also expects identity and access management (IAM) will reach a new level in 2019, with different forms of multifactor authentication. The single sign-on password "is mostly dead" in the business world, Thomas continues, and new forms of authentication will surface. A number of companies have started to use computer vision for facial recognition on-premise, he adds.

Pollard anticipates investment in tools designed to bridge the gap between security and business teams. New solutions will emerge to provide security leaders with metrics, dashboards, and visualizations so they can better present security-related data to stakeholders and help enterprise employees view security in a different way. He also expects a growth in services, which he says used to be less attractive to investors but have since seen positive growth.

"It definitely looks like security budgets, and people buying security technologies, are definitely going up," he says. "That's also leading to the investment side going up as well."

New Solutions for New (and Old) Problems
As security budgets rise, so will investments, Thomas says. Many companies still don't know what they need to defend, and their networks are expanding as a result of new trends such as the Internet of Things. Reality will set in during the upcoming year, he adds.

"They have been forced to expand in areas they didn't want to go into, [and] now they're forced to defend more territory than they ever planned on defending," Thomas explains.

Still, the security industry continues to deal with the same problems it dealt with a decade ago, says Pollard, and big security players haven't sufficiently done their jobs to solve them.

"We need innovation," he admits. The market needs new people and talent, he continues, and there is both ample funding and investor interest to bring new ideas to fruition. "If you have an idea for security, start it," Pollard emphasizes. "There's an appetite for this."

Related Content:

Kelly Sheridan is the Staff Editor at Dark Reading, where she focuses on cybersecurity news and analysis. She is a business technology journalist who previously reported for InformationWeek, where she covered Microsoft, and Insurance & Technology, where she covered financial ... View Full Bio

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
User Rank: Moderator
1/17/2019 | 1:12:47 AM
What is new?
A brand new year calls for a brand new series of potential cyber threats. What can we expect and what can we truly do from our end to prevent contracting any risks? It is a whole new challenge which we need to invest our precious time at in order to always be at guard against potential risks to attacks.
User Rank: Apprentice
1/8/2019 | 3:10:17 AM
Spend on what you need
I think that a lot of companies are realising that they will eventually end up spending more money than the amount they would have saved on security if they didn't do a proper job installing some proper system to begin with. It's an expensive price to pay if you don't make sure you've done a proper job in the beginning!
Data Privacy Protections for the Most Vulnerable -- Children
Dimitri Sirota, Founder & CEO of BigID,  10/17/2019
Sodinokibi Ransomware: Where Attackers' Money Goes
Kelly Sheridan, Staff Editor, Dark Reading,  10/15/2019
Register for Dark Reading Newsletters
White Papers
Current Issue
7 Threats & Disruptive Forces Changing the Face of Cybersecurity
This Dark Reading Tech Digest gives an in-depth look at the biggest emerging threats and disruptive forces that are changing the face of cybersecurity today.
Flash Poll
2019 Online Malware and Threats
2019 Online Malware and Threats
As cyberattacks become more frequent and more sophisticated, enterprise security teams are under unprecedented pressure to respond. Is your organization ready?
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
PUBLISHED: 2019-10-19
Information Disclosure is possible on WAGO Series PFC100 and PFC200 devices before FW12 due to improper access control. A remote attacker can check for the existence of paths and file names via crafted HTTP requests.
PUBLISHED: 2019-10-19
templates/pad.html in Etherpad-Lite 1.7.5 has XSS when the browser does not encode the path of the URL, as demonstrated by Internet Explorer.
PUBLISHED: 2019-10-18
In the Linux kernel before 5.3.4, a reference count usage error in the fib6_rule_suppress() function in the fib6 suppression feature of net/ipv6/fib6_rules.c, when handling the FIB_LOOKUP_NOREF flag, can be exploited by a local attacker to corrupt memory, aka CID-ca7a03c41753.
PUBLISHED: 2019-10-18
In xsltCopyText in transform.c in libxslt 1.1.33, a pointer variable isn't reset under certain circumstances. If the relevant memory area happened to be freed and reused in a certain way, a bounds check could fail and memory outside a buffer could be written to, or uninitialized data could be disclo...
PUBLISHED: 2019-10-18
HCL Traveler versions 9.x and earlier are susceptible to cross-site scripting attacks. On the Problem Report page of the Traveler servlet pages, there is a field to specify a file attachment to provide additional problem details. An invalid file name returns an error message that includes the entere...