13 leaders in cybersecurity offer perspectives on new ways to defend against an increasingly advanced threat landscape.
The number of high-profile cyberattacks against corporations and governments only seems to be rising, with news of another breach seemingly every day. To keep up and get in front of hacker activity, we’ve seen a significant ramp up in funding to private cybersecurity companies.
In fact, in 2015 there were twice as many deals to these types of companies compared to 2011, and five out of nine cybersecurity unicorns reached their $1B+ valuations last year. In keeping with these trends, corporations and their venture arms, including Intel Capital, are increasingly investing in the space. Lately, though, it seems there’s some concern that the space has gotten overheated, and funding activity has slowed down this year.
Below are 13 perspectives on cybersecurity from a variety of investors, entrepreneurs, and corporate leaders, ranging from large tech company executives to Silicon Valley-based VCs. If we’ve missed an important take on the cybersecurity industry that you think is worth highlighting, please let us know in the comments.
1. Marc Andreessen, co-founder and general partner at Andreessen Horowitz
A16z has backed the most cybersecurity unicorns since 2012 — with four companies in its portfolio valued at $1B+ — and the firm is the fourth most active investor in cybersecurity. Marc Andreessen spoke on Bloomberg last year, responding to the idea that the cybersecurity market may be overcrowded.
“We are living in an online world where we all have connected devices on us all of the time. The fact that we now have this new topic about how to protect cars from cyber hacking, I mean this is a brand new thing, and there will be a new generation of companies that do just that, and so I think it is prime time for this kind of entrepreneurship and innovation.”
2. Bill Nelson, President and CEO of the Financial Services Information Sharing and Analysis Center (FS-ISAC)
FS ISAC is an industry forum for collaboration on critical security threats facing the global financial services sector. The forum’s CEO, Bill Nelson, shared his insights here on cybersecurity standards and the fact that obtaining accurate cyber intelligence is fast becoming a priority across sectors.
“Cyber security intelligence and information sharing is now top of mind in the executive suite across nearly every sector. From the recent Presidential Executive Order promoting sharing within the private sector and government to high profile attacks and criminal activities regularly reported in the media, businesses large and small are looking for a new approach to strengthen cybersecurity.”
3. Gilman Louie, partner at Alsop Louie Partners
At the current run-rate funding to cybersecurity companies will surpass $3B across more than 300 deals in 2016. The founder and former CEO of In-Q-Tel — the CIA’s venture arm — Gilman Louie, offers his sentiment here on the rising tide of corporations and venture capital investment in cybersecurity.
“Corporations no longer look at this as the CSO’s (chief security officer’s) problem, it’s the board’s problem now … Everything changed with the Target CEO, where all of a sudden the CEO’s job is on the line … The good guys and the bad guys have an equal number of people, equal amount of money. The bad news is we are going to live in a much more insecure world, and venture capitalists are going to make a lot more money.”
4. Chris Young, General Manager of the Intel Security Group at Intel Corporation
Through its venture arm Intel is the most active corporate investor in cybersecurity, and is also among the most active venture capital firms investing in the space. In his role, Chris Young leads Intel’s security business across hardware and software platforms, including McAfee and Intel’s other security assets. He spoke here about the shifting cybersecurity landscape.
“We are in a massive paradigm shift from an IT perspective, we are connecting our physical lives and our bodies to digital tools, and it changes the way we have to think about managing security. As we bring more devices online, we are seeing the number of attacks on these devices go up proportionally. Also, Ransomeware is a big emerging challenge because it is almost the perfect crime, as it is easy to monetize and hard to trace. What happens when this kind of an attack infiltrates computer connectivity in our physical space? The last five years we have been focused on data breaches and information being stolen from organizations, but the world is moving on to other forms of attacks.”
5. Ken Elefant, Managing Director at Intel Capital
“One interesting theme is security for the internet of things. There are three subsectors of IoT–industrial, home and wearables. I’m most interested in security for industrial IoT devices. Another theme that we like is cloud security. Nowadays, every company is using the cloud and security is a big issue.”
6. Mike Walker, Program Manager at DARPA’s Cyber Grand Challenge
DARPA’s Cyber Grand Challenge is a tournament designed to speed the development of automated security systems able to defend against cyberattacks. The program’s manager Mike Walker spoke here about the need for automation to augment defense capabilities in cybersecurity.
“Currently, the process of creating a fix for a vulnerability is all people, and it’s a process that’s reactive and slow … The idea is that these [IoT] devices will be used in such quantities that without automation we just will not be able to field any effective network defense.”
7. Marc Siegel, Managing Director at Menlo Ventures
Recent Menlo Ventures’ investments in cybersecurity include Veriflow Systems, vArmour, and AppDome. Marc Siegel put forth his predictions on how technology companies will respond to security threats by focusing on machine learning to respond to an increasingly complex cybersecurity landscape.
“I think the new breed of security and intelligent response is going to be machine learning … We’ll use machines for doing things like detecting attacks, sorting out false positives, fixing problems.”
8. Marc van Zadelhoff, General Manager at IBM Security
IBM’s Watson computer, with its advanced machine learning prowess, is also making moves into the cybersecurity space to potentially augment human monitoring of emerging cyber threats — by parsing out vast amounts of unstructured data that can lead to early detection and response. Marc van Zadelhoff expands on the promise of Watson’s cybersecurity capabilities here.
“By leveraging Watson’s ability to bring context to staggering amounts of unstructured data, impossible for people alone to process, we will bring new insights, recommendations, and knowledge to security professionals, bringing greater speed and precision to the most advanced cybersecurity analysts, and providing novice analysts with on-the-job training.”
9. Gaurav Banga, cofounder and former CEO of Bromium
Corporations and their corporate venture arms have become increasingly active in cybersecurity investment. According to CB Insights data, four years ago in 2012, there were 23 deals to cybersecurity startups involving corporates, whereas in H1’16 there were already 40 deals. Bromium, specializes in enterprise cybersecurity, and the company’s former CEO commented here on the piecemeal status of today’s B2B solutions.
“Right now, the [corporate] customer has to assemble the best-of-breed full security solution out of products and offerings from different next-gen and legacy vendors. In time, as the new security industry leaders emerge, or if someone shows up with lots of cash and vision, they should be able to create a consolidation that results in an enduring market leader that provides an end-to-end solution for the customers.”
10. Sean Cunningham, Managing Director of Trident Capital Cybersecurity
Trident Capital is among the top VC investors in cybersecurity. Recent cybersecurity exits for the firm include Voltage Security, acquired by Hewlett-Packard in February 2015. Sean Cunningham offered up his views on where cybersecurity is headed and the potential for consolidation in the space. According to CB Insight’s data, nineteen cybersecurity startups have gone public in the last four and a half years, and 385 have merged or been acquired since 2012.
“Cybersecurity is moving away from the era of building walls toward more flexible and proactive approaches. This requires constant monitoring for breaches and vulnerabilities and remedial responses. So we’re seeing a wave of consolidation among cybersecurity companies of all sizes.”
11. Jeff Massimilla, Chief Product Cybersecurity Officer at General Motors
General Motors is among a handful of corporations placing bets in the auto tech space, which is increasingly focused on autonomous and connected vehicles that also happen to be vulnerable to cyberattack. In January, GM bought up Sidecar‘s assets and invested $500M into Lyft, and March saw GM’s acquisition of autonomous tech startup Cruise Automation. Jess Massimilla talked about the company’s plans to ensure security in its vehicles.
“We are obviously securing our ecosystem—and securing is a relative word as there’s no absolute security—and employing layers of defensive measures in our vehicles and services. It’s a defensive posture and the ability to not only detect and monitor but to respond.”
12. Jeff Schilling (Colonel, Retired), Chief Security officer at Armor
Healthcare is another industry that is increasingly realizing how vulnerable medical devices are to advanced cyberattacks. An estimated 85% of large health organizations experienced a data breach in 2014, with 18% of breaches costing more than $1 million to remediate. Jeff Schilling is quoted on the subject here.
“It comes down to network architecture and design. Medical devices need to be segmented apart from other devices on a hospital’s network. This is one of the very few cases where a cyber actor could take action and hurt someone very quickly.”
13. Dr. Eviatar Manatia, Head of Israel’s National Cyber Bureau
The US still sees two-thirds of deals to cybersecurity startups globally, but the rest of the world has grown its deal share in the past two years. According to CB Insights data, Israel leads all other countries globally with 125 cybersecurity deals since 2012, and an 8-fold rise in 2015 compared to 2012. Dr. Eviatar Manatia, remarked here on the country’s approach to sharing cyber intelligence.
“We believe in sharing information between companies, sectors, and countries because the threat is so global. If we share information we can prevent it from propagating.”
Want data on cybersecurity startups? Login to CB Insights or sign up for free below.