Cyberattacks hitting one company after another — including defense contractor QinetiQ — have garnered plenty of headlines in recent months. And while that’s got to cause headaches for victims, it might not be such a bad thing, because it makes governments and other businesses notice. It turns out that venture capitalists have taken note, too, and have been putting more of their dollars behind security startups in hopes that those companies go big.
The numbers bear out the trend. In the first quarter of 2013, VCs dumped nearly $353 million into IT security deals, up 90 percent over that quarter the previous year, according to MoneyTree Report data provided to GigaOM by the National Venture Capital Association. If you divide the total funding by the number of deals, the average amount was more than $16 million, up 125 percent over the $7.1 million amount in the first quarter of 2012.Security startups that have taken on VC funding rounds this year include Cylance, TraceVector and vArmour Networks, among others.
The intersection of big data and security has been a hot space, as companies move to collect lots of information and analyze it all as fast as possible, just as companies want to derive insights on increasing and more complex data sets that can lead to overhead reductions and new revenue streams. For example, in October, EMC said it would buy Silver Tail Systems, which tracks web and mobile-app traffic and points to unusual behavior and violations that customers can set. To separate the wheat from the chaff of vulnerabilities that multiple security systems might discover and to use security staffers efficiently, Risk I/O prioritizes issues. Last year it got $5.25 million.
Are the cyberattacks nudging VCs to shell out millions? Shirish Sathaye, a general partner at Khosla Ventures, which has invested in Cylance and TraceVector along with Lookout and DB Networks, thinks the cyberattack news onslaught is making a difference.
“The first reason is, yes, every time you open a newspaper, you read about somebody being attacked,” he said, whether against consumers or companies. The likelihood and complexity of attacks only become greater as more people get online, often with multiple devices.
The multiplicity of devices accessing a network — a trend in its own right — could pose security challenges on its own, and Tenable Network Security picked up $50 million last year following the addition of features that look for vulnerabilities popping up as mobile devices and provide information on devices such as whether they are jailbroken. Last month Ionic Security, which keeps data encrypted as it moves to devices, said it had raised $9.4 million in new funding.
Another reason for the security funding boom, Sathaye said, is the success of network security player Palo Alto Networks. Prior to its public offering last year, threats might well have helped its appeal.
From Sathaye’s point of view, it’s critical to nurture the ecosystem of options for strengthening network and endpoint security. “As bad guys keep innovating, good guys have to innovate at least as fast as them, if not faster,” he said. With more money going toward IT-security startups, it does seem that plenty of other VCs think there’s an opportunity here.
As published on http://gigaom.com/2013/05/03/funding-soars-for-security-startups-as-cyberattacks-keep-coming/