Security industry overview December 2016

Transcription

1 Security industry overview December 2016

2 Agenda Security overview Current technologies Startup landscape Industry regulation 2

3 Data breaches are here, and they re not going away anytime soon We believe that data is the phenomenon of our time. It is the world s new natural resource. It is the new basis of competitive advantage, and it is transforming every profession and industry. If all of this is true even inevitable then cyber crime, by definition, is the greatest threat to every profession, every industry, every company in the world. IBM chairman, CEO and President Ginni Rometty 3

4 These trends get us most excited about security With the increase in the number of breaches in recent years, there is a growing perception amongst CISOs that the current security paradigm isn t effective enough. Increasingly malicious threat environment Expanding surface area Current security ineffectiveness Targeted attacks: sophisticated malware attacks are avoiding traditional firewalls and seeking vulnerable entities Nation-state involvement: nation-states are increasingly funding attacks, driven by not only economic incentives but also political motives Dynamic malware: attackers can now sense potential environment detection and manipulate appearance Cloud apps and infrastructure: we re witnessing a rise in vulnerability from the increased adoption of cloud-based applications Mobility: enterprises are looking to secure mobile applications, as bring-your-owndevice (BYOD) becomes the new standard Internet of Things (IoT): rapid growth in the number of connected devices is evident Incident count: number of security incidents occurring annually is at an all-time high Incident cost: as it becomes more and more costly to remediate hacks, enterprises will continue to allocate a higher portion of their IT budget on superior security products Source: Morgan Stanley 4

5 Cybersecurity is a growing problem, despite increased spend on technology & services Total number of cybersecurity incidents, worldwide Recent high-profile hacks September September August May March 2016 Source: Morgan Stanley, press 5

6 The cost of cyber breaches has increased significantly as well Average cost of a data breach (US$m) $4.0 $3.9 $3.8 $3.7 $3.6 $3.5 $3.4 $3.3 $3.2 $3.1 $ Source: Morgan Stanley 6

7 Typical attack life cycle Step 1 Research: Hackers want PII, PHI and PEI. Step 5 Monetization: They sell the data to people who want it. Step 2 Infiltration: They attack. Step 3 Discovery: They re inside. They find what they are looking for. Step 4 Capture: They take the data & store it away slowly. 7

8 The security market is poised for robust growth $140 $120 Security market (US$B) $128B market by 2020 $100 $80 $60 $55B market in 2015 $40 $20 $ E 2017E 2018E 2019E 2020E Source: Morgan Stanley 8

9 U.S. federal spending in security is expected to grow 35% YoY in 2017 Federal cybersecurity budget (US$B) $20.0 $19.0 $18.0 $17.0 $16.0 $15.0 $14.0 $13.0 $12.0 $11.0 $10.0 $19.0 $14.0 $12.7 $13.1 $ E 2017E Source: Morgan Stanley, FISMA Annual Report to Congress 9

10 while non-government security spend is also on the rise The U.S. financial services cybersecurity market reached $9.5B in 2015, becoming the largest non-government cybersecurity market. Annual budget: $500m $400m $300m $250m $1.5B spent on cybersecurity annually between these four alone AND THAT NUMBER IS EXPECTED TO GROW Source: Forbes 10

11 Agenda Security overview Current technologies Startup landscape Industry regulation 11

12 Access control Selective restriction of access to a place or other resource. Technologies include: 1) Identity & access management (IAM): Captures user identities and controls access to resources by checking user rights and restrictions Is an area of increasing focus for enterprises as a number of recent high profile breaches have resulted from insiders gaining access to critical files $5.5B market in ) Virtual private network (VPN): Creates secure connections between users at home or in remote offices and the corporate network Creates a virtual tunnel using encryption and authentication protocols $0.5B market in ) Data loss prevention (DLP): Makes sure that users do not send critical information outside a corporate network, with a dedicated administrator controlling what data users can transfer $0.9B market in 2015 Source: IDC, Morgan Stanley, Gartner 12

13 Endpoint threat prevention Aims to protect the perimeter of the company. Technologies include: 1) Consumer endpoint: Includes personal firewalls and anti-virus protection Also now beginning to prevent malware, secure mobile devices and safeguard against identity theft & online transactions $4.8B market in ) Corporate endpoint: Protects corporate devices from the installation of malicious software that seeks to disrupt business processes and / or steal confidential data Multiple layers of protection, aiming to identify, prevent, block and contain known and unknown threats on devices themselves $4.4B market in 2015 Source: IDC, Morgan Stanley, Gartner 13

14 Network threat prevention Seeks to prevent unauthorized access to the corporate network. Technologies include: 1) Firewall / unified threat management (UTM): Firewall: assesses traffic over a network and subsequently allows or denies network access based on previously determined specifications and policies UTM: integrates a number of security features into one device, namely a firewall, network intrusion detection & prevention as well as the securing of web / gateways $7.7B market in ) Intrusion detection & prevention (IDP): Monitors the network continuously, informing IT teams when detecting security violations or information leakage $2.2B market in ) / messaging security: Scans s for spam, malware, viruses and phishing attempts; encrypts outbounds $2.0B market in ) Web security: Employs anti-malware to protect employees from accessing malicious websites, while using web application firewalls (WAFs) to protect against external users attempting to gain access to internal systems $2.0B market in 2015 Source: IDC, Morgan Stanley, Momentum Partners 14

15 Monitoring / forensics Aims to detect potential breaches quickly, remediate the problem and prevent future occurrences. Technologies include: 1) Security information & event management (SIEM): Aggregates, standardizes and stores all of the data from network & security devices Allows greater visibility into user activity, enabling enterprises to more quickly identify malicious behavior $1.9B market in ) Vulnerability assessment: Scans enterprise infrastructure to identify vulnerabilities and remediate exposure to threats Employs penetration testing products, which simulate attacks to find potential areas of weakness $1.7B market in ) Forensics & incident investigation: Captures how an intrusion affects a company s files & systems Uncovers historical vulnerabilities, which may have caused breaches, to remediate future attacks $0.5B market in 2015 Source: IDC, Morgan Stanley, Gartner 15

16 Other Essentially anything else that hasn t already been covered but falls within the larger cybersecurity umbrella. Technologies include: 1) Policy & compliance: Helps companies remain compliant with the increasingly complex set of security regulations Involves writing reports, providing audit information and establishing security policies $1.2B market in ) Security system & configuration management: Increases visibility over enterprise perimeter security products, such as firewalls and web security Used to configure and monitor the health of security systems $0.1B market in ) Security services: Include IT consulting and systems integration Help enterprises design their security architecture, deploy software and integrate security products $19.4B market in 2015 Source: IDC, Morgan Stanley 16

17 Security industry by use case Global security market breakdown, 2015 $55B market in 2015 Other, 38% Network threat prevention, 25% Endpoint threat prevention, 17% Network and endpoint protection lead the way, with the $19B security services market captured in other Monitoring / forensics, 7% Access control, 13% Note: Other bucket is comprised of policy & compliance, security system & configuration management and security services. Source: Gartner 17

18 Agenda Security overview Current technologies Startup landscape Industry regulation 18

19 Selection criteria & analysis of sub segments PitchBook screen employing the following criteria: Tier 1: 1) Vertical: cybersecurity 2) Stage: incubator / angel (limited to Bay Area deals including either Y Combinator or 500 Startups), seed, series A 3) Deal date: last two years 4) Headquarters: California, Texas, Washington, Oregon, Colorado Tier 2: 1) Vertical: cybersecurity 2) Stage: seed, series A 3) Deal date: last two years 4) Headquarters: New York, Massachusetts, D.C. area Note: Data as of October 28, Source: PitchBook 19

20 Tier 1 led by infrastructure and cloud security Security investments by type companies total Note: Data as of October 28, Source: PitchBook 20

21 Tier 2 east coast led by infrastructure, / messaging and mobile security 12 Security investments by type companies total Note: Data as of October 28, Source: PitchBook 21

22 Areas we will be exploring for future security investments IAM: $25B market projected by 2022 Verticals: IAM IoT Infonomics Cloud security Infonomics: are all these products worth their cost? every CISO ever IoT: over 25% of identified attacks in enterprises will involve IoT by 2020 Cloud security: 15% of enterprise spend today, rising to 33% by 2018 Horizontal technology: AI & machine learning AI & machine learning: 22% cyber intelligence market share (#1 end market) Source: Forbes, IDC, Gartner, TechEmergence, Grand View Research 22

23 Prominent players within our focus areas IAM Infonomics IoT (Palerra) (Blue Coat & Elastica) Cloud security AI & machine learning Source: Morgan Stanley, PitchBook, Gartner, press 23

24 Where our portfolio companies fit in all of this Cloud / CASB Endpoint AI & machine learning Network 24

25 Security VC investments will likely see a slight dip in 2016, but still well above median Projected Total security venture investments globally Median = E Note: Data as of October 18, Source: Pitchbook 25

26 Top security investors last three years Top investors by # of security investments Not considered top investor in last 12 months Note: Data as of October 18, Excludes accelerator & pre-seed rounds. Excludes individuals. Source: Pitchbook 26

27 Top security investors last twelve months Top investors by # of security investments Only recently considered top investor in last 12 months Note: Data as of October 18, Excludes accelerator & pre-seed rounds. Excludes individuals. Source: Pitchbook 27

28 Agenda Security overview Current technologies Startup landscape Industry regulation 28

29 Regulations within the security industry have seen increased attention in recent years Among other things, mandated that healthcare organizations, financial institutions and federal agencies protect their systems & information. However, some argued the language within was too vague President s National Strategy to Secure Cyberspace (Bush) Aimed to create standards for protecting vital infrastructure Improving Critical Infrastructure Cybersecurity (White Houseissued) Protects against lawsuits aimed at companies that disclose breach information Cybersecurity National Emergency Declared (Obama) Health Insurance Portability and Accountability Act (HIPAA) Gramm-Leach- Bliley Act Federal Information Security Management Act (FISMA); part of Homeland Security Act Made Dept. of Homeland Security responsible for national security guidance & solutions Cybersecurity Act of 2012 (failed to pass through Senate) Allows the Executive Branch to share information about threats with companies & individuals Cyber Intelligence Sharing and Protection Act (CISPA) Executive order to include $14B for cybersecurity spending in 2016 budget 29