Venture capitalists wait longer to make deals but remain optimistic as enterprises keep adding to security budgets
By Cat Zakrzewski | Aug. 1, 2016
Investors say they’re waiting longer to make investments in cybersecurity startups but remain optimistic about the sector as enterprises continue to increase their security budgets.
Venture investment in cybersecurity rose modestly in the first half of 2016, according to data from Dow Jones VentureSource. Investors bet $1.39 billion on the sector, vs. $1.03 billion in the same period last year.
“We’ve been more cautious,” said Asheem Chandna, a partner at Greylock Partners. He added that this was true across all sectors.
Many predict the current investment climate will be a prominent topic of conversation as the cybersecurity industry descends on Las Vegas this week for the annual Black Hat conference.
The rise in fresh capital was modest and follows several years of larger year-over-year growth. In 2015, the sector saw a boom in investment in the third quarter, driven by mega-rounds of financing for later-stage companies. Some investors said they don’t expect that kind of activity to hold up the rest of this year, but added that it won’t be a sharp slowdown either. Most enterprises continue to increase their security budgets, they said, even as other information-technology allocations are lowered.
“In 2015, there was a level of irrational exuberance on the part of the investment community as it related to cybersecurity companies,” said Allegis Capital Managing Director Robert Ackerman. “Now we’re seeing some moderation, which is a very healthy and constructive thing.”
Experienced security investors say the segment saw so much interest in recent years that companies without legs were funded. Now they say the hype around the sector is cooling off.
“The tourists are going to pack up and leave,” said Ten Eleven Ventures Founder Alex Doll. “I think a lot of the larger funds that weren’t good in security had started to try to play in this space.”
Several large, later-stage deals led the way in attracting new capital, including a $100 million investment in Cylance Inc., and a $76 million round in ForeScout Technologies Inc. Both companies reached billion-dollar valuations with these rounds.
But overall, venture capitalists say they’re seeing valuations in the segment readjust, much as they have done broadly across the tech sector. The decline in valuations has led to a steady amount of mergers and acquisitions in cybersecurity, which investors seems likely to pick up as a more diverse group of buyers have been assessing the industry for potential deals.
In recent months, Symantec Corp. said it would acquire Blue Coat Systems Inc. for $4.65 billion. Cisco Systems Inc. bought security firm CloudLock Inc. for $293 million.
Some venture capitalists said they expect private-equity firms will continue to play a role in security acquisitions. Vista Equity Partners announced in June it would acquire Ping Identity Corp. Legacy tech firms will also likely be active acquirers, investors said, because they rely on such acquisitions for innovation and see security as a growing area of their business.
Trident Capital Cybersecurity Managing Director Alberto Yepez said the influx of mergers and acquisitions is also driven by an influx of nontraditional acquirers, like General Electric Co. and industrial companies, as more devices become connected and security becomes more core to their business. He also said telecommunications service providers have become more active in the segment.
“The universe of acquirers has expanded,” he said.
In recent years, much of the activity in security investment has been driven by emerging technologies. Some investors think many of those changes haven’t been addressed yet and will continue to draw investment.
“I think we’re just beginning to see the mobile tsunami in security,” Mr. Yepez said.
Find more @