Cyber Security Market

- Cybersecurity is a horizontal not a vertical. ![[Pasted image 20240901195629.png]] - There is an intelligent, well-motivated driver of innovation. - Cybersecurity innovation is acquired, not built in house. By corporates and also by larger cybersecurity firms. Acquisition is the expected form of exit for successful startups. - Platform as a Holy Grail of cybersecurity founders, starting with a point solution. The pendulum between “best-of-breed” (point solutions) and “best-of-suite” (platforms) swings back and forth every few years, and now the “best-of-suite” seems to be winning with its promises of reducing the complexity, cutting the number of vendors, and lowering security spending. - Security it moving to the source where [[data gravity]] is the largest as that is where the attack surface area is the largest too. Security data is also a very small % of a companies overall data which is now mostly stored in [[data lakes]] by big cloud providers. ## Cybersecurity Ecosystem There are [17 pure play public cybersecurity companies](https://docs.google.com/spreadsheets/d/18jVjSVgp0rdBzN05QCuiVAtZKNVJDQjyyhzDerrlF4s/edit?gid=0#gid=0) ### Big Cybersecurity Players 1. [[Palo Alto Networks]] (3%) 2. [[Google Chronicle and Microsoft Sentinel]] - Microsoft (10% and $15b in revenue in 2022) 3. [[Crowdstrike and SentinelOne]] (1.5%) ### Niches - [[Certificate Authorities]] - [[SIEM - Security Information and Event Management]] Players: - [[Splunk]] - [[Panther]] (Next-Gen SIEM) - [[Managed Security Service Providers]] Others: - [[LimaCharlie]] (SecOps to help developers) - [[Anvilogic]] (Security Analytics wherever your data is) - [GreyNoise](https://www.greynoise.io/) (Realtime Threat Monitoring Intelligence) - [Prelude](https://www.preludesecurity.com/) (Threat Intelligence to Protections) - [Tines](https://www.tines.com/) (Security Workflows Platform) Identity and Access Management: - [Okta](https://www.okta.com/uk/) - [PingIdentity](https://www.pingidentity.com/en.html) - [ForgeRock](https://backstage.forgerock.com/) Overall the space is large: 3.2k+ companies across 17 categories. Today, an average organization has [over 70](https://www.infosecurity-magazine.com/news/organizations-76-security-tools/) security tools. ![[Pasted image 20240901072354.png]] ### US Gov related How do we break in? - [Defence Innovation Unit](https://www.diu.mil/about) - In an attempt to increase the level of security, the US NIST developed a Framework that consists of standards, guidelines, and best practices to manage cybersecurity risk. While the use of the Framework is voluntary for industry, Executive Order 13800 from 2017, [Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure](https://www.federalregister.gov/documents/2017/05/16/2017-10004/strengthening-the-cybersecurity-of-federal-networks-and-critical-infrastructure), made the Framework mandatory for U.S. federal government agencies. Private companies that work with the US government and fall anywhere within the supply chain for a federal agency must also comply with NIST standards. Players that have cracked deals: - [Tanium](https://www.meritalk.com/articles/tanium-gets-750-million-dod-contract-for-cybersecurity/) - [Axonius](https://www.axonius.com/) Resources: - https://cyber.ylventures.com/ylvacademy/rogerhale # Investors VCs: - [[Night Dragon]] - [Allegis Cyber Capital](https://allegiscyber.com/our-portfolio/) - [TenEleven](https://www.1011vc.com/) - [Sands Captial](https://www.sandscapital.com/) - [YL Ventures](https://www.ylventures.com/magazine/blog/ylv-fund-v-at-400m-the-largest-seed-fund-ever-raised-for-cybersecurity/) PEs: - [[Thoma Bravo]] - [Vista Equity](https://www.vistaequitypartners.com/) # Ecosystem - https://www.cyberconsortium.com/