OMERS Ventures Investment Thesis
When evaluating investment opportunities in cybersecurity, our team focuses on (i) attractive business models, (ii) compelling target markets, and (iii) strong differentiated technologies. This is, of course, in addition to other important factors such as management team expertise, differentiated and effective product capabilities, and a demonstrated track record of growth.
As we have said previously said, complex cybercrimes require complex solutions. Often, these solutions require extensive customer onboarding or training, and solutions providers have adapted by building strong services business models around their products. As VCs, we look for businesses that have established recurring revenue business models with a self-service customer experience that allows for scalability.
We have also identified five cybersecurity subsegments that excite us due to their high potential for growth.
· Enterprise Security Operations Management
· Cloud Security
· Threat Detection and Intelligence
· Identity and Access Management
· IoT Security
Enterprise Security Operations Management
One of the most effective approaches to protecting a large organization’s digital assets is establishing a Security Operations Center (SOC), an organizational unit dedicated to handling security issues. Currently only seven percent manage these operations in-house, while 26 percent have outsourced to external providers. This provides immense opportunity for companies building platforms to enable organizations to establish the appropriate compliance practices, data encryption methods, and endpoint security solutions. Such activities require cross-department collaboration and can be supported by platforms that tackle security orchestration and operations management. One such company is California-based Demisto, which was acquired by Palo Alto Networks for USD $560 million earlier this year.
As cloud computing proliferates, many organizations are storing and managing large amounts of private data using hybrid cloud architectures (i.e. a combination of on-premise and cloud). This architecture provides flexible yet tailored use of data centers coupled with the convenience of a public cloud. According to Gartner, 90 percent of organizations are expected to move to hybrid cloud infrastructures by 2020. Unfortunately, the complexity of these setups has adverse security implications. Cloud misconfigurations are now one of the top sources of breached data at the enterprise level.
Cloud security providers have innovated to create a suite of solutions for enterprise customers to choose from, including but not limited to a Cloud Access Service Broker for SaaS applications (Netskope), Software Defined Perimeters (Vidder, acquired by Verizon in November 2018), and browser isolation / remote browsing (WEBGAP, Authentic8).
Threat Detection and Intelligence
Companies have been tackling network security issues through threat detection for a number of years. However, the escalation of cyberattacks, in frequency and sophistication, has outpaced the capabilities of most organizations and their cybersecurity professionals. To alleviate the issue, dynamic monitoring solutions that leverage machine learning promise to augment existing enterprise security capabilities. These solutions allow for identification of anomalous patterns through a number of approaches, such as continuous network visibility, behavioural detection, and attack imitation in order to defend enterprise systems.
UK-based Darktrace employs unsupervised machine learning to analyze network data at scale and efficiently detect patterns and deviations from normal state in the network.
Identity and Access Management
The Identity and Access Management (IAM) market is one of the top product segments by size and growth prospects. Personally Identifiable Information (PII) is increasingly tracked and shared online. Concurrently, massive data breaches have unleashed unprecedented amounts of PII on the web. This has resulted in immense opportunities for companies to create solutions to protect this data. To that end, many companies like DUO are working on advanced IAM technologies including two-factor, decentralized, biometric, and even password-less authentication.
According to Gartner, the number of connected devices is expected to grow to almost 20.4 billion by 2020. As the world becomes increasingly connected and more personal data is shared and stored on a multitude of applications across devices, attack vectors are evolving and exposures multiply. If IoT is to commercialize in sensitive or high-stakes applications, such as medical devices or connected cars, it will urgently require adequate security solutions.
California-based Armis provides an agentless IoT security platform that enables an automatic detection of compromised and unmanaged devices in the network.
Artificial Intelligence in Cybersecurity
Artificial intelligence (AI) has the potential to disrupt virtually every industry and is estimated to add USD $15.7 trillion to global GDP by 2030. Cybersecurity is no exception. AI is best suited for use cases where high levels of automation are required due to lack of resources and/or complexity of the task at hand, both of which apply to cybersecurity.
With many organizations requiring cybersecurity talent, there could be as many as 3.5 million unfilled positions in the industry by 2021. Additionally, only 31 percent of organizations have a dedicated Chief Information Security Officer (CISO) responsible for handling information security. In light of this shortage of talent, we see AI as a powerful tool to augment internal resources to combat increasing cybercrime.
Moreover, the evolving nature of cyberattacks require a security platform that uses an analysis of known malware and techniques to inform the machine learning models to detect future or unknown threats. AI-powered platforms are poised well to supply this.
The list below highlights a number of top cybersecurity companies across the globe that leverage machine learning and artificial intelligence for security management.
Looking forward, we are also keeping our eye on other up-and-coming trends such as cyber-insurance (i.e. cyber policies mitigating the risk of cyber-related security breaches) and crowdsourced cyber defence (i.e. leveraging ethical hackers to discover software vulnerabilities and conduct penetration testing), among others.