Threat Intelligence

12/26/2018
12:00 PM
Connect Directly
Twitter
LinkedIn
Google+
RSS
E-Mail
100%
0%

Spending Spree: What's on Security Investors' Minds for 2019

Cybersecurity threats, technology, and investment trends that are poised to dictate venture capital funding in 2019.

The new year will bring waves of consolidation and innovation to the cybersecurity market as investors decide which startups will provide the strongest defenses to businesses in need of them.

Global spending on security products and services will close out the year in excess of $114 billion, marking a 12.4% increase from 2017, Gartner research indicates. Next year, the security market is expected to grow 8.7% and hit $124 billion as security leaders aim to use technology to help organizations become more competitive, addressing a broad landscape of risks and varying corporate needs.

As we look to 2019, investors are weighing these risks and needs as they allocate funds toward the companies and technologies holding the most promise for next year. But before we think about the year ahead, let's first recap the year we're leaving behind.

A Look Back: 2018 in Hindsight
According to Hank Thomas, CEO and partner at Strategic Cyber Ventures (SCV), 2018 "was really about people playing catch-up with the attack surface that had gotten out of control." 

The top questions companies were asking this past year: "Where is my data?" "What is my most important data?" "Where does my network begin and end?" "What do I need to protect?" "What does my rapidly expanding attack surface look like, and how do I protect it?"

Security was top-of-mind for private equity firms, which spent 2018 building out their infosec portfolios. Thoma Bravo, for example, in May took a majority stake in LogRhythm, a security information and event management (SIEM) company. It later bought security firm Imperva for $2.1 billion in October, which was followed by a $950 million acquisition of Veracode the next month.

The trend affected both large and early-stage companies as private equity players were willing to consider startups in their B or C funding rounds and bring them into the fold, explains Jeff Pollard, Forrester vice president and principal analyst serving security and risk professionals.

"It definitely appears the private equity firms … they've figured out a way to make money off cybersecurity," he explains. While their end game is still "a bit up in the air," he also expects the trend of private equity cybersecurity investment to continue into 2019.

This year also saw security startups exit as bigger firms snapped them up. Automation and analytics were hot technologies for giants including Microsoft and Amazon, neither of which are traditional security firms but are interested in integrating analytics into their feature sets. Other traditional firms invested to address weak spots like identity, says Pollard: Cisco's purchase of Duo Security for $2.35 billion was one of the giant's largest security deals to date.

Investors will be watching as larger firms aim to shore up defenses. Cloud security, for example, is a top priority for Palo Alto Networks, which in March acquired Evident.io for $300 million  to strengthen the cloud. Later this year, it doubled its efforts with a $173 million purchase of RedLock.

Future Funding: What's Coming in 2019
Thinking about next year, Pollard expects "a wave of innovation and consolidation" as startups founded to build specific solutions see their technologies integrated into broader platforms.

"Whenever you have a flurry of startup activity, what you find is a lot of vendors trying to solve very similar problems," he explains. What happens in the enterprise is these capabilities make more sense as features of bigger products. The endpoint space, for example, has a wealth of advanced technology and has experienced much consolidation as firms aim to offer a suite instead of a single tool.

Which technologies are investors thinking about in 2019? Unlike in years past, artificial intelligence (AI) and machine learning will not set startups apart, Pollard says. In 2018 we saw "a bit of a swerve," and much of the allure of AI and machine learning disappeared as both became expected features in other technologies. They're not nice-to-have, but must-have, additions.

"It's not that machine learning and artificial intelligence will go away – it's just a default expectation," he explains. "You're not going to be funded because you do cool artificial intelligence and machine learning for security. The people who make more sophisticated use of that and show how it makes a solution will be the organizations that can power forward."

SCV's Thomas foresees the rise of different up-and-coming security products that aren't specifically built for security but have many applications in the space. Computer vision technology, a form of AI, is one example and has varying use cases, from facial recognition to collaboration tools. It can also be used to identify "deep fake" videos that can be used to spread disinformation.

This is an area SCV has been closely considering, Thomas says. Deep fake videos are realistic videos that circulate online and can prompt corporations to ask security teams to react. He describes it as similar to fake news but in the form of an incident that could affect a major organization's security posture. A hacker group that wanted to add a layer of obfuscation and hide their activity could use a deep fake video to distract security teams from their work.

Threats are "potentially catastrophic" and could have major security implications, Thomas adds. SCV has been looking at tech that can confirm with high probability whether content is fake and untangle the "spiderweb of disinformation" online. Corporate America might have to get into the business of identifying fake news as it pertains to network threat activity, he explains.

"A Fortune 100 company could save a lot of money on a threat that's not real," Thomas says. "It's going to be important they have a capability to confirm or deny these threats if it's gonna be in the public domain."

He also expects identity and access management (IAM) will reach a new level in 2019, with different forms of multifactor authentication. The single sign-on password "is mostly dead" in the business world, Thomas continues, and new forms of authentication will surface. A number of companies have started to use computer vision for facial recognition on-premise, he adds.

Pollard anticipates investment in tools designed to bridge the gap between security and business teams. New solutions will emerge to provide security leaders with metrics, dashboards, and visualizations so they can better present security-related data to stakeholders and help enterprise employees view security in a different way. He also expects a growth in services, which he says used to be less attractive to investors but have since seen positive growth.

"It definitely looks like security budgets, and people buying security technologies, are definitely going up," he says. "That's also leading to the investment side going up as well."

New Solutions for New (and Old) Problems
As security budgets rise, so will investments, Thomas says. Many companies still don't know what they need to defend, and their networks are expanding as a result of new trends such as the Internet of Things. Reality will set in during the upcoming year, he adds.

"They have been forced to expand in areas they didn't want to go into, [and] now they're forced to defend more territory than they ever planned on defending," Thomas explains.

Still, the security industry continues to deal with the same problems it dealt with a decade ago, says Pollard, and big security players haven't sufficiently done their jobs to solve them.

"We need innovation," he admits. The market needs new people and talent, he continues, and there is both ample funding and investor interest to bring new ideas to fruition. "If you have an idea for security, start it," Pollard emphasizes. "There's an appetite for this."

Related Content:

Kelly Sheridan is the Staff Editor at Dark Reading, where she focuses on cybersecurity news and analysis. She is a business technology journalist who previously reported for InformationWeek, where she covered Microsoft, and Insurance & Technology, where she covered financial ... View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
MarkSindone
50%
50%
MarkSindone,
User Rank: Apprentice
1/17/2019 | 1:12:47 AM
What is new?
A brand new year calls for a brand new series of potential cyber threats. What can we expect and what can we truly do from our end to prevent contracting any risks? It is a whole new challenge which we need to invest our precious time at in order to always be at guard against potential risks to attacks.
michaelmaloney
50%
50%
michaelmaloney,
User Rank: Apprentice
1/8/2019 | 3:10:17 AM
Spend on what you need
I think that a lot of companies are realising that they will eventually end up spending more money than the amount they would have saved on security if they didn't do a proper job installing some proper system to begin with. It's an expensive price to pay if you don't make sure you've done a proper job in the beginning!
How the US Chooses Which Zero-Day Vulnerabilities to Stockpile
Ricardo Arroyo, Senior Technical Product Manager, Watchguard Technologies,  1/16/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
The Year in Security 2018
This Dark Reading Tech Digest explores the biggest news stories of 2018 that shaped the cybersecurity landscape.
Flash Poll
How Enterprises Are Attacking the Cybersecurity Problem
How Enterprises Are Attacking the Cybersecurity Problem
Data breach fears and the need to comply with regulations such as GDPR are two major drivers increased spending on security products and technologies. But other factors are contributing to the trend as well. Find out more about how enterprises are attacking the cybersecurity problem by reading our report today.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-3906
PUBLISHED: 2019-01-18
Premisys Identicard version 3.1.190 contains hardcoded credentials in the WCF service on port 9003. An authenticated remote attacker can use these credentials to access the badge system database and modify its contents.
CVE-2019-3907
PUBLISHED: 2019-01-18
Premisys Identicard version 3.1.190 stores user credentials and other sensitive information with a known weak encryption method (MD5 hash of a salt and password).
CVE-2019-3908
PUBLISHED: 2019-01-18
Premisys Identicard version 3.1.190 stores backup files as encrypted zip files. The password to the zip is hard-coded and unchangeable. An attacker with access to these backups can decrypt them and obtain sensitive data.
CVE-2019-3909
PUBLISHED: 2019-01-18
Premisys Identicard version 3.1.190 database uses default credentials. Users are unable to change the credentials without vendor intervention.
CVE-2019-3910
PUBLISHED: 2019-01-18
Crestron AM-100 before firmware version 1.6.0.2 contains an authentication bypass in the web interface's return.cgi script. Unauthenticated remote users can use the bypass to access some administrator functionality such as configuring update sources and rebooting the device.