Managing Director and founder of AllegisCyber Capital.
Cybersecurity is an existential risk to the global economy. The World Economic Forum’s (WEF) Global Risks Report ranks cybercrime and cyber mistrust among the top 10 most sensitive global dangers for the next two to ten years. Cybersecurity Ventures predicts that cybercrime will cost $8 trillion globally by the end of this year.
Power grids, water utilities, and oil refineries are now active battlegrounds in cyberspace and pose a significant human risk. In 2022, 40% of all geographically targeted attacks detected through Microsoft targeted critical infrastructure, up 20% from last year. Attacks against commercial organizations have increased by as much as 87%, as reported in Dragos’ ICS/OT 2022 Cybersecurity Year Review Report. (Full disclosure: Dragos is a holding company for two of my other companies, AllegisCyber Capital and DataTribe. )
Cyber dangers have increased since 2021, when cyber threats increased by as much as 81% along with remote work. Major cyberattacks like SolarWinds and Colonial Pipeline made cybersecurity the investment trend for venture capital firms looking for momentum that year, raising a record $128. 3 billion, according to PitchBook.
Cybersecurity budgets have to increase if CISOs are to counter today’s increasingly sophisticated cyber threats. Cybersecurity spending may be down nearly two-thirds from the 17% growth security budgets saw in 2021-22, but it still increased 6% from 2022-23, according to one 2023 Security Budget Benchmark Summary Report. More importantly, the cybersecurity portion of IT budgets continues to grow, reaching 11.6% in 2023 from 8.6% in 2020.
So why is the cybersecurity startup market about to hit its lowest point in annual venture capital investment since 2019, when it amounted to $8. 8 billion?dollars, to Crunchbase?
This is not because it is no longer imaginable to invest in cyberspace. The market is starting to normalize. Venture companies (VTs), which included non-critical and undifferentiated corporations that dominated the market in 2020-2021, will continue the next trend. Keeping up with the pack is rarely the same as making an investment to solve tomorrow’s cybersecurity. Challenges. This is where investment opportunities continue to be interesting.
Cyber is distinct from other deep technical fields because cyber has a persistent offense opponent—cyber threat actors. The offense is technically capable, well-funded and unconstrained in their behavior. They are dedicated to finding and creating exploits and vulnerabilities across all digital infrastructure. The increasingly sophisticated development of their offensive cyber capabilities is what drives innovation in the cybersecurity market.
This dynamic is unique to cyberspace and makes it imperative that the defense, at the very least, match the pace of innovation of the offense. Responding only to the immediate risk in front of you is a reactive, unsustainable, technique for cybersecurity. a never-ending game of Whac-A-Mole; Over time, your arm will get tired and you’ll miss the attack.
Looking through the lens of an offensive operator allows you to anticipate how new and niche cyber attacks evolved through state-sponsored outfits and will eventually manifest as broader cyber threats in the market. As Wayne Gretzky says, “You have to skate where the puck is going. ” be, not where it is going to be.
In cyber this means you have to anticipate where the offense is going to be so you can proactively deploy cyber defenses before the next threat vector comes online. Instead of playing Whac-A-Mole and defending against endless waves of critters, you unplug the machine and make sure none of them pop up. As Sun Tzu said in The Art of War, “The supreme art of war is to subdue the enemy without fighting.”
My idea is that new cyberattacks developed through teams with sufficient resources for offensive purposes will emerge as new risk vectors in the vast cyber market within four to six years.
These offensive innovations create blue ocean and market white space opportunities to build companies that provide novel defense applications against them. Entrepreneurs with offensive domain expertise are the ones best positioned to productize their expertise from a defensive perspective.
Take industrial cybersecurity—and specifically, a portfolio company of two of my companies—for example. In 2010, Stuxnet showed the potential of cyberattacks on ICS/OT systems. Five years later, Russian hackers cut off electricity to a quarter-million Ukrainians across multiple regions. Robert M. Lee, previously a U.S. Air Force cyber operator tasked to the NSA to identify and analyze national threats to industrial infrastructure, helped lead the incident response and investigation for that event.
Lee founded Dragos the following year to protect critical infrastructure. When the company funded through DataTribe in 2016 (full disclosure: I’m a co-founder and member of DataTribe’s investment board), and even after my company led the company’s Series A in 2017. , the universal backlash won out: it’s a wasteful position because there’s no market for commercial cybersecurity. But today, Dragos is regarded as a leader in the fast-growing commercial cybersecurity market, a market estimated to be worth $24. 4 billion over the next five years. years.
New attack vectors will emerge as the generation continues to advance at an immediate pace, especially in the realm of synthetic intelligence (AI). The militarization of knowledge and AI is creating entirely new risk vectors for defense to identify. AI Teams for Deep Video and Audio AI-powered spoofs and phishing attacks are already widely used by cybercriminals. These malicious uses were to be expected.
But how will we handle the next level of AI exploits? Take data poisoning, for example, where adversaries corrupt or manipulate machine learning data to alter AI outputs.
If we cannot accept our knowledge as true, we have nothing. This opens up a market for new knowledge provenance technologies that can provide a chain of custody of knowledge throughout its lifecycle, from creation to any modification, to ensure traceability and identify knowledge and accept it as true with authenticity.
The risk landscape is expanding dramatically and cyberattacks are engaged in a constant game of hunting, with cyber risk actors choosing when and where to attack their cyberattacks while we rush to catch up. An offensive and defense technique for cybersecurity allows us to anticipate their next move and stay ahead of them.
The data provided herein does not constitute an investment, tax or monetary recommendation. You consult a licensed professional for recommendations related to your specific situation.
The Forbes Financial Council is an invitation-only organization for leaders of successful accounting, monetary planning, and wealth management companies. Am I eligible?