Cybersecurity has never been hotter. Analysts say that $3.8 billion went into cybersecurity companies in 2015, a year which saw five private companies in the market reach more than $1 billion in valuations, and others – such as Rapid7, Sophos and Mimecast -- filed for IPO.
The market’s rise has been impressive – CB Insights says that last year’s funding figure represented a 235 percent increase from the $1.1 billion ploughed into 166 deals in 2011. No surprise then that big firms like Intel Capital, Google Ventures and Qualcomm Ventures have become the sector’s most active investors, all eyeing up the next potential unicorn.
This explosion in funding hasn’t solely been confined with VCs, with the cybersecurity M&A market exploding in recent months. PwC reports that total deal activity since 2008 has exceeded $22 billion globally, with 451 Research noting that the number of security acquisitions has risen 41 percent in the last two years.
Most notably in 2015, Symantec gobbled up the Bain Capital-backed Blue Coat for $4.6 billion.
In many ways, none of this should come as any great surprise. After all, over the last three years we’ve seen a record number of data breaches, including some of the most notable such as OPM, Target, Sony and JP Morgan, some of which have resulted from the discovery of (and exploitation of) zero-days like Shellshock and Heartbleed.
All of the above may point to a booming cyber-security market, but this is not strictly the case.
Recent figures suggest that while funding does continue to flow to more established vendors, and promising start-ups, deals now take longer to piece together. Market consolidation is on its way and VCs, it appears, are not parting with their cash as easily they once were.
Does this mean that the big boom has stopped? And could that actually be a good thing for the market as a whole?
Cybersecurity has been on a rocket ride, but the record growth of 2015 is petering out. CBI says that cybersecurity deals peaked last year but slowed down in the first two quarters of this year.
But the market isn’t slowing down too much – CBI still expects funding for such companies to surpass $3 billion of investment, across more than 300 deals, by the end of 2016. This is admittedly below the level of the 2015 but still “well above” those figures reported for 2014.
But is this slowdown actually a good thing? Is this a sign of a maturing market, or perhaps or more considered, thought-out investments? Experts seem to be split.
The overall slowdown in funding is happening because VCs are becoming more discerning with their cybersecurity investments.
Sign up for CIO Asia eNewsletters.