2. Which subsectors are getting funded?
These 16 stand out:
Subsector Purpose
Anomaly Detection
Detects anomalous activity on the
network. Usually used for Insider threats
(DarkTrace, RedOwl)
Bug Bounty
Platform for hosting bug bounties
(HackerOne, Synack).
Cloud Security
Protects corporate data / applications
in the cloud (Adallom, HyTrust).
Code Security Analysis
Scans source code for vulnerabilities
(Checkmarx, BugCrowd).
Data Security
Traditional DLP and companies
that protect data (enSilo, Ionic).
Endpoint Protection
Traditional and next-gen antivirus
and related tools (CrowdStrike, Tanium).
Fraud detection
Detection / mitigation of transaction fraud
(Pindrop Security, fraudmetrix)
Identity & Access Mgmt
Identity verification and permissions
management solutions (Thycotic, Duo).
I used data from CB Insights, Mattermark, and CrunchBase. I scrubbed the data, and categorized each company by subsector.
3. Subsector Purpose
Incident Management
Companies that manage the
necessary workflow post-incident
(PagerDuty, Co3 Systems).
Mobile Security
Mobile device management and other
companies focused on securing
mobile phones (Hypori, Mocana).
Network Security
Traditional intrusion prevention,
network monitoring and related
solutions (Tenable, AirTight).
Secure Communications
Solutions for secure email, text and
other forms of communication (Silent
Circle, Rubicon Labs).
Security Ratings
Companies that provide ratings on
companies’ security status (Bitsight,
Security Scorecard).
Security Training
Anti-phishing and related training for
corporate employees (PhishMe,
Wombat)
Threat Intelligence
Solutions that monitor external and
internal networks for potential threats
(Cyphort, iSight).
Web Security
Secure web gateways and related
products (Zscaler, Menlo Security)
Which subsectors are getting funded
(cont)?
4. Where did the Money Go?
2014
$2.1 Billion in cybersecurity funding across 231 rounds
$0
$50
$100
$150
$200
$250
$300
$350
0
5
10
15
20
25
30
35
40
45
50
# of Rounds Funding
5. Anomaly
Detection
2%
Cloud Security
10%
Code Security
Analysis
1%
Data Security
8%
Endpoint
Protection
6%
Fraud
detection
10%
IAM
16%
Incident
Management
4%
Mobile
Security
6%
Network
Security
19%
Secure
Communi-
cations
4%
Threat
Intelligence
7%
Web Security
5%
Companies Funded
Anomaly
Detection
2%
Cloud Security
14%
Code Security
Analysis
2%
Data Security
5%
Endpoint
Protection
12%
Fraud
detection
5%
IAM
15%
Incident
Management
3%
Mobile
Security
12%
Network
Security
14%
Secure
Communi-
cations
3%
Threat
Intelligence
7%
Web Security
5%
Funding Received
2014
Endpoint protection companies received 12% of funding despite
representing just 6% of funded companies
6. Where did the Money Go?
2015
$1.87 Billion in cybersecurity funding across 164 rounds thus far (8/12)
$0
$50
$100
$150
$200
$250
$300
$350
0
5
10
15
20
25
30
# of Rounds Funding
7. Anomaly
Detection
6%
Bug Bounty
1%
Cloud
Security
7%
Code Security
Analysis
1%
Data Security
9%
Endpoint
Protection
7%
Fraud
detection
10%
IAM
15%
Mobile
Security
8%
Network
Security
13%
Secure
Communi-
cations
4%
Security
Ratings
1%
Security
Training
1%
Threat
Intelligence
7%
Web
Security
9%
Companies Funded
Anomaly
Detection
5%
Bug Bounty
3%
Cloud Security
12% Code
Security
Analysis
5%
Data Security
8%
Endpoint
Protection
16%Fraud
detection
6%
IAM
9%
Mobile
Security
5%
Network
Security
7%
Secure
Communi-
cations
4%
Security
Ratings
2%
Security
Training
1%
Threat
Intelligence
8%
Web Security
10%
Funding Received
Endpoint protection companies continue to get the big checks: EPP
companies received 16% of funding despite representing just 8% of
funded companies
2015
8. Compare 2015 to this time 2014*
We’ve seen an 11% increase in # of rounds over this time last year
(164 vs. 147), but a more than 36% increase in funding ($1.87B vs. $1.37B)
*The period 1/1/14 through 8/12/14
0
5
10
15
20
25
30
35
# of Funding Rounds
2014 2015
$0
$50
$100
$150
$200
$250
$300
$350
Total Funding
2014 2015
9. Where is the increase coming from?
Not from the distribution of round type —
that has stayed relatively constant.
Pre Series A
27%
Series A
32%
Series B
13%
Series C
8%
Late
12%
Debt
8%
2014 # of Rounds (through 8/12)
Pre Series A
26%
Series A
27%
Series B
16%
Series C
12%
Late
9%
Debt
10%
2015 # of Rounds
10. Not from the distribution of funding by round type — late stage funding as a
share of total funding decreased by 10% in 2015
(although the share of funding coming from late + Series C rounds
stayed constant at around 50%).
Pre Series A
3%
Series A
18%
Series B
26%
Series C
28%
Late
22%
Debt
3%
2015 Funding
Pre Series A
3%
Series A
22%
Series B
24%
Series C
17%
Late
32%
Debt
2%
2014 Funding (through 8/12)
11. It is coming from the across-the-board increase
in amount of funding provided in each round.
This largely holds for both the mean and median.
0.9
6.4
17.5
19.4
25.8
2.3
1.3
7.4
17.7
27.7 27.6
3.8
$0
$5
$10
$15
$20
$25
$30
Pre Series
A
Series A Series B Series C Late Debt
Mean Round Size
2014 2015
0.5
6.0
12.0
19.0
16.5
0.51.0
6.9
17.0
24.5
13.4
2.3
$0
$5
$10
$15
$20
$25
$30
Pre Series
A
Series A Series B Series C Late Debt
Median Round Size
2014 2015
12. What About the Exits?
IAM companies represented ¼ of the 60 cybersecurity exits in 2014.
There have been just 23 exits in 2015 (as of 8/12).
There were 40 by this time last year.
Cloud
Security, 6,
10%
Data Security,
3, 5%
Endpoint
Protection, 3,
5%
Fraud
detection, 7,
12%
IAM, 15, 25%
Mobile
Security, 10,
17%
Network
Security, 8,
13%
Secure
Communicatio
ns, 3, 5%
Threat
Intelligence, 2,
3%
Web Security,
3, 5%
2014 Anomaly
Detection, 1,
4%
Cloud
Security, 4,
17%
Code
Security
Analysis,
1, 4%
Data Security,
2, 9%
Fraud
detection,
2, 9%
IAM, 3, 13%
Mobile
Security, 2,
9%
Network
Security, 3,
13%
Unified Threat
Management*,
3, 13%
Threat
Intelligence,
1, 4%
Web Security,
1, 4%
2015
*Unified Threat Management refers to Websense, Fidelis and Blue Coat
13. Key Takeaways
S Endpoint protection companies continue to receive an
outsized portion of funding relative to the # of companies
funded (think Tanium, Cylance, Crowdstrike).
S Round sizes are increasing — especially in Series C
rounds (think Crowdstrike and Illumio). Is the Series C
the new pre-IPO round?
S Cybersecurity M&A (in # of deals) is way down. Are high
valuations scaring strategic buyers away?
I’m wary about drawing conclusions
from less than two full years of data, but…
14. Thanks for Reading!
S I’m a college student at the University of Pennsylvania
going into my senior year. I’m passionate about tech and
tech investing. You can sign up for my cybersecurity
newsletter here, and read past issues here.
S Email me with any questions or feedback!
normile@wharton.upenn.edu