cybersecurity-6.5.18As the number and types of cyber-attacks continue to rise, enterprise security has become more difficult to manage. 

Since 2010, U.S. spending on cybersecurity has more than doubled, rising from $27.4 billion to a projected $66 billion this year, according to Statista. 

While some enterprise companies rely on dozens of cyber vendors to help protect them, this creates additional management challenges for CISOs and security teams. 

HMG Strategy recently caught up with Will Lin, Principal & Founding Investor at ForgePoint Capital regarding the types of cybersecurity companies he invests in and where he sees the greatest value going forward.

HMG Strategy: What types of cyber companies are you most excited about and why? 

Will Lin: The way I've been approaching investments is seeking win-win opportunities to work with the security practitioners that are naturally the earliest adopters amongst their peers. They are forced to encounter pressing problems where their best option is to work with early-stage companies hungry to help. In a ten-year trend, they might be customers in year one or year two. I work with companies that are helping leading-edge CISOs solve problems. In VC terminology, these are companies at the Series A and Series B stages. 

What are some market factors that are impacting security?

WL: At a high level, when the market starts to plateau, companies tend to focus on a working with consolidated providers. When the market is up, there tends to be more focus around innovation. Overall, the market tends to drive how early leading-edge customers are willing to invest.

Currently, we are seeing instability in market growth which is shining a spotlight on historical investments into experimental technologies. For the next few years, I predict practitioners will primarily focus on "back to the basics" security issues and replace existing solutions versus working on new problems.

Can you cite some of the cyber companies in your portfolio that fit this profile?

WL: This is hard question because our team is on the board of 17 cybersecurity companies. A good example is IronNet Cybersecurity, formed by the former head of the NSA and U.S. Cyber Command, General (Retired) Keith Alexander. NSA is the U.S.' offense and cyber command is the U.S.' defense. Few have General Alexander's context into the cybersecurity ecosystem.  

With IronNet, General Alexander and his team are leveraging their lessons learned to work on the fundamental issues with the patchwork network security solutions while also solving the inefficiencies related to threat sharing. 

Another example is a stealthy company called Uptycs which we plan to announce in the next few weeks. The founder, Ganesh, is a former chief architect at Akamai. The team knows how to build things that scale like at Akamai. They are helping address the basic problem of endpoint security. 

Our most recent investment, yet-announced, is into a company called LoginRadius, founded by former web developers. They are solving the fundamental issue CISOs, CIOs and developers encounter when undergoing customer-facing digital transformation projects. 

What are some of the benefits these companies are bringing to the market?

WL: All three companies are fairly stealthy. They don't spend a ton of money on marketing or attend many conferences. They're focused on delivering for their customers.  

With IronNet, the customers that love them are some of the largest companies in the world. Thanks to Keith's former role as the head of the world's largest security agency, IronNet provides the full spectrum of defense on the network. Not just the sensor but also the data gathering, the anomaly detection, and the expertise to correlate alerts with what's happening on the network. 

The part that's extremely exciting about IronNet is their threat information sharing network. What General Alexander has done is created an automated way to share the threat intelligence. The product is called IronDome and he has signed up multiple companies in several industries that are already sharing raw threat intelligence. 

For Uptycs, the key value there is that today there are too many silos of security. If you want to do whitelisting, that's one agent. If you want to extract endpoint data, that's another agent. This is creating a huge overhead. What the future looks like is one agent per sensor per endpoint. That agent sends the data to the cloud. This leads to very little overhead and a much more streamlined approach.

LoginRadius' key benefit is enabling enterprises to freely deploy customer-facing applications for multiple use cases. As the number of use cases increase, the complexity of managing customer information and identities becomes increasingly untenable. LoginRadius provides a horizontal integration layer to enable seamless authentication for all customers and across all applications (Mobile, Web, IoT, Voice, etc.)

What are some trends and developments in cyber security you're most excited about going forward? 

WL: I'm very excited about the "back to the basics" focus. Security is inherently an industry where it is very hard to measure ROI. We've seen a lot of new ideas in the past few years and what we're seeing now is that many of those new ideas are really iterations of existing solutions. This change in perspective is leading to a better relationship between startups, acquirers and customers.