While security needs around software development, applications, and data remain, cybersecurity startups will likely continue to grapple with a new fundraising reality as 2023 dawns.

Industry experts expect the cyber fundraising market to continue to soften – although 2022 will easily be the second-best year ever for venture capital raising in the industry.

“I think we’re back to normal,” said Alberto Yepezco-founder and managing director of Forgepoint Capital — which specializes in investments in cybersecurity and infrastructure software. “You’re already starting to see that.”

Search less. Close more.

Increase your revenue with all-in-one prospecting solutions powered by the leader in private business data.

2021 set an industry record, with more than $23 billion raised by VC-backed startups across networking, cloud and cybersecurity, according to data from Crunchbase. While 2022 will only see around $16 billion, that’s still nearly double 2020.

“Overall, you just see much more realistic valuations,” said Stephen Wardgeneral manager at Insight Partners, which invests in cybersecurity. “I think in 2023 you’ll see the same kind of thing that we’ve seen for the last six months.”

Not 2021

The days of a cybersecurity startup generating less than $1 million in revenue seeking a pre-money valuation of $300 million are over, Yépez said. The market is normalizing, he said, especially as more “tourism investors” – those not focused on the sector – have left.

This does not mean that funding is not available.

“Good businesses will get funded,” Ward said. “They always do.”

Dino Boukourisfounding director of a financial advisory firm based in San Francisco Momentum Cybersaid that while considering VC funding in general, it is important to remember that there is a record amount of dry powder – estimated at over $300 billion for US VCs alone – that needs to be deployed.

“Furthermore, cybersecurity spending and budgets continue to grow, even in the midst of a recession,” he said. “As such, given the underlying strength of the industry, coupled with an increasing amount of dry powder, I expect to see much stronger investment activity. [in 2023] as this capital is deployed.

Looking for an exit

For cyber startups struggling to raise funds, more exits may become available, but perhaps not the much-dreamed-of IPO.

“With the overall deterioration in the economy – interest rates, supply chain issues, etc. – I don’t see the IPO market opening up soon,” Yépez said, adding that it could be end of 2023 at the earliest.

However, Boukouris said he believes as soon as public markets recover, the IPO window will naturally reopen.

“We are already hearing about companies preparing filings for 2023 in anticipation of a market recovery,” he said.

While companies like Snyk, netscope, arctic wolf and others are high on the list for IPO hopefuls, a number of whom have run into trouble in 2022, with massive layoffs and other challenges to sustain growth.

“It will be interesting to see which companies resume preparing for their IPO and which may seek other alternatives,” Boukouris added.

This alternative could be M&A.

“Right now people have money from what they raised in 2021,” Yépez said. “But you will see an increase in mergers and acquisitions. Right now, acquirers are on the sidelines…as startups struggle to get up and running, you’ll see them take action.


Some of the same things — or offshoots of them — will continue to drive cybersecurity trends in 2023, experts say.

“I think data is the next frontier,” Yépez said. “People don’t even know where their data is.”

Startups that can help with assessment, security posture management, and data rights and privileges will continue to be scrutinized by investors, he said.

Also, while the term “left shift” – the practice of moving testing and performance evaluation up in the software development process – will continue to be in vogue, so will the “upward change”.

Shift up is the attempt to streamline the protections of your clouds, containers, laptops and servers into a single platform. This allows companies to move away from more siled IT tools and apply rules, privileges and entitlements across the entire operation.

Yépez invested in one of these startups, based in Massachusetts Uptycs. There will likely be others joining the market, including bigger players like CrowdStrike and Palo Alto Networks.

In general, information security managers want fewer one-time tools and more platformers as they try to maximize their dollars in a slowing economy, Ward said.

“Tool fatigue is a very real thing,” he said.

“Companies need to ask themselves, ‘What do CISOs want?’ ” he added. “They don’t want long deployments of six to 12 months. Companies need to be able to show their value proposition faster.

Stay up to date with recent funding rounds, acquisitions and more with the Crunchbase Daily.

Source link

Leave A Reply