Venture capitalists start to tap into cybersecurity potential

Experience matters as investors put cash into highly technical cyber innovations

Share on FacebookShare on Google+Tweet about this on TwitterShare on LinkedInEmail this to someonePrint this page

As man­ag­ing direc­tor of Allegis Cap­i­tal, a lead­ing seed and ear­ly-stage ven­ture cap­i­tal invest­ment house based in San Fran­cis­co, Robert Ack­er­man has placed a num­ber of big bets on emerg­ing cyber­se­cu­ri­ty com­pa­nies that have paid off handsomely.

This sum­mer, Allegis added a pair of respect­ed vet­er­ans from the cyber­se­cu­ri­ty ven­dor com­mu­ni­ty as ven­ture part­ners. John Stew­art, the leader of Cis­co Sys­tems’ Secu­ri­ty and Trust Orga­ni­za­tion, and Joe Levy, chief tech­nol­o­gy offi­cer at secu­ri­ty soft­ware and hard­ware sup­pli­er Sophos, joined Allegis as part­ners No. 7 and No. 8.

More: Few­er cyber­se­cu­ri­ty firms go public

John and Joe are two proven vet­er­ans in cyber­se­cu­ri­ty, and their expe­ri­ence will be invalu­able,” Ack­er­man said in announc­ing his new part­ners. “They are deeply con­nect­ed and have unmatched insights.”

Third­Cer­tain­ty recent­ly sat down with Ack­er­man to dis­cuss the wider impli­ca­tions of the con­tin­u­ing surge of VC fund­ing seek­ing to back star­tups with the poten­tial to deliv­er the next tier of dis­rup­tive secu­ri­ty innovations.

3C: How would you char­ac­ter­ize the threat land­scape that com­pa­nies of all sizes face today?

Ack­er­man: We are still play­ing a giant game of catch up. The OPM (U.S. Office of Per­son­nel Man­age­ment) breach is a clas­sic exam­ple of that … 21 mil­lion com­pro­mised records lat­er, here we are, ask­ing why wasn’t the damn data encrypt­ed? Not that encryp­tion is a sil­ver bul­let, but if you’ve got data that is a tar­get, why would you not encrypt the data?

More: OPM breach could be dig­i­tal Pearl Harbor

There’s a whole shift in think­ing that’s required. And I think we are in the very ear­li­est days of under­stand­ing the clev­er­ness of the adver­sary, the vul­ner­a­bil­i­ty of our net­works, and the solu­tions need­ed to pro­tect those networks.

3C: It’s clear inno­va­tion is com­ing. Where’s the smart mon­ey going?

Bob Ackerman,  Allegis Capital founder and managing director
Bob Ack­er­man,
Allegis Cap­i­tal founder and man­ag­ing director

Ack­er­man: Ven­ture cap­i­tal­ists read the same news that you and I do, so you’ve got a lot of entre­pre­neur­ial activ­i­ty jump­ing into the space. And you have a lot of cap­i­tal that wants to find place­ment in the space. But this is a space where expe­ri­ence mat­ters. In cer­tain seg­ments of the econ­o­my, there’s no penal­ty for lack of expe­ri­ence. Cyber is very dif­fer­ent. Cyber is deep sci­ence. It’s deep engi­neer­ing. It’s deep tech. And there’s a lot of con­text that you have to understand.

3C: What are some areas where inno­va­tion seems most like­ly to make a big difference?

Ack­er­man: I think we have to instru­ment every­thing. If you want to under­stand what’s going on in the net­work, you have to instru­ment the end­point then you have to instru­ment the network.

I think that encryp­tion is part of a broad­er theme of data integri­ty and data assur­ance. If the data were the tar­get, why wouldn’t you encrypt it as anoth­er lay­er of defense? So work will be done on encrypt­ing data with­out break­ing infor­ma­tion sharing.

Anoth­er part is what I call auto­mat­ic response or auto­mat­ic defense, which involves del­e­gat­ing auto­mat­ed sys­tems to take threat intel­li­gence and pri­or­i­tize it, so we know when it is tru­ly nec­es­sary for a human ana­lyst to enter the pic­ture. I think that’s a big theme.

3C: What about the notion that senior deci­sion-mak­ers want a baseline.

Ack­er­man: Yeah, we have to get to a point where we have that high-lev­el view of sit­u­a­tion­al aware­ness. That’s going to become a big issue. That’s some­thing we’re actu­al­ly work­ing on now. It has to do with know­ing where you’re strong and where you’re weak; under­stand­ing expo­sures and know­ing what you real­ly should be wor­ried about.

3C: Get­ting back to fund­ing, not all big bets will pay off, right?

Ack­er­man: The prob­lem demands inno­v­a­tive ideas and cap­i­tal to sup­port devel­op­ment of those ideas. There is always a risk that when cap­i­tal flows in at this accel­er­at­ed pace, things will get fund­ed that prob­a­bly shouldn’t. That’s not unique to cyber.

There will be areas of inno­va­tion where it will be very dif­fi­cult to dif­fer­en­ti­ate between the com­pa­nies. And when you have very bril­liant, but inex­pe­ri­enced, engi­neers meet­ing ven­ture cap­i­tal­ists in a hur­ry to get into cyber­se­cu­ri­ty, not every­thing that gets fund­ed is going to make sense.

More on cybersecurity:
When it comes to cyber­se­cu­ri­ty, gap between IT, board­room must be bridged
Third-par­ty ven­dors are the weak links in cyber­se­cu­ri­ty
New encryp­tion ser­vices boost con­fi­dence in the cloud



Posted in Cybersecurity, Featured Story