How to create a security startup and bag VC millions – step one: Containers, AI or cloud
Step two: Keep doing that
While venture capitalists have been tightening their belts over the past year, there’s still a lot of love and funding for security startups – especially if you’re working in the right areas.
During a panel discussion at the Structure Security conference in San Francisco today, a trio of top VCs identified three key areas where security startups would have no problems getting initial funding: cloud security, containerized protection, and machine learning – although that last area comes with caveats.
Asheem Chandna, a partner at venerable VC firm Greylock Partners, and Theresia Gouw, managing partner at Aspect Ventures, both said they were investing heavily in cloud security outfits, since they matched the tech industry's ongoing movement to the cloud and the need for increased security budgets.
“In the last two decades that I’ve been doing this there never been a better time to be in this [security] business,” Chandna said. “Look at how important it is to buyers and how the checkbooks are open. Most people expect security budgets to double in the next few years – it’s a good time to be an entrepreneur in the cloud space, but for customers it’s confusing.”
The second area of interest among funders is containerization, and how it can be secured and used to protect data and applications. Alex Doll, founder of Ten Eleven Venture, said it was an area his firm was spending a lot of time and money on.
“When we look at containers it's as big a trend as Linux was a decade ago, or virtualisation was a few years ago,” he said. “We think the containers trend is a series-A level for investment funders.”
Machine learning for security was also a hot area, he said, but warned it required care to train up AI models with high quality information – to sort the wheat from the chaff, in other words. True machine learning systems in security are rare, and too many startups claim they are applying AI techniques when, in fact, they are simply running human-overseen data mining, and often coming to the wrong conclusions.
Chandna said that VC funding for the broader IT area is shrinking slowly, as VCs winnow out the “me-too companies” and those without a realistic growth plan. For security, there is still a lot of startup moolah out there for budding entrepreneurs to tap.
But before you tell your boss he or she's a pillock and rush out to set up your own firm, be warned. While getting initial series-A funding is relatively easy, getting more funds out of VCs is getting a lot harder.
“A-level funding is still easiest to raise,” Chandna said. “Series B is easier but valuations have come down. But when it comes to Series C or D then firms need to show real progress and customer wins. The cost of capital has gone up.” ®