Security Industry Experts Share Thoughts on Why Cybersecurity Unicorns Are No Longer Rare Sightings
Several industry professionals have shared thoughts on why we are seeing a surge in cybersecurity unicorns. Some believe the trend is a result of speculative strategies while others believe it reflects the growing importance of cybersecurity.
In March 2020, shortly after COVID-19 was officially declared a pandemic, SecurityWeek reached out to several experts for their thoughts on the effects of the pandemic on early-stage venture investment in cybersecurity. While most agreed that there would be some negative impact, investors were optimistic.
Since then, tens of companies have announced raising millions, tens of millions and even hundreds of millions of dollars, and many have become “unicorns” after being valued at more than $1 billion as a private company.
SecurityWeek has identified more than 30 cybersecurity unicorns, with 13 of them announced in the past months alone. The 13 companies to achieve billion-dollar valuation since November 2020 are Aqua, Axonius, BigID, Coalition, Feedzai, Forter, ID.me, Lacework, Orca, OwnBackup, Socure, Venafi and Wiz.
Private market data provider PitchBook told SecurityWeek that a record was set in the first quarter of 2021, with 12 cybersecurity unicorns created globally, which is more than double the previous quarterly high.
SecurityWeek contacted several industry professionals to get their thoughts on this surge in cybersecurity unicorns and here is what they said:
Will Lin, Partner, ForgePoint Capital:
“We’re seeing increased conviction in software companies’ ability to rapidly grow into a public company and beyond. Coupled with public market valuation highs, startups have been well-poised to succeed in this valuation environment.
When looking at multiple multi-stage and cross-sector funds, cybersecurity has been identified by many investors as a significant contribution to their returns over the past cycle. With that data and experience in mind, what we’re seeing is investors drawing patterns from those outcomes, gaining confidence in the vertical, and investing in companies demonstrating those positive signals earlier in their lifecycle.
The flip side is that some of these predictions will be wrong and considering how much additional capital is getting invested in these companies, it’s further upping the stakes for the industry.
At the end of the day, it all comes down to the customer. They are going to invest and grow their budgets differently than investors. When startups and investors are significantly off the mark from the ultimate customer, no matter how well a startup executes, those companies can only be so successful.”
Venture capital investor and analyst (anonymity granted):
“I believe we are seeing ‘Synthetic Unicorns.’ I would define these as early stage companies where the unicorn valuation is being driven by optimistic investors that are intent on building a new platform company that can compete against existing platform leaders such as Palo Alto Networks. This strategy feels somewhat inorganic and speculative since the valuation and unicorn status appears to be driven by strong initial growth among early adopters but doesn’t make sense when looked at through the traditional lens of a multiple of ARR. Time will tell whether this strategy makes sense.”
Brendan Burke, Sr. Emerging Technology Analyst, PitchBook:
“In 2020, forward revenue multiples for high-growth public cybersecurity companies more than doubled to around 40x, effectively halving the revenue target that startups must reach to achieve unicorn status. Growth equity investors are using public market comparisons to judge how much private companies are worth, even at a relatively early stage. While several years ago a startup might need to reach $100 million in annual recurring revenue to become a unicorn, only a fraction of that sum is required now. Startups can achieve unicorn status soon after finding product-market fit with the expectation of growth to much higher valuations in public markets.”
Hank Thomas, CEO, Strategic Cyber Ventures:
“After spending the last year scanning the universe for cybersecurity unicorns, I have strong opinions about this. Check to see if a unicorn’s horn is real, or if it is glued onto a horse. A real cybersecurity unicorn’s horn needs to consist of real scaled revenue somewhere north of fifty million annually depending on the type of technology. This revenue needs to be happening right now, combined with a realistic multiple that quality investors in the market are willing to pay.
There was an emerging chasm forming in the already fragmented security market that was radically accelerated by the pandemic. You now have a much clearer two class system of haves and have nots all competing for the same security budgets. The haves actually help secure key cyberspace terrain in a security environment that has changed radically in the past year. The have nots no longer are relevant in securing the new key terrain. If you are a have, and have managed your business properly to unicorn scale, you are now also the beneficiary of great market timing. Cybersecurity companies of scale are riding the tailwinds of amazing technology company valuations and the never-ending wave of cyber threat actors making headlines attempting to penetrate the world’s most lucrative targets.”
Yoav Leitersdorf, Managing Partner, YL Ventures:
“The number of companies being valued at over $1 billion is reflective of the market gaining a better understanding of how important cybersecurity is. The increase in the valuation of cybersecurity companies is commensurate with the increasing number of breaches and compromises that we see in the headlines. Digital transformation represents a myriad of new ways of doing business (e.g., cloud) and new attack surfaces and attack vectors. This also creates a demand for new security solutions.
COVID drove a rapid shift towards digital transformation. As digital transformation grows, we should see the security market grow with it. From the perspective of the customer, demand is huge. Massive opportunity exists for improved security on the tailwinds of big trends including cloud, data and application development.
Take for example Orca Security and Axonius … which we seeded and are now at billion-dollar valuations. The public markets are volatile, and the private markets appear quite hot — but what’s clear is there is a huge demand for cybersecurity solutions in the market.
It’s probably fair to say that many of these rounds in security are ‘fully valued,’ but we know from our vantage point that our teams are taking the lead in these must-have markets, and so while we always keep an eye on macro conditions, there will be massive winners in these mission-critical spaces, and so it’s probably smart to strengthen these companies’ balance sheets in today’s market. $1B is nothing to sneeze at. While it may not be as rare due to current market conditions, it is still pretty rare in the grand scheme of things.
Also, we see a shift in the market in terms of the goals and ambitions of the founders. These entrepreneurs aspire to build large, platform companies to compete with the bigger players, not just exits. That’s another reason why we see larger rounds.”
John Funge, Managing Director, DataTribe:
“One important driver in this unicorn trend is what is happening in the broader financial markets. In the past ten years or so, we have seen one of the strongest bull markets in history. From 2011 to 2021, the NASDAQ has increased nearly 4x. When this is combined with historically low interest rates, you end up with a lot of capital seeking return. In an environment where there is robust capital availability, valuations will continue to rise given the scarcity of mature, growth-stage companies to invest in. With some later-stage startups returning spectacularly for investors, it has further accelerated the feedback loop drawing additional investment to unicorn-stage growth equity … Cyber is a very large market that generally doesn’t exhibit strong winner-take-all dynamics like other parts of tech, such as social media. So, there is space in the market for multiple unicorn-scale companies to form.
When you look at the strong fundamentals of cybersecurity in the context of the broader financial market trends, it’s not surprising that cyber unicorns have become less elite and have lost some of their mystique to the fabled decacorn.”
SecurityWeek’s Cybersecurity Unicorn List (As of March 30, 2021)
*updated – 13 cybersecurity unicorns were announced since November 2020, not December 2020