Cybersecurity Ventures: Disrupting the Digital Frontier

By: Charles Patton | Published: 01/25/2024
Est. Reading Time:
3 minutes

In 1969, a team of researchers at UCLA sent the first message between two computers to Stanford on the Advanced Research Projects Agency Network (ARPANET). Often known as the forerunner of the internet, ARPANET was funded by the Department of Defense to link research institutions with government grants to speed technological development.  It only took a few years for one of the academics, Bob Thomas, to create a program named Creeper that could track network activity and report back its findings.  This was quickly followed by Ray Tomlinson’s Reaper antivirus software, which chased and deleted Creeper wherever it was found.

This tit-for-tat between Bob and Ray is the first example of cybersecurity in action, and for the past five decades, the battle between those looking to penetrate online networks and those erecting defenses has continued to escalate.  In 2023, end-user spending in the market for information security from cyber attacks was projected to reach $188B, which would represent 11.3% growth from 2022.  Estimates for how large this market can get vary widely, but a study by McKinsey pegged the top end at $2 trillion.

Why does such explosive growth appear likely?  One way to approach that question is to consider how much cybercrime costs today and how that’s likely to change.  The team at Cybersecurity Ventures estimated that cybercrime would cost $8 trillion in 2023 and $10 trillion by 2025 due to a host of costs, including data destruction, stolen money, IP theft, and reputational harm, among others.  Another barometer includes surveys of top executives purchasing cyber defenses as they are the ones writing the checks.  Morgan Stanley asked 100 Chief Information Officers in early 2023 about which programs would receive the largest spending increase, and Security Software came first.1  More revealingly, when asked which programs are most likely to be cut, none of the CIOs mentioned Security Software.  

Not only is explosive growth possible, but there are reasons to believe startups will have an outsized role to play in defending against the next generation of attackers.  One is that entrepreneurs can structure their firms to prevent today’s threats.  Cyber professionals have already started to see Generative Artificial Intelligence (AI) contribute to cyber attacks by making it cheaper for groups to run spear phishing or automated customer support scams.  The US government has noticed, setting up an AI Security Center within the National Security Agency (NSA) to guard sensitive information that can’t always be addressed with third-party software.  Similarly, advances in quantum computing threaten to make many current encryption methods obsolete.  Companies built to stop these new vectors of attack stand to benefit if they can outperform legacy players, and historically, incumbents have struggled to innovate on new products while staying at the cutting edge of their existing products.  This is especially easy because experienced cyber operators can offer consulting services independently to generate revenue while developing the next software program to productize their insights.

Why Entrepreneurs Need Venture Capital

Considering the size and growth of the cyber market, you might expect the venture industry to be rushing headlong into cyber.  TechCrunch’s data disagrees, and they estimate Security startups only raised $2.7B in funding over the first quarter of 2023, down 58% year over year.  Beyond a general funding malaise, VCs also might be reacting to the difficulties in investing in the space as a generalist.  Cyber-specific VCs enjoy advantages on the sourcing side because their relationships with executives purchasing cyber solutions can help startups get a foot in the door with potentially huge clients.  They are also advantaged with investment diligence because extensive experience allows them to more easily separate overhyped players from true security breakthroughs.  This is crucially important in an industry where companies can grow revenue before the flaws in their security solutions manifest.

Cybersecurity is an industry ripe for continued growth and disruptive innovation.  As investors consider how they want to position portfolios against potential disruptions from AI or quantum computing, it would be wise to consider how cybersecurity investments could function as an (imperfect) hedge.  We are excited to see how the space develops in the years ahead and hope that those building protective walls outpace bad actors seeking to scale them.

  1. Source: AlphaWise 1Q23 CIO Survey (n=100), Morgan Stanley Research. ↩︎
Download this article for later.
Sed ut perspiciatis unde omnis iste natus error sit voluptatem accusantium doloremque.
Share this Article
Terms of Service | Privacy Policy | GLBA Notice

This site is operated by Gridline Holdings, LLC ("Gridline"). Gridline does not give investment advice, endorsement, analysis or recommendations with respect to any securities. All securities listed here are being offered by, and all information included on this site is the responsibility of, the applicable issuer of such securities. Gridline has not taken any steps to verify the adequacy, accuracy or completeness of any information. Neither Gridline nor any of its officers, directors, agents and employees makes any warranty, express or implied, of any kind whatsoever related to the adequacy, accuracy or completeness of any information on this site or the use of information on this site. By accessing this site and any pages thereof, you agree to be bound by the Terms of Service and Privacy Policy

Past performance is not indicative of future results. All securities involve risk and may result in significant losses. Investing in alternative investment funds is inherently risky and illiquid, involves a high degree of risk, and is suitable only for sophisticated and qualified investors. Investors must be able to afford the loss of their entire investment. Alternative investment funds should only be part of an investor’s overall investment portfolio. Further, the alternative investment fund portion of an investor’s portfolio should include a balanced portfolio of different alternative investments. Investments in alternative investment funds are speculative and involve a high degree of risk and those investors who cannot afford to lose their entire investment should not invest. Additionally, investors may receive illiquid and/or restricted securities that may be subject to holding period requirements and/or limited liquidity. Investments in Alternative investment funds are generally highly illiquid and those investors who cannot hold an investment for the long term should not invest.

Any specific alternative investments funds referenced on this site are included purely for illustrative purposes and selected based on name recognition. Such examples are only partial, and readers should not assume that the investments identified were or will be profitable or are representative of investments by the alternative investment funds identified on this site. There is no guarantee that any alternative investment fund will achieve the same exposure to, or quality of, investments held by any existing fund referenced on this site.

Nothing on this page shall constitute an offer to sell or a solicitation of an offer to buy an interest in any investment partnership or other security. Any offer to sell or solicitation of an offer to buy an interest in an investment partnership may be made only by way of the partnership's final definitive confidential disclosure document and other offering and governance documents of any given fund (collectively, “Offering Documents”). The information on this site is qualified in its entirety and limited by reference to such Offering Documents, and in the event of any inconsistency between this site and such Offering Documents, the Offering Documents shall control. In making an investment decision, investors must rely on their own examination of the offering and the terms of any offering. Investors should not construe the contents of this site as legal, tax, investment or other advice, or a recommendation to purchase or sell any particular security.

The information included in this site is based upon information reasonably available to Gridline. Furthermore, the information included in this site has been obtained from sources Gridline believes to be reliable; however, these sources cannot be guaranteed as to their accuracy or completeness. No representation, warranty or undertaking, express or implied, is given as to the accuracy or completeness of the information contained herein, and no liability is accepted for the accuracy or completeness of any such information. This site may contain certain “forward-looking statements,” which may be identified by the use of such words as “believe,” “expect,” “anticipate,” “should,” “planned,” “estimated,” “potential,” “outlook,” “forecast,” “plan” and other similar terms. All such forward-looking statements are conditional and are subject to various factors, including, without limitation, general and local economic conditions, changing levels of competition within certain industries and markets, changes in legislation or regulation, and other economic, competitive, governmental, regulatory and technological factors, any or all of which could cause actual results to differ materially from projected results.

© 2023 Gridline Holdings, LLC