Thoughts from RSA and the Climate for Security Startups The year ahead in security tech and VC

Just getting back from a few days at RSA. We kicked it off Sunday night with a boldstart founders and execs dinner where we talked about what’s next in cybersecurity with some of our portfolio companies like security scorecard, bigid, snyk, stealth co and many friends from the industry representing strategic partners and IT buyers. After a couple more days of straight security talk with lots of new vendors, VCs, strategics and CISOs, I wanted to share a few observations. Many of these are not earth shattering but important to cover nonetheless.

  1. There are way too many cyber security startups. A record $3b went into these companies in 2016 and $2.5b in 2015. Many startups are features or products and not businesses. Each category and mini category used to only have a few vendors and now you can expect up to 10. Lots will struggle and go out of business and industry consolidation is ahead.
  2. That being said, cyber security budgets keep increasing! Banks like JP Morgan spent $500mm on security and yet they are still not secure. While many large cos will still buy from best of breed startup vendors, the landscape is changing as Palo Alto Networks and Symantec keep incorporating new tech and provide an integrated seamless stack.
  3. Which leads me to my next point. One CISO of a large bank told me that his team met with over 300 vendors last year. Large companies can’t possibly integrate all of these disparate technologies and the more you have, the more false positives you have.
  4. Rise of Nation State attacks – more sophisticated and deadly – many are targeting the largest financial institutions.

    Read More

Enterprise Collaboration Wars Lessons for SaaS startups

It’s going to be fun to watch the enterprise collaboration wars and how each company is approaching the market! In my mind it is a microcosm of many battles being played out with startups versus incumbents. Do large enterprises go for “best of breed” providers or the “one throat to choke” model? How does the bottom-up model work versus the traditional top-down enterprise sales model? As for collaboration, here is a view of some of the players:

  1. Slack – bottom up, adding enterprise features, but not on-prem yet, many early adopter enterprises but can they bridge gap to more traditional
  2. Microsoft – Teams, product not as fleshed out but starting with bases of thousands of enterprise clients due to enterprise company licenses, does that mean adoption?
  3. Box/Dropbox – coming at it from a technically commodity base layer of file sharing and storage, trying to add stickiness on top with Paper by Dropbox and Notes from Box
  4. Google – has Gsuite for Google Cloud – do they add a collaboration layer or do they just buy someone else?
  5. Salesforce – has Quip, do they keep adding layers on top?

and many others…

Read More