2018 saw a spate of major cyber attacks including the hacks of British Airways, Facebook and Marriott. Despite growing emphasis on and awareness of cyber threats, large organizations continue experiencing massive data breaches. And as the world becomes increasingly connected (cars and medical devices, among others), attack vectors are evolving and exposures multiply.
The Israeli cybersecurity industry has long been recognized as a hotbed for innovative solutions, and 2018 to be yet another strong year. Early stage companies raised more money than ever before to tackle emerging security threats like protecting the proliferating number of internet-connected devices and enabling blockchain technologies to thrive in more secure environments.
Growing seed rounds chasing greenfield opportunities
In 2018, the total amount of funding for Israeli cybersecurity companies across all stages grew 22 percent year-over-year to $1.03B. This closely matched the funding trends of 2016 and 2017 that each saw 23 percent year-over-year growth in funding amount. At the same time, 2018 saw 66 new companies founded, an increase of 10 percent over 2017, which represented a rebound after a dip last year (60 new companies in 2017 vs. 83 in 2016). Notably, average seed round increased to $3.6M in 2018 from $3.3M in 2017. 2018 marked the fifth consecutive year the size of Israeli cyber seed rounds grew. Since 2014, the average seed round size has increased 80 percent.
With industry growth metrics of Israeli cybersecurity up across the board in 2018, 2017’s dip in new cyber startups appears to have been an outlier. Not only does entrepreneurial interest in cyber look to be on the rise, investor enthusiasm, especially at the early stages, signals a market brimming with opportunity. Growing round sizes are interesting, but more revealing is following where this capital is flowing.
Emerging fields supplanting “traditional” technologies
The top emerging fields among new startups in 2018 included new verticals within IoT security, security for blockchain and cryptocurrencies, cloud-native security and SDP (Software Defined Perimeter). These nascent verticals drew considerably more attention than more “traditional” cyber sectors such as network security, email security and endpoint protection. Of all the emerging sectors, IoT drew the most investment with funding reaching $229.5M across all stages. What makes IoT particularly interesting is its continual branching into various new sub-domains including automotive, drones and medical devices.
Shai Morag, CEO and co-founder of Secdo, an Israeli cybersecurity firm acquired for $100M by Palo Alto Networks in mid-2018, sees these trends accelerating. “Innovation is going to keep happening in these areas for the next few years. We’ll also see innovation in third-party supply-chain risk assessment and management. Another wide-open field for innovation is SMBs. They are an underserved market hungry for full-stack solutions. These emerging fields are where I’m seeing the most excitement.”
Breaking out data on seed round funding into cyber startups targeting emerging vs. traditional markets reveals an even more pronounced growth trend. 2018’s aggressive early stage funding rounds disproportionately focused on companies pursuing emerging fields within cybersecurity. Of the 33 seed rounds raised in 2018, 20 (61 percent) went to companies in emerging fields. Even more striking, the sum of all seed rounds for emerging tech companies in 2018 was $79M, a 76 percent year-over-year increase. The numbers are clear, there is overwhelming investor interest in emerging cyber tech.
For example, the two largest seed funding rounds this year were in the IoT security domain. VDOO, founded by ex-Cyvera entrepreneurs (acquired by Palo Alto Networks in 2014 for $200M) and which develops security solutions for IoT vendors, raised an abnormally high seed round of $13M. Toka Cyber has secured $12.5M seed funding from Andreessen Horowitz and others, to develop and expand their IoT cybersecurity platform for governmental agencies. Twistlock, a pioneer developer of cloud-native security solutions raised $33M series C this year. BigID which protects sensitive data in light of GDPR and other privacy regulations raised both A ($14M) and B ($30M) rounds during 2018.
As the more traditional cybersecurity markets continue to consolidate and mature, prospects dim for “me too” cyber startups. We see that the industry still faces pressing problems in need of innovative solutions. Looming labor shortages, GDPR and other global data privacy legislation and the IoT explosion, are major challenges presenting substantial opportunities to incumbents able to provide relief. Investors and entrepreneurs sense greenfield opportunities on the horizon and are racing to plant their flags before the competition. This new divergent ecosystem is more selective of sophisticated, savvy investors and specialized, seasoned entrepreneurs.
Greenfields, not green founders
In 2018, 60 percent of founders had more than a decade’s worth of experience in the private sector–a 28 percent increase from 2017. The experience of these more seasoned founders came mostly from working in startups either as an executive or as an entrepreneur. Although Israel’s cybersecurity ecosystem relies heavily on the technical training potential entrepreneurs receive during service in the Israeli Defense Forces (IDF), in 2018, the proportion of founders coming straight out of the IDF fell to 2 percent, dropping from 10 percent the year before.
While nearly all Israeli founders leverage the skills and know-how acquired in the IDF’s various technological units, the need for experience from the private sector, either as an executive or an employee, seems to be more prevalent. Larger seed checks and larger ambitions are fuelling this push for more mature, veteran founders. Rising founders are not simply looking to build a novel technology and score a lucrative acquihire exit from an existing giant–they want to push into greenfield territory and stake a market-leading claim all their own.
Amichai Shulman, co-founder & former CTO of Imperva and a Venture Advisor at YL Ventures, gives such founders aiming to “own a market” the following advice: “Make sure you’re able to explain – primarily to yourselves – how your offering and product becomes something bigger than what it inherently is in the beginning. Be able to articulate how you expand (in the future) further into organizations, not just by ‘selling more’ but by solving bigger and more general problems.”
Cyber exits continue to overperform
Beyond general trends, 2018 also had many exciting individual exits. Checkpoint-Dome9 and CyberArk-Vaultive were notable because both acquirer and acquiree were Israeli — a mark of true market maturity. The acquisition of Sygnia by Singaporean holding giant Temasek also was remarkable because it shows that the Israeli cyber market continues to attract new classes and kinds of global strategic players each year. In addition, Thoma Bravo’s $2.1B acquisition of Israeli cyber firm Imperva made waves throughout the industry.
Tsahy Shapsa, co-founder of Cloudlock, which was acquired by Cisco in 2016 for $293M, reflected on the potential he sees coming from growing global investment. “From an entrepreneurial perspective, there is a constant dilemma between short-/mid-term exits and building a legacy company. As funding floods into Israel from around the world, temptation to sell early only increases. But all these exits have an advantage. They grow the pool of experienced, ‘repeat’ entrepreneurs and set the stage for more legacy companies to originate locally.” Zohar Alon, CEO and co-founder of Dome9 Security, which was acquired by Checkpoint in 2018 for $175M added the following guidance: “Israeli entrepreneurs should establish and maintain a constant communication channel with the local corporate development leaders, same as most do with the VC community focusing on product and go-to-market synergies.”
Israeli cybersecurity maintaining momentum
In 2018, investors became more domain-focused and preferred emerging fields. With traditional cybersecurity consolidating, emerging greenfields signal much stronger potential. Furthermore, growth continued both in cybersecurity startups as well as their fundraising across all stages, indicating rising confidence in the Israeli cybersecurity market.
The 2018 Israeli cybersecurity market boasted an excellent exit climate, highlighted not only by Imperva’s large-scale acquisition but also by the diversity in the types of players in the space. As such, the local cybersecurity market signals its ability to create and nurture large-scale security vendors, thereby attracting variety of both international and local players which continue identifying and capitalizing opportunities in this domain. For 2018, as has been the case for many years past, the state of the cyber nation is strong–and 2019 appears to promise more of the same.