Cybereason Sets Sights on Unicorn Status
$200m investment from SoftBank Group has put Cybereason within touching distance of unicorn status. Luke Christou looks at how the investment sits within the wider cybersecurity industry
Image courtesy of Jer123 / Shutterstock.com
Cybereason has raised $200m in investment from Japanese conglomerate SoftBank Group and its affiliates, leaving the firm just shy of a $1bn valuation that would see it enter cybersecurity’s fast-growing unicorn club.
Cybereason has grown rapidly over the past two years, having watched its customer base increase by more than 300%. The company now monitors more than six million endpoints globally. That growth is largely down to its success in the endpoint protection (EPP) market. Its endpoint detection and response (EDR) platform has delivered customers superior security results while using fewer resources.
The firm has achieved a ratio of one analyst to 150,000 endpoints, compared to an industry average of one analyst to 20,000 endpoints. This is achieved by automating large parts of the threat detection process, which helps in part to overcome the current shortage of approximately three million cyber analysts.
“We are leading the wave, becoming the world’s most reliable and effective endpoint prevention and detection solution because of our technology, our people and our partners,” Lior Div, CEO of Cybereason said. “We help all security teams prevent more attacks, sooner, in ways that enable understanding and taking decisive action faster.”
With total equity reaching $389m following the latest funding round, Cybereason plans to ramp up operations in all geographies, “aggressively” growing its number of partners while continuing to improve its EPP platform.
The firm plans to build the world’s first full stack offering for truly autonomous security, which Cybereason CTO Yonatan Striem-Amit says will “democratise and transform” the cybersecurity profession by freeing up time for cybersecurity analysts.
A recent study carried out by security research firm Ponemon Institute found that 65% of cybersecurity analysts have considered quitting their role due to workplace stress. However, 67% believe that increasing spending on automation would improve their current situation.
With an additional $200m in investment, SoftBank has increased its total investment in Cybereason to approximately $360m.
SoftBank first invested $59m in the firm in 2015, before adding another $100m to the pot in 2017.
Cybereason is one of a number of promising technology companies that has attracted the attention of the Japanese conglomerate since it launched its $100bn Vision Fund to invest in growth stage tech startups in 2017. SoftBank has invested billions in the likes of Didi Chuxing, Uber, WeWork, Grab and Flipkart.
As well as SoftBank, Cybereason has also raised capital from venture capital firms CRV and Spark Capital, as well as the investment division of defence giant Lockheed Martin.
Combined, these investments have given the firm a total value of $900m, which leaves it just short of achieving unicorn status – a $1bn valuation, and the holy grail of growth stage technology startups.
“Just nine cybersecurity firms had achieved unicorn status prior to 2019. However, four firms have joined the club already this year.”
According to data from CBInsights, just nine cybersecurity firms had achieved unicorn status prior to 2019. However, four firms have joined the club already this year.
In fact, the cybersecurity unicorn club had grown by 44% in less than six months since IT monitoring solution Kaseya hit the milestone in March. Auth0 followed in May, as a $103m series E funding round confirmed that it had doubled its value in 12 months. KnowBe4 and Druva’s own funding rounds both confirmed their place in the club in June.
They join Qi An Xin, Darktrace, 4Paradigm and Netskope, all of which achieved a $1bn valuation in 2018.
Breaches drive investment
According to Aarti Samani, the product and marketing director for biometric technology firm iProov, who has decades of experience seeking finance for high-growth startups, investors are likely responding to the various highly-publicised security breaches that have occurred in the past few years.
Regulators are getting tough on those that fail to protect consumer data. The United States Federal Trade Commission (FTC) broke its record fine for privacy violations twice in a week last month. That was shortly the UK’s Information Commissioner’s Office (ICO) handed British Airways a record £183m fine for a 2018 breach.
Given the potentially costly consequences of poor cybersecurity, business spend is expected to reach an all-time high in 2019, and investors have seen dollar signs.
“All it took was a misconfigured firewall and an experienced software engineer with some clever knowhow to compromise all of this data.”
“Last year saw a number of security breaches, and this will only continue as more services are accessed digitally by more people,” Samani explained. “Innovative technology is currently being deployed to fight these problems, which has caught the attention of investors who are making funds available for cybersecurity firms.”
However, while cybersecurity firms are reaping the rewards now, Samani doesn’t believe that will last forever. As the market becomes more saturated – and companies like Cybereason continue to do more with less – investors will begin to air caution when investing in the cybersecurity market, ensuring that the products they are betting on provide genuine value.
“The space is becoming increasingly competitive however, and it’s getting more and more difficult to identify genuine disruptors from the general noise,” Samani told Verdict. “We expect investors will turn their due diligence process up a few notches and begin to target the real problem solvers.”