Wysopal said that venture capital is not “perfect” for all cybersecurity startups. “VCs usually want to see huge returns on their investments. They want to grow companies into the hundreds of millions or billions of dollars. If you a good idea that maybe can grow to $50 million…it is actually really hard to get funding”, Wysopal told an audience gathered this week for the launch of the Advanced Cyber Security Center in Bedford, Mass.
“In the cybersecurity space, almost all innovation happens in small companies. So it is critical that we invest in small companies and make it easier for entrepreneurs to start their own company”, he said.
The Veracode founder criticized federal government funding, such as Defense Advanced Research Projects Agency programs, for not being geared toward entrepreneurial startup firms. He noted that Veracode has been successful with the CIA’s VC investment arm INCUTEL. “They look to invest in companies that are building technologies useful to the intelligence community”, he said.
Douglas Lloyd, chief executive officer of Global Security pipeline, appears not to share Wysopal’s dim view of VC investment in cybersecurity startups.
“Cybersecurity continues to attract the venture capital community. While buyouts dominate the more established parts of the global security sector, such as defense, the prevalence of cyber security threats in a relatively nascent market is driving innovation and attracting investors”, he said.
Bob Ackerman, founder and managing director of VC firm Allegis Capital, thinks the VC opportunities in cybersecurity startups are “limitless” because government agencies and companies have “no choice but to continually update their security protection against ever more sophisticated and determined hackers.”
According to Global Security pipeline, cybersecurity accounted for $1.1 billion of venture capital investment, representing 58% of total VC investment in the global security sector in the second quarter of 2011. In addition, cybersecurity was the strongest area from a mergers and acquisitions (M&A) perspective, representing 40% of all M&A deals in the security sector.
Cybersecurity continues to witness a substantial number of small-scale acquisitions while the more traditional verticals in the global security sector are seeing mid- and top-tier companies merge as investment opportunities and growth prospects start to wane, the report noted.
Editor’s note: A previously published version of this story incorrectly attributed the statistics on VC investment in the cybersecurity sector to Venture Capital Report. The statistics are in fact from Global Security pipeline’s Q311 report. This original article has now been updated, and we apologize for this error.