Top Cybersecurity Venture Capital Firms
Ranking of the Best VC firms & Trends within the Cybersecurity Industry
We've ranked the top cybersecurity venture capital firms in America. Alongside our list of the best VC firms, we've also compiled important trends in cybersecurity and the fastest growing sectors, which investors need to know.
The Hottest and Fastest Growing Sectors within Cybersecurity
#1 Healthcare & Insurance industry
On the hardware side: startups need to build protection for new hospital hardware and robotics. We must protect the core hardware in hospitals – EKG machines, heart monitors, pacemakers, oxygen respirators, and surgical robotics systems. This means providing secure blockers to protect against access from unidentified hackers. These hackers could easily interfere with the existing robotics. As robotics in surgical operations continue to increase, the threats will rise.
Additionally, there are opportunities in protecting hospital networks and security cloud systems for the largest hospital chains in the world including the U.S. Veterans Affairs (VA Hospitals), HCA, Inc., Ascension Health, Community Health Systems, NY Presbyterian, Catholic Healthcare West, Tenet Healthcare, Kaiser Foundation, the Cleveland Clinic and even regional chains such as The University of Pittsburgh, and MedStar Health at Georgetown Hospital.
On the cloud and software side, every time a patient’s data is uploaded on Electronic Medical Records (EMR) like General Electric’s Centricity, athenahealth, or Allscripts systems, there’s a risk that the patient’s data could be hacked. Even with the HIPAA rules, internal security like 256-bit SSL logins, and internal security, cyber threats exist against patient data. It’s absolutely critical that we start doing something now so that nothing like what happened with the OPM and Federal Government, happens with patient data. We’ll discuss Anthem Insurance’s breach next.
Insurance companies store more patient data than individual hospitals. With the added fact that insurance companies have begun merging and consolidating with the Affordable Care Act, or commonly known as Obamacare, there’s a real need to protect these behemoths from attack. Large insurance companies like UnitedHealth, Kaiser, Anthem, Cigna and Humana, need to do a better job distributing patient data, securing records in the cloud, and ensuring their own employees aren’t vulnerable to cyber phishing attacks.
When Anthem Inc. was attacked in 2015, immediately more than 80 million patient data was at risk. That’s equivalent to nearly one in five Americans.
#2 The Defense industry
On the hardware side: we see the biggest threats from cyber attacks being drone, space technology and military robotics. In each of these three, there’s ample opportunity for startups to protect the remote access capabilities of hackers, to ensure that our satellites are protected, and our on-the-ground defenses cannot be interfered with.
On the drone front: as remote operated drones carry-on more attacks abroad in countries like Syria, Pakistan, Iraq and Yemen, we’ve got to make sure that these drones aren’t susceptible to cyber-takeover. Drones like the RQ-1 and MQ-1 Predators can carry serious Hellfire missiles, Stingers, and Griffin air-to-surface weaponry. If one cyber-attack disrupted just one of the hundreds of monthly operative drones, an entire city could be attacked – killing thousands of civilians.
On the space and satellite front: increasingly our nation’s defense rests in arms of thousands of satellites that orbit around the Earth. Protected by the U.S. Air Force Space Command, the U.S. Army Space and Missile Defense Command (SMDC) and monitored by the Central Intelligence Agency (CIA) and National Security Agency (NSA), these satellites are crucial to our national defense. In a 60 Minutes Report by David Martin in April 2015, we saw first-hand how Chinese anti-satellite weapons could literally dismantle these satellites within an instant. According to General John Hyten, doing so could disrupt our nation’s ability to communicate with troops, collect intelligence and fly drones.
Because satellites, defense and military spending is in the hundreds of billions of dollars every year, we can’t think of a greater opportunity than this for cybersecurity startups.
#3 The “Internet of Things” industry
The biggest threat from the rise of the Internet of Things – will be devices installed in homes such as Google’s Nest thermostats, smoke detectors, cameras, from the unsecure routers and Wi-Fi networks, and lastly, remote security systems controlled by mobile devices.
Google must protect the constant data and monitoring taking place in the cloud through these devices. But consumers shouldn’t expect anything more than standard protecting from this company. After all, Google has a history of monetizing personal and private data. Startups who are willing to build on-top of these new devices could benefit substantially.
With the Internet of Things have come popular security systems like SimpliSafe, ADT, and Google’s Dropcam systems. In each hardware device, there’s a new vulnerability. According to a report by Forbes writer Kashmir Hill, researchers Colby Moore and Patrick Wardle of Synack, discovered serious vulnerabilities on the Dropcam device. With the click of a button on the back of the Dropcam, “(the) attacker could install spyware to turn the surveillance camera into one that surveils audio and video of its owners, or install a program that could make them see video of the attackers’ choosing," according to a Forbes article by Kashmir Hill.
Dropcam, Nest, and security systems like ADT are just the start of the rise in new home technologies – there will be more systems built, and we’ll continue to rely more on remote devices to bring comfort to our homes.
We cannot allow these vulnerabilities to continue. Consumers should be put on notice and companies must act fast before releasing new hardware for the home.
Startups and investors should look at these industries for cybersecurity: healthcare, insurance, defense, and the Internet of Things, as opportunities to build great products to protect America from cyber attacks. Each present ample opportunity for making money, while protecting the American consumers from malicious cyber attacks.
The Important Trends in Cybersecurity
#1 CYBERSECURITY TRAINING
Employee, vendor, and consumer education are a security concern on several levels. 77 percent of corporations in the U.S. use online learning in some format, and experts estimate that half of all college courses in the nation will be offered online by 2019. With so many people accessing courses online, which often includes downloading and uploading documents and media files, numerous doors exist for cyber criminals to gain access to corporate or university organizations. In some cases, all the hacker has to do is sign up for low-cost or free education programs to get a legitimate foot in the network's door.
The first cybersecurity front related to education and training is securing these resources. Web portals, online learning tools, mobile access points, and logins must meet rigorous security requirements; organizations should not allow resources to exist outside of a maintenance and audit environment. Activity should be logged and monitored, and automation tools put in place to trigger reports when activity levels on the network exceed what are considered normal parameters.
The second front related to training is training employees regarding cybersecurity. Training should occur during onboarding and be continuous throughout an employee's career with an organization. Companies should train staff to use strong security protocols including strong password management, to be cognizant of security threats such as phishing, and to use business technical resources in keeping with policies and procedures. Training should be followed with audit protocols that alert organizations when employees might be abusing the system or making errors that create potential security risks.
#2 Hardware, Drones and Semi-Conductors
While company networks are moving increasingly away from onsite hardware, new technologies such as drones are increasingly deployed in business, personal, and government endeavors. Drones are used for surveillance and defense measures worldwide, and businesses such as Amazon plan to use drones in the future. A growing number of hobbyists are deploying increasingly complex drones for projects such as air studies and filmmaking. Almost all of these drones have computers on board, which makes them hackable. Hacking business drones could disrupt an organization and its customers; hacking government drones could put national security at risk or even start a war.
Drone hacking isn't a "maybe" proposition—the hackers already exist. Some programmers have even developed open source software projects for hacking drones. One project, called Skyjack, lets a user deploy a single drone and use that drone to take over any other drones nearby.
#3 IoT (Internet of Things) Connections
Almost everything is connected today—even toys might come with wireless capabilities—and that culture of connection is only going to grow in the future. As of 2015, 80 percent of people who use the Internet have a smartphone, which means they are connected all the time. When you carry your smartphone, you are traceable and “hackable.” Gartner Research indicates that 89 percent of the time users spend on mobile devices is spent through mobile apps—use of mobile apps opens another possible door for hackers.
Aside from mobile devices, the Internet of Things is creating an explosion of connectivity. Your television, your stereo, your thermostat, your watch, and even your stove might all be connected to the Internet, providing hackers with entry points to home and business networks almost any direction they turn. While controlling your HVAC unit via your mobile device probably won't attract numerous cyber criminals, it is important to realize the security measures for mobile and similar devices aren't as developed as traditional desktop security is. As we move into a future of connectivity, mobile security must work to keep pace with cyber threats.
#4 Cybersecurity defense strategies
Proactive approaches to cyber defense are a growing requirement for organizations and networks. Passive protections, such as encryptions or passwords, aren't completely effective against cyber threats, as has been shown by recent hacks of both IRS and Target networks, where hackers somehow scored credentials to the system before conducting further hacks. Active defense includes applications that work to identify malicious traffic on the network or entrap potential hacks.
One example of active defense is what is referred to as a honeypot. A honeypot occurs when an organization creates an Internet-based system with the purpose of attracting hackers who mean to penetrate computer systems. The honeypot "traps" the hack and can sometimes help provide information about where the hack is coming from. Another example of proactive defense is called sink holing, which involves a faux command-and-control center that intercepts and reports traffic that could be malicious.
The Top Ranked VC Firms in Cybersecurity
- AngelKings - Cybersecurity Pre-IPO Startups Fund
- Intel Capital
- Accel Partners
- Kleiner Perkins
- Sequoia Capital
- Andreessen Horowitz
- Greylock Partners
- Bessemer Venture Partners
- Lightspeed Venture Partners
- Google Ventures
- Khosla Ventures
Cybersecurity rankings were conducted by current portfolio holdings, deal flow, and potential for growth in the cybersecurity industry.
Transcript of Cybersecurity Expert's Speech on Rankings:
The VC firms, the top venture capital firms in cybersecurity are, and we've ranked these in our book "Cyber Nation"... includes Intel Capital; Accel Partners; Kleiner Perkins, a big firm out in San Francisco; Sequoia Capital; and Andreessen Horowitz. Those are the top five that continue to show that they're dedicated to investing in new cybersecurity startups, which is I believe to be the number one, fastest growing, hottest industry for startups is cybersecurity. Those are the top five, and particularly Intel Capital. They've spent hundreds of millions of dollars investing, and they've obviously got an advantage being in the computer industry. They clearly want to make sure not just their software is protected but their silicon wafers, which are the processors that go into all their computers, are protected. It's a selfish interest, but that's okay, because they're also protecting America from cyberattacks.