Demystifying the “Recession”: Have Cybersecurity Vendor and Customer Dynamics Changed?

In my recent Keynote Address at the annual Cyberweek conference in Tel Aviv, Israel, I attempted to address the macroeconomic trends of the past two tumultuous years by examining the impact they’ve had – and continue to have – on the dynamics between cybersecurity vendors, their customers, and their investors. I reviewed the results of two data-driven reports we produce at YL Ventures: our annual State of the Cyber Nation report, which analyzes investment and M&A activity in the Israeli cybersecurity sector, and our CISO Circuit reports, which showcase facts and opinions of active CISOs on the most burning issues in our ecosystem. As the threat landscape and the macroeconomic situation continue to evolve, so too do the priorities and focuses of vendors, investors, and customers. Re-examining and trying to understand the dynamics between these three groups is critically important.

The general slowdown in global technology investments has naturally impacted the Israeli cybersecurity market as well, but our data shows that it has remained relatively resilient, and continues to grow while adapting to the shifts in investor and customer priorities. By contrast, the North American cybersecurity market is showing a much starker slowdown in venture funding. Investments in cybersecurity startups in North America decreased significantly in 2022, particularly in the more challenging Series A and Series B rounds. Investors that have suffered writedowns and losses are more reluctant to take risks in this uncertain economic climate, leading to a more conservative approach towards funding emerging tech.

The impact of these trends on the dynamics of building new cybersecurity startups has led to a new strategic approach that is gaining popularity in the Israeli cybersecurity ecosystem – many founders today are choosing to stay in stealth mode longer. This allows them to refine their offerings and build a stronger foundation before entering the market. By remaining in stealth mode, startups can conduct thorough research, prototype development and validation with potential customers without the pressure of public scrutiny. When they do emerge, they are better equipped with a well-defined value proposition and ultimately a higher likelihood of success. It should be noted, however, that in some cases there’s an advantage to launching early – it can allow startups to define and dominate their categories at the most critical stage and beat competitors to the punch.

Established vendors that are facing challenges in raising follow-on rounds are also assessing their priorities to adapt to the shift in investor sentiment. As public comparables have traded lower, we’ve seen a compression in the revenue multiples for follow-ons. Investors are becoming more discerning, particularly those closer to the public markets, focusing not only on the innovative nature of a startup’s technology, and growth at any price, but also on its commercial viability and potential for long-term sustainability. To secure follow-on funding, established vendors have to demonstrate a solid and satisfied customer base and a repeatable sales motion with a strong pipeline.

Such a pipeline isn’t easy to attain these days, as CISOs have also been significantly impacted by today’s economic landscape and are placing more emphasis on return on investment (ROI) when selecting security vendors than ever before. Our CISO Circuit report shows that CISOs in our network must now justify every cybersecurity investment with measurable business value. They are focused on consolidating tools and automating traditionally manual tasks to maximize efficiency and seek solutions that can streamline their operations, reduce costs, and enhance their organization’s overall security posture at the same time.

Moreover, CISOs are running their security teams more like business units, with greater involvement from CFOs and CIOs in purchasing decisions. The collaboration between these departments is critical for aligning cybersecurity initiatives with broader business objectives. Vendors must empower the CISOs to become champions within their organizations by providing them with the necessary tools, data, and insights to effectively communicate the ROI of cybersecurity investments to these other stakeholders. Vendors must be prepared to address the ROI concerns of CISOs, demonstrating the tangible value their solutions bring and the long-term benefits they offer.

The dynamics between cybersecurity vendors, investors and customers have indeed shifted in the past 18 months. It is essential to recognize, however, that while challenges exist, there are also opportunities for growth and innovation. If each of these groups can better understand each other’s points of view and priorities, we will all be better poised to navigate these changing dynamics successfully and continue to build a resilient cybersecurity ecosystem.