Sean Cunningham, Managing Director, ForgePoint Capital sat down with theCUBE's Jeff Frick at the RSA Conference NA 2018 in San Francisco
@RSAConference
#RSAC
@JeffFrick
@theCUBE
@tridentcapital
#RSAC #theCUBE
https://siliconangle.com/2018/04/23/cybersecurity-fatigue-sets-in-while-investors-look-for-a-shot-of-adrenaline-guestoftheweek/
Cybersecurity fatigue sets in while investors look for a shot of adrenaline
In the fast-moving world of cybersecurity, the operative word today is fatigue.
Information technology organizations have alert fatigue from having to deal with every possible minute-by-minute hint of a data breach or ransomware attack. Enterprise security executives are worn out from endless meetings and board-level discussions about corporate risk profiles. Cybersecurity professionals are so fatigued by attack threats, often led by powerful and well-financed nation states, that a recent study showed 60 percent are dissatisfied with their jobs.
For venture capital investors, cybersecurity fatigue is both a challenge and an opportunity. There are plenty of innovative companies promoting silver-bullet technology to protect computing infrastructure, yet the solutions to-date have racked up an impressive track record of failure. In fact, data from the past year shows that VCs are pouring more money into cybersecurity startups while successful exits are falling dramatically.
“There is definitely buyer fatigue,” said Sean Cunningham (pictured), managing director of ForgePoint Capital (formerly Trident Capital), whose firm keeps an eye on nearly 1,700 cybersecurity startups. “Fifteen hundred of these security startups are about technology for the sake of technology. It has to be about having a real solution for a real problem.”
Cunningham spoke with Jeff Frick (@JeffFrick), host of theCUBE, SiliconANGLE Media’s mobile livestreaming studio, at last week’s RSA Conference in San Francisco. They discussed ForgePoint’s interest in application security, new tools in the cyberinsurance space, the impact of European data privacy rules, protection in the public cloud, and opportunities for translating enterprise technology for consumer use.
This week theCUBE features Sean Cunningham as its Guest of the Week.
A focus on application security
ForgePoint Capital focuses on Series A, B and growth equity investments in a range of $5 million to $30 million per company. One of the key areas of funding for ForgePoint has been application security, a technology receiving increasing focus because applications often contain a rich trove of personal and financial information for enterprising hackers.
One of the companies funded by ForgePoint is Prevoty, a startup that inserts security software directly into applications using an attack detection approach that understands how content payloads and operating system commands function in a computing environment.
Analysis of the notorious Equifax breach showed that hackers exploited a vulnerability in Apache Struts components. Prevoty has claimed its technology withstood the Struts2 attacks because its autonomous application protection prevented exploitation.
“They make it easy for the application security folks to meet with the development operations [team] and inject this software into applications,” Cunningham said. “When you can automate that process and reduce time to market, that’s what it’s all about.”
Another area of investment for ForgePoint has been the in the cyberinsurance arena. The cyberinsurance market remains a small fraction of the total risk industry, with approximately $3 billion for U.S. companies versus $200 billion in insurance premiums annually overall.
In March, CyberCube Analytics emerged from stealth mode and announced the general availability of a risk-modeling platform that is designed to help insurance firms better understand the overall security posture of a company. The expectation is that by providing more data to insurers, the risk will be clearer and, presumably, fairly priced.
The company used technology developed by Symantec Corp. and has been backed by ForgePoint. “We can show you the risk profile of a company and you can properly price your cyberinsurance now,” Cunningham said.
Managing cyberinsurance risk could become a growth market in the coming months as compliance with General Data Protection Regulation goes into effect in May. Companies with data on European citizens must comply with GDPR requirements for proper data protection and honor requests to delete the information. Penalties for noncompliance are 4 percent of gross revenues or $20 million Euros, whichever is greater.
...
Here’s the complete video interview, and there’s much more coverage of the RSA Conference from SiliconANGLE and theCUBE:
Forgot Password
Almost there!
We just sent you a verification email. Please verify your account to gain access to
RSA Conference US 2018 | San Francisco. If you don’t think you received an email check your
spam folder.
Sign in to RSA Conference US 2018 | San Francisco.
In order to sign in, enter the email address you used to registered for the event. Once completed, you will receive an email with a verification link. Open this link to automatically sign into the site.
Register For RSA Conference US 2018 | San Francisco
Please fill out the information below. You will recieve an email with a verification link confirming your registration. Click the link to automatically sign into the site.
You’re almost there!
We just sent you a verification email. Please click the verification button in the email. Once your email address is verified, you will have full access to all event content for RSA Conference US 2018 | San Francisco.
I want my badge and interests to be visible to all attendees.
Checking this box will display your presense on the attendees list, view your profile and allow other attendees to contact you via 1-1 chat. Read the Privacy Policy. At any time, you can choose to disable this preference.
Select your Interests!
add
Upload your photo
Uploading..
OR
Connect via Twitter
Connect via Linkedin
EDIT PASSWORD
Share
Forgot Password
Almost there!
We just sent you a verification email. Please verify your account to gain access to
RSA Conference US 2018 | San Francisco. If you don’t think you received an email check your
spam folder.
Sign in to RSA Conference US 2018 | San Francisco.
In order to sign in, enter the email address you used to registered for the event. Once completed, you will receive an email with a verification link. Open this link to automatically sign into the site.
Sign in to gain access to RSA Conference US 2018 | San Francisco
Please sign in with LinkedIn to continue to RSA Conference US 2018 | San Francisco. Signing in with LinkedIn ensures a professional environment.
Are you sure you want to remove access rights for this user?
Details
Manage Access
email address
Community Invitation
Sean Cunningham, ForgePoint Capital | RSA North America 2018
Sean Cunningham, Managing Director, ForgePoint Capital sat down with theCUBE's Jeff Frick at the RSA Conference NA 2018 in San Francisco
@RSAConference
#RSAC
@JeffFrick
@theCUBE
@tridentcapital
#RSAC #theCUBE
https://siliconangle.com/2018/04/23/cybersecurity-fatigue-sets-in-while-investors-look-for-a-shot-of-adrenaline-guestoftheweek/
Cybersecurity fatigue sets in while investors look for a shot of adrenaline
In the fast-moving world of cybersecurity, the operative word today is fatigue.
Information technology organizations have alert fatigue from having to deal with every possible minute-by-minute hint of a data breach or ransomware attack. Enterprise security executives are worn out from endless meetings and board-level discussions about corporate risk profiles. Cybersecurity professionals are so fatigued by attack threats, often led by powerful and well-financed nation states, that a recent study showed 60 percent are dissatisfied with their jobs.
For venture capital investors, cybersecurity fatigue is both a challenge and an opportunity. There are plenty of innovative companies promoting silver-bullet technology to protect computing infrastructure, yet the solutions to-date have racked up an impressive track record of failure. In fact, data from the past year shows that VCs are pouring more money into cybersecurity startups while successful exits are falling dramatically.
“There is definitely buyer fatigue,” said Sean Cunningham (pictured), managing director of ForgePoint Capital (formerly Trident Capital), whose firm keeps an eye on nearly 1,700 cybersecurity startups. “Fifteen hundred of these security startups are about technology for the sake of technology. It has to be about having a real solution for a real problem.”
Cunningham spoke with Jeff Frick (@JeffFrick), host of theCUBE, SiliconANGLE Media’s mobile livestreaming studio, at last week’s RSA Conference in San Francisco. They discussed ForgePoint’s interest in application security, new tools in the cyberinsurance space, the impact of European data privacy rules, protection in the public cloud, and opportunities for translating enterprise technology for consumer use.
This week theCUBE features Sean Cunningham as its Guest of the Week.
A focus on application security
ForgePoint Capital focuses on Series A, B and growth equity investments in a range of $5 million to $30 million per company. One of the key areas of funding for ForgePoint has been application security, a technology receiving increasing focus because applications often contain a rich trove of personal and financial information for enterprising hackers.
One of the companies funded by ForgePoint is Prevoty, a startup that inserts security software directly into applications using an attack detection approach that understands how content payloads and operating system commands function in a computing environment.
Analysis of the notorious Equifax breach showed that hackers exploited a vulnerability in Apache Struts components. Prevoty has claimed its technology withstood the Struts2 attacks because its autonomous application protection prevented exploitation.
“They make it easy for the application security folks to meet with the development operations [team] and inject this software into applications,” Cunningham said. “When you can automate that process and reduce time to market, that’s what it’s all about.”
Another area of investment for ForgePoint has been the in the cyberinsurance arena. The cyberinsurance market remains a small fraction of the total risk industry, with approximately $3 billion for U.S. companies versus $200 billion in insurance premiums annually overall.
In March, CyberCube Analytics emerged from stealth mode and announced the general availability of a risk-modeling platform that is designed to help insurance firms better understand the overall security posture of a company. The expectation is that by providing more data to insurers, the risk will be clearer and, presumably, fairly priced.
The company used technology developed by Symantec Corp. and has been backed by ForgePoint. “We can show you the risk profile of a company and you can properly price your cyberinsurance now,” Cunningham said.
Managing cyberinsurance risk could become a growth market in the coming months as compliance with General Data Protection Regulation goes into effect in May. Companies with data on European citizens must comply with GDPR requirements for proper data protection and honor requests to delete the information. Penalties for noncompliance are 4 percent of gross revenues or $20 million Euros, whichever is greater.
...
Here’s the complete video interview, and there’s much more coverage of the RSA Conference from SiliconANGLE and theCUBE:
