A new wave of disruptive security startups are redrawing the battle lines in the growing conflict between cybercriminals and corporate America. For solution providers, the risks of partnering with these upstarts is high. But so are the rewards.
Stephen Harrison, head of sales at New York-based solution provider EverSec Group, knows the risks associated with being a disrupter in the high-stakes security market. But Harrison has seen first-hand the rewards of being first to market with technology that makes the products from legacy security vendors look like stale bread.
Video: How Startups Are Disrupting the Security Market
EverSec Group has pulled away from the pack of me-too security solution providers by partnering with LightCyber, a Los Altos, Calif.-based behavioral analysis network security startup that has captured the attention of high-profile investors including Check Point Software Technologies founder Marius Nacht.
The average margin with a security startup such as LightCyber is as high 30 percent to 40 percent, up to as much as four times the average 10 percent to 15 percent margin associated with a security solution from an established security vendor, according to Harrison.
"I'm a very trusted partner of LightCyber," Harrison said.
"Not only do I get their full support, but it maximizes my margin because they bring me into engagements that I wouldn't normally see. I'm getting the benefit of more business because of our trusted relationship."
EverSec Group is one of a growing number of solution providers willing to wager on security startups that are turning network security and endpoint security into outdated concepts. Among the security upstarts rewriting the standard security playbook in addition to LightCyber are Adallom, Bit9-Carbon Black, Elastica, Vectra Networks, and Zscaler.
Of course, making a bet on one of these security disrupters requires solution providers to have the technology and business acumen of a top-flight venture capitalist conducting due diligence on a potential big investment.
Harrison, a former strategic account manager at Check Point, concedes there are risks involved in these partnerships. Solution providers can lose credibility if the startup goes belly-up. And the time and training in the technology may end up being for naught if it is not widely adopted, he said.
At EverSec Group, Harrison evaluates how a startup came to market and how many clients it had before it sought Round A funding. LightCyber had at least two dozen customers at that point, he said. Once a startup is established and gets that next influx of cash, its go-to-market strategy, sales and marketing operations are significantly increased and partners could gain additional support and rewards.
What attracted Harrison to LightCyber is the company's breakthrough technology, which uses behavioral analysis and big data analytics to detect advanced threats and "active" breaches. "You almost have to get clients to make a paradigm shift from how they view the security technology they already invested in when you are proposing an emerging technology," said Harrison.
Venture capital firms poured $2.2 billion into the cybersecurity market in 2014, an increase of 22 percent over 2013, according to CB Insights, which tracks venture capital money. Corporate cybersecurity deals have increased five times since 2009, the company said.
Of the 248 deals made in 2014, some notable investments included SaaS security vendor CipherCloud, which received a $50 million investment; Skyhigh Networks, which received $40 million; anti-fraud and security analytics vendor ThreatMetrix, which received $20 million; SaaS identity management vendor Ping Identity, which received $30 million; and mobile security specialist Good Technology, which received $80 million.
Next: The Rise In Security Spending