Venture capital in cybersecurity hit a record high in 2021 — like it did in many industries — but last year could not come close to matching those peak times.
Funding to cybersecurity startups dropped by a third in 2022, according to Crunchbase data. While 2021 saw a record $22.8 billion roll into startups in the sector, that number fell to $15.3 billion last year.
Search less. Close more.
Grow your revenue with all-in-one prospecting solutions powered by the leader in private-company data.
However, the 2022 venture total still represents a 68% increase from 2020 — which until last year was the high-water mark for venture funding in the industry.
The downside, however, is that investment dollars trended downward as the past year went on — something that may not bode well for startups in 2023.
The fourth quarter saw only $2.4 billion go to cyber startups, the lowest amount of venture investment in the sector since the third quarter of 2020 — which saw $1.6 billion invested — according to Crunchbase data.
That was after the third quarter also saw a significant pullback in venture funding.
Big dip in big rounds
One reason for the dip in funding was undoubtedly due to far fewer huge growth rounds being raised overall.
A quick look at the numbers shows while 18 rounds of more than a quarter-billion dollars were raised in 2021, last year saw only seven such rounds.
- In February, Addison, Texas-based Securonix closed the biggest cyber round of the year, a $1 billion-plus funding led by Vista Equity Partners. The startup offers security information and event management, and extended detection and response capabilities to companies.
- In January, Toronto-based 1Password closed a $620 million Series C led by ICONIQ Growth that brings the cybersecurity firm’s valuation to $6.8 billion.
- In October, Eden Prairie, Minnesota-based managed cybersecurity company Arctic Wolf raised $401 million in convertible notes led by existing investor Owl Rock.
- Switzerland-based SonarSource, which helps manage code quality, raised a $412 million round in April.
- In February, New York-based BlueVoyant closed a $250 million Series D at a $1 billion-plus valuation led by Liberty Strategic Capital — a private equity firm founded and led by former U.S. Secretary of the Treasury Steven Mnuchin.
- In July, San Francisco-based cyber insurance startup Coalition closed a $250 million round at a $5 billion valuation.
- Also in July, Switzerland-based cybersecurity and data protection firm Acronis raised $250 million from institutional investors including BlackRock that valued the company at more than $3.5 billion.
Nine-figure rounds, in general, were down, with only 42 such fundings going to cybersecurity startups last year compared to 67 in 2021.
What it means
The drop in such large rounds is not surprising, as large growth rounds were the first victims of venture capitalists pulling back on investing.
However, while early-stage rounds stayed strong in many sectors, cyber did see a substantial decline in deal flow, dropping from 862 announced rounds in 2021 to only 730 last year. While 2021 may be an outlier, nearly 830 funding deals were announced in 2020.
The drop in deal flow and the declining trend of investments seem to signal a potentially tough year for cyber startups. Even M&A dealmaking was down nearly a third when it came to VC-backed startups being bought.
That could spell a hard road ahead for startups if funding dries up and no buyers are around to provide a soft(ish) exit. Palo Alto Networks (whose shares are down more than 17% since the start of 2022), CrowdStrike (down more than 40%), and many other cyber giants have been battered by the tech selloff in the public market. Those companies may not be willing to do stock deals with their shares discounted and investors may not want to see large sums of reserved cash used either.
Companies undoubtedly will continue to spend on security, and innovation is still needed, so some startups will continue to get the cash infusion they need to survive, but 2023 may force them to get creative. It may also be the end of the line for many others.
Methodology
Cybersecurity is defined by the industries of network security, cloud security and cybersecurity, according to Crunchbase data. Most announced rounds are represented in the database; however, there could be a small time lag for rounds reported late in the quarter.
Illustration: Dom Guzman
Stay up to date with recent funding rounds, acquisitions, and more with the
Crunchbase Daily.