Former security service experts launch cyber start-ups

These days, cyber security entrepreneurs are more likely to be just out of the intelligence services than straight out of college.

Accelerators - organisations that help start-ups with advice and early stage funding - have sprung up specialising in cyber security, focusing not on hoodie-clad twentysomethings with smart ideas, but on experienced professionals with in-depth security knowledge.

Start-ups in this sector attracted $2.3bn of venture capital globally in 2014, up more than a third on the year before, according to data from PrivCo, a research company, as businesses hunt for an alternative to existing technologies to help defend against hackers.

But starting a cyber security company is not easy: instead of the downloads and users desired by consumer technology start-ups, they must win the trust of large corporate and government customers scared of a fast-changing threat.

Kevin Rowney, co-founder of Mod N Labs, a San Francisco Bay Area-based accelerator, is using his expertise as a serial security entrepreneur and former senior manager at Symantec to help others progress from an "idea on a napkin" to contracts, fundraising and building a team. Mod N Labs may take a stake in a company or just advise.

He says: "It is a turbulent time in information technology - a lot is changing fast and many big providers are doing a bad job at adapting. The result is big holes in the threat landscape . . . and a giant opportunity for start-ups in security."

He adds, though, that entrepreneurs need more help to sell new categories of security software to large multinational banks than they do to create apps for takeaway deliveries, for example.

Rick Gordon, managing partner at MACH37, a Virginia-based cyber security accelerator launched 18 months ago, runs a 90-day programme that helps technically focused founders learn the business skills needed to run a company.

"Our first-time entrepreneurs are often a bit older, with deep technical expertise," he says. To have that eureka moment, he says you have to have dealt with security issues and have been in the trenches grappling with vexing problems.

But, he adds, such people may not be as adept at communicating their value to seed investors or institutional venture capitalists, "so that is certainly one skill set we teach".

He points out that entrepreneurs need more than just a "compelling PowerPoint" presentation - they must have evidence of a real need among paying customers.

MACH37 provides a $50,000 investment for an 8 per cent stake in a nascent business, matching it again or going up to $100,000 at the seed round. Mr Gordon says he expects almost all the "exits" to be via mergers or acquisitions by strategic buyers, ranging from long established companies such as Symantec to newer businesses such as FireEye or Palo Alto Networks.

Roy Stephan, chief executive and founder of Pierce Global Threat Intelligence, a security start-up, was in the accelerator's first class. The company has received $1m from angel investors and is raising more.

Despite having been chief technology officer at start-ups in the 1990s, Mr Stephan felt he needed MACH37 to teach him the financial and legal aspects of running a business. He says the accelerator was a "springboard" that helped him develop what was a "very, very early, somewhat nebulous concept". He adds: "It probably would have taken me three years on my own"

In London, Alex van Someren, a venture capitalist, and Jonathan Luff and Grace Cassy, both former diplomats and advisers to prime ministers Cameron and Blair respectively, are about to launch CyLon, which they hope will help entrepreneurs who want to commercialise intellectual property that came out of the intelligence services.

Commissioned by the Cabinet Office to write a report on how to generate revenue from such intellectual property, they concluded that accelerators and incubators would help with both the standard challenges encountered by start-ups and the unique hurdles faced by companies founded by former intelligence officers. So they started an accelerator themselves.

CyLon is forming partnerships with defence companies, government agencies and academia to mentor and sponsor start-ups, many of which have been founded by people with a background in government cyber security.

The first cohort includes a start-up using machine learning to study network activity, one building a highly secure home router, and another specialising in biometrics.

Mr van Someren says that in the past couple of years, those with cyber security skills and experience have found themselves in demand in the commercial world for the first time and need to learn how to sell to businesses as well as governments.

"The experience of the government agencies, both defence and intelligence, has a lot to offer," he says.

"This is somewhat of a novelty. There is plenty of innovation in academia and the commercial domain, but there are relatively few opportunities for significant publicly funded work to cross over into the commercial domain."

© The Financial Times Limited 2015. All rights reserved.
FT and Financial Times are trademarks of the Financial Times Ltd.
Not to be redistributed, copied or modified in any way.
Euro2day.gr is solely responsible for providing this translation and the Financial Times Limited does not accept any liability for the accuracy or quality of the translation