Infosec 2018 shows we may have reached peak cybersecurity start-up

CRN sister publication Channelnomics Europe attended this year's Infosec Europe in London and asked channel partners for their key takeaways from the event

Despite record levels of VC cash being ploughed into the industry, those on the ground at this year's Infosecurity Europe 2018 were at best luke-warm about the prospects of cybersecurity start-ups.

Infosecurity Europe took place between 5-7 June at Kensington Olympia in London. CRN sister publication Channelnomics Europe spoke to channel partners in attendence to bring you seven takeaways from the annual cybersecurity event.

For the full story, click here, but here we republish one of the seven key conclusions:

VADs are fed up of reckless, unpredictable security start-ups

Security has always been an attractive industry for aspiring tech start-ups and, with cyberattacks on the rise and making international headlines, there's more money in security than ever before.

Several people we spoke to noticed that there were more start-ups at Infosec than previous years.

"The problem with security is: there's more money in security than there is in security," Nuvias' cybersecurity SVP Ian Kilpatrick told our sister title Channelnomics Europe on day two of the event.

"It is a tsunami funded by private equity and venture capitalists on the basis that if I seed roughly 20 firms, I get more than my money back if just one makes it. They just chuck money at people with interesting technology. But interesting technology doesn't make a successful business. What you need is to have a plan - do you know where your product is going? Do you understand the channel?"

Even value-added security distributors, those that have historically nurtured start-ups looking to grow a business in Europe, seem to be frustrated with the recklessness with which so many security start-ups are approaching distributors.

Exclusive's UK MD Graham Jones echoed Kilpatrick's frustration with the security start-up community today, claiming that most have more money than sense.

"People are throwing stupid money around. And they either run out of cash because they blow it all, or they get acquired." claimed Jones. "They promise the earth, but they just don't make any money."

He pointed to Elastica - a start-up Exclusive signed in 2015 - as an example of a start-up that exited the market soonafter signing with distributors. Just six months into working with Exclusive, Elastica was acquired by security vendor Blue Coat, which was in turn acquired by Symantec eight months later.

"We signed on with them, they were building nicely then six months in they get bought. Our relationship with them disappeared because they were bought by Blue Coat which was then bought by Symantec a year later. Which is why we signed Symantec in 2017."

Jones meanwhile said security fledgling SentinelOne is starting to show promise since it signed on with the distributor in 2016, claiming the firm is finding a foothold in the channel in the two years since its launch.

But the Exclusive MD said he's working with fewer start-ups and has set out a much more rigorous screening process for new vendors.

"Our VARs are still looking for us to provide ‘what's new' in the industry. They appreciate that we're doing the filtering and not them," he said.

"But it's more of a self-contained box; we keep that separate [from the rest of the business] because it has a completely different return on investment to the likes of Palo Alto or Fortinet."