Cybersecurity 500


Q1 2017

Welcome to the 10th edition of the Cybersecurity 500 list of the world’s hottest and most innovative cybersecurity companies.


The Cybersecurity 500 List for Q1 2017 is Announced

The definitive list of the world’s hottest and most innovative companies in the cybersecurity industry.

Menlo Park, Calif. – Mar. 1, 2017

Cybersecurity Ventures announces the Q1 2017 edition of the Cybersecurity 500, a global compilation of leading companies who provide cybersecurity solutions and services.

“The Cybersecurity 500 helps enterprises break through the clutter by offering a listing of the world’s hottest and most innovative cybersecurity players” says Robert Herjavec, founder and CEO of Herjavec Group, the No. 1 privately held company on the Cybersecurity 500. “This differentiation is important because we don’t have time to waste. There is no industry that moves at the pace of cybersecurity. It’s our job as experts to help enterprises navigate the cyber battlefield, and arm them with the products and services to facilitate a proactive offense.”

“Herjavec Group is committed to combining technical, human and threat intelligence to enrich the information and alerts we share with our customers” adds Herjavec. “Over the past year we’ve doubled down on service enhancements – improving our cloud SIEM Managed Services offering, automating further through our Threat Framework and Analytics Platform, and introducing an advanced Identity & Access Management practice. To see our efforts and growth acknowledged with a No. 2 ranking is incredible. But it’s only the beginning. Large enterprises still aren’t nearly as agile as their attackers so it’s our job as cyber advisors and service providers to be on the cusp of emerging threats and technologies. Only the paranoid survive.”

Worldwide spending on cybersecurity products and services is predicted to eclipse $1 trillion for the five-year period from 2017 to 2021. There are many new entrants as well as M&A, investment and IPO activity, that is constantly changing the vendor and service provider landscape.

The Cybersecurity 500 creates awareness and recognition for the most innovative cybersecurity companies – ranging from the largest and most recognizable brands, to VC backed startups and emerging players, to small firms with potentially game-changing technologies, to solution providers poised for growth around productized or vertically focused services.

“For many years, business publications have shared lists of companies of which they recommend readers take note” says Joseph Steinberg, a cybersecurity expert, entrepreneur, author, speaker, and Inc. columnist covering cybersecurity.

“The Cybersecurity 500 gives the same convenience and wisdom to people interested in the cybersecurity industry; IT departments, analysts, journalists, and consumers now have a great list from which to learn about the industry and its current providers” adds Steinberg. “The Cybersecurity 500 list also offers a great window into emerging technologies from newer firms which often solve problems about which everyone knows, but has been unable to address” adds Steinberg.

Cybercrime continues to fuel an expanding cyber market. Cybersecurity Ventures recently predicted that cybercrime damages will cost the world $6 trillion annually by 2021, up from $3 trillion last year.

“There’s a new pecking order in the Cybersecurity 500” says Steve Morgan, founder and Editor-in-Chief at Cybersecurity Ventures. “Human capital has moved ahead of technology when we look at companies. Organizations are struggling through a prolonged labor shortage which has 1 million cybersecurity job openings in 2017, and that will grow to a minimum of 1.5 million by 2019” adds Morgan.

“Since its inception, the cybersecurity industry has focused on locking down infrastructure. Unfortunately, technology is ever changing, which puts security in a continual game of catch up,” says Matthew P. Moynahan, CEO at Forcepoint, listed at No. 3 on the Cybersecurity 500. “We’re excited to bring a new approach to cybersecurity, which helps companies focus on the one constant – people – and understanding their behaviors and intent as they interact with critical business data and intellectual property wherever it resides.”

Special 10th Edition

The Cybersecurity 500 is publishes its 10th edition in Q1 2017.

“Cyber defense has never been more critical than it is today, and the Cybersecurity 500 recognizes the “companies to watch” on the front lines of this battle” said Dave DeWalt, CEO and Chairman of the Board at FireEye, in Q1 2015 when the inaugural list was published. “FireEye is committed to changing the way the world combats today’s advanced cyber attacks, and the Cybersecurity 500 spotlights the evolution taking place by raising awareness of the most innovative companies in the security industry.”

FireEye is the only company on the Cybersecurity 500 who has been ranked in the top 10 in every edition of the list.

DeWalt, who was previously President & CEO at Intel Security / McAfee, is currently Chairman at Claroty, and Vice Chairman at ForgeRock and ForeScout Technologies  three companies who now appear on the list of the world’s hottest cybersecurity companies.

“We see the Cybersecurity 500 as an important benchmark for our industry and we are honored to be recognized” says Chad Holmes, Americas Cybersecurity Leader at EY, the Big Four firm who is now listed at No. 4 on the Cybersecurity 500. Holmes was previously Chief Technology and Intelligence Officer at FireEye.

“EY has made significant investments in our cyber practice from talent to capabilities” adds Holmes. We are leveraging these resources along with key alliances with organizations like Microsoft and Los Alamos National Laboratories to help keep our clients and their customers safe from Cyberattacks. We see the Cybersecurity 500 as an important benchmark for our industry and we are honored to be recognized.”

Movers and Shakers

Mimecast has climbed to No. 5 on the Cybersecurity 500 in Q1 2017. A market leader in email security for a long time, Mimecast has moved into a leadership position in protecting Microsoft Exchange, Office 365 and Google Apps for Work, for organizations who have transitioned to the cloud.

A recent Forbes story on disruptive cyber trends at the RSA Conference says “Ziften offers an agent-based approach to tracking the behavior of users, devices, applications, and network elements, both in real-time as well as across historical data.” Ziften sits at No. 33 on the Cybersecurity 500.

Blackberry moved to No. 34 on the list, up from No. 40 in Q4 2016. The company continues to execute on its transformation into a pure-play cybersecurity firm.

KnowBe4 is a high flying computer based security awareness training company listed at No. 139 on the Inc. 5000 and now at No. 38 on the Cybersecurity 500. Kevin Mitnick, the world’s most famous hacker, is Chief Hacking Officer at the fast growing provider of new school employee training aimed at thwarting spear-phishing and other cyber attacks.

ThreatStack made another upward move to No. 40 on the Cybersecurity 500 as the company continues to be recognized for its cloud security platform for protecting against external attacks and insider threats.

NNT — with offices in the U.S. and U.K. and a leader in Change Control Technology providing real-time contextual file integrity monitoring, continuous compliance control and configuration drift management — has jumped up the list from their previous position as a result of now combining real-time threat intelligence with forensic breach detection capabilities.

The Cybersecurity 500, by region:

135 international companies (non U.S.), the most ever since publishing the list.

117 Silicon Valley based companies.

77 companies in the Northeast U.S., with 39 in New England and 35 in the New York Metro area — including 21 in NYC and 8 in New Jersey.

67 companies in Europe, with 23 of those in the United Kingdom.

54 companies in the DC metro area, with a heavy concentration of defense contractors and cyber defenders focused federal agencies.

36 companies in Israel, the second largest exporter of cybersecurity technology behind the U.S. Several companies with a U.S. headquarters were founded in Israel and have R&D there, which makes the Israeli presence even larger.

21 companies in the Rocky Mountain region, with 12 in Colorado — including No. 1 listed root9B. a cybersecurity consulting and operational support firm with headquarters in Colorado Springs, Colo., and regional offices in San Antonio, Texas, New York City, N.Y., and Charlotte, N.C., plus local cyber staff in other regions.

22 companies in the midwest U.S. — including Cimcor, which continues to grow its base of Cimtrak file and integrity monitoring tool customers. The change and compliance management vendor is listed at No. 75  

22 companies in Texas, with 12 in Austin and 9 in San Antonio — including Digital Defense, now at No. 16 on the list and one of the longest standing members of the top 25.

21 companies in Asia-Pac, nearly twice the amount listed in that region last year — including HanSight, with their next generation big data analytics platform to enable organizations to detect, trace and respond to threats such as cyber breaches, financial fraud and targeted Advanced Persistent Threats (APT).

20 companies in southern Calif.

17 companies in the southeast U.S.

13 Canadian companies including Herjavec Group, the No. 2 listed company overall.

Selection Criteria For The Cybersecurity 500

Cybersecurity Ventures continuously looks at new companies for inclusion in the Cybersecurity 500, by soliciting feedback from CISOs, IT security practitioners and service providers, and researching hundreds of cybersecurity events and news sources.

The selection criteria for the Cybersecurity 500 is subjective and includes some or all of the following when evaluating each company:

  • Cybersecurity Sector (market category)
  • Problem(s) Solved
  • Customer Base
  • Feedback from CISOs and Decision Makers
  • Feedback from IT Security Evaluators & Recommenders
  • Feedback from VARs, SIs and Consultants
  • VC Funding
  • Company Growth
  • Published Product Reviews
  • Demos and Presentations at Conferences
  • Corporate Marketing and Branding
  • Media Coverage
  • Notable Implementations
  • Founder and Management Pedigree
  • Interviews with Senior Management

The Cybersecurity 500 does not rank companies by revenues, employees, or annual growth. “We do not think a list of the largest cybersecurity companies is useful to our target audience of cyber and IT security decision makers, evaluators, and recommenders” says Morgan. “They already know who the biggest vendors are. Instead, we give a nod to the hottest and most innovative companies.”

For CISOs and IT Security Teams

The Cybersecurity 500 is both a list and a sortable directory. A link to the corporate website is displayed next to each company that is listed.

The driving force behind the Cybersecurity 500 is providing something useful to the CISOs and security decision makers, evaluators, and recommenders. The compilation lets them search and find specific types of solutions from the most innovative cybersecurity companies in the industry.

Cybersecurity Ventures publishes a new edition of the Cybersecurity 500 each quarter. The revised quarterly editions have new companies coming on the list, others dropping off, and changes to the listing order, to accurately reflect the current hottest and most innovative companies.

Cybersecurity 500 Commemorative Pieces

American Registry has announced commemorative pieces exclusively for Cybersecurity 500 listed companies. The recognition products include wall plaques, marquees, counter displays, banners and crystals.

“American Registry provides the finest museum quality commemorative products for Cybersecurity 500 companies” says Steve Morgan, founder and CEO at Cybersecurity Ventures. “They capture the likeness of our brand and do the very best work possible in order to display the hard earned achievements which have been bestowed upon the listed companies. We highly recommend American Registry.”

“We are honored to be partnered with the leading research and market intelligence firm in the Cybersecurity space and impressed with the quality of the companies receiving this unique distinction” says Michael Moran, CEO at American Registry.


The Cybersecurity 500 is published by Cybersecurity Ventures, the world’s leading researcher and publisher of reports covering global cybercrime damage projections, cybersecurity spending forecasts, and cybersecurity employment figures.