Cybersecurity 500


Q2 2017

Welcome to the 11th edition of the Cybersecurity 500 list of the world’s hottest and most innovative cybersecurity companies.

Aug. 2017 Update: New No. 1 on the Cybersecurity 500 List


The Cybersecurity 500 List for Q2 2017 is Announced

The definitive list of the world’s hottest and most innovative companies in the cybersecurity industry.

Menlo Park, Calif. – Jun. 21, 2017

Cybersecurity Ventures announces the Q2 2017 edition of the Cybersecurity 500, a global compilation of leading companies who provide cybersecurity solutions and services.

Worldwide spending on cybersecurity products and services is predicted to eclipse $1 trillion for the five-year period from 2017 to 2021. There are many new entrants as well as M&A, investment and IPO activity, that is constantly changing the vendor and service provider landscape.

The Cybersecurity 500 creates awareness and recognition for the most innovative cybersecurity companies – ranging from the largest and most recognizable brands, to VC backed startups and emerging players, to small firms with potentially game-changing technologies, to solution providers poised for growth around productized or vertically focused services.

Sponsored Links

  • The Top Free IT Security Tools Used to Combat Hackers
  • Real-time, File Integrity Monitoring, Network Configuration & Compliance
  • Official Cybersecurity 500 Wall Plaques and Recognition Products
  • SecurityXchange Matches Security Executive with Solutions Providers

  • grayfooterline

    Security Awareness Training Market

    “Since IT security is such a key, expanding market, it’s important to know who the top players are that are effectively tackling customer needs” says Stu Sjouwerman, founder and CEO at KnowBe4, a security awareness training company now ranked No. 6 on the Cybersecurity 500, up from No. 38 in the Q1 2017 edition.

    “Organizations need to know who to put on their shortlist when assessing weak links and manage the problem of social engineering” adds Sjouwerman. “The Cybersecurity 500 helps enterprises focus on innovative companies that are head and shoulders above the rest.”

    KnowBe4 is ranked at No. 139 on the Inc. 500 list of America’s fastest growing private companies. Kevin Mitnick, the world’s most famous hacker, is Chief Hacking Officer at the fast growing provider of new school employee training aimed at thwarting spear-phishing and other cyber attacks.

    Cybercrime continues to fuel an expanding cyber market. Cybersecurity Ventures recently predicted that cybercrime damages will cost the world $6 trillion annually by 2021, up from $3 trillion last year.

    Global spending on security awareness training for employees is predicted to reach $10 billion by 2027. Training employees how to recognize and defend against cyber attacks is the most under spent sector of the cybersecurity industry. “KnowBe4’s ascension to a top spot on the Cybersecurity 500 reflects the importance of this market” says Steve Morgan, founder and Editor-In-Chief at the Cybersecurity 500.

    “Security awareness has evolved from training employees to a discipline that is just as complicated and important as any other in our field” adds Morgan. “KnowBe4 has done an incredible job of educating the market, providing free tools including their widely popular Phishing Security Test, and growing their customer base and revenues explosively year-over-year for the past 4 years.”

    The Cybersecurity 500 is dotted with an impressive roster of security awareness training firms — including Digital Defense and Inspired eLearning — both ranked in the top 50 overall.

    The Top 25

    Herjavec Group, No. 2 overall and the top privately held firm on the Cybersecurity 500, continued growing their business in the first of 2017 with demand for their outsourced security services during a prolonged labor shortage that is predicted to reach 3.5 million unfilled cybersecurity jobs globally by 2021.

    Raytheon Cyber climbed up to the No. 3 position on the heels of announcing their five-year, $1 billion Department of Homeland Security contract to help defend “.gov” websites from cyber attacks.

    IBM Security, No. 7, and the Cisco Security Group, No. 8, announced they are joining forces to tackle cybercrime. Together, they aim to improve security effectiveness for customers through technology integration, services and threat intelligence collaboration.

    Thycotic, a leading provider of PAM (privileged account management) solutions moved up to No. 15, with continued momentum, a growing customer base of more than 7,500 organizations worldwide, and their new Privilege Ready Program — which highlights the breadth of Thycotic’s integration capabilities with several leading security vendors around the world.

    Digital Defense moved up to No. 16 after their Frontline Vulnerability Manager was named “Best Buy” by SC Magazine. Prior to that, Frost & Sullivan recently named Digital Defense as the Best Vulnerability Management Scan Engine. The market for vulnerability management continues to experience strong demand.

    Palo Alto Networks, in the No. 21 position, and Girl Scouts of the USA announced collaboration for the first-ever National Cybersecurity Badges. With the introduction of 18 new Cybersecurity badges, Girls Scouts of all ages will be able to explore opportunities in STEM while developing problem-solving and leadership skills.

    “We are carefully tracking the entire field of cybersecurity companies for the No. 1 to No. 25 spots in 2018” says Morgan. “There are many companies who earn a spot on our list based on a unique business model, depth of experience, leadership, and other criteria — but equally important is remaining there based on market execution in terms of customer acquisition and revenue growth.”

    The Cybersecurity 500, by region:

    136 international companies (non U.S.), the most ever since publishing the list.

    120 Silicon Valley based companies.

    77 companies in the Northeast U.S., with 39 in New England, 27 in New York, and 8 in New Jersey.

    74 companies in Europe, with 24 of those in the United Kingdom.

    53 companies in the DC metro area, with a heavy concentration of defense contractors and cyber defenders focused federal agencies.

    36 companies in Israel, the second largest exporter of cybersecurity technology behind the U.S. Several companies with a U.S. headquarters were founded in Israel and have R&D there, which makes the Israeli presence even larger.

    21 companies in the Rocky Mountain region, with 12 in Colorado — including No. 1 listed root9B. a cybersecurity consulting and operational support firm with headquarters in Colorado Springs, Colo., and regional offices in San Antonio, Texas, New York City, N.Y., and Charlotte, N.C., plus local cyber staff in other regions.

    22 companies in the midwest U.S. — including Cimcor, which continues to grow its base of Cimtrak file and integrity monitoring tool customers. The change and compliance management vendor is listed at No. 75  

    22 companies in Texas, with 12 in Austin and 9 in San Antonio — including Digital Defense, now at No. 16 on the list and one of the longest standing members of the top 25.

    22 companies in Asia-Pac, nearly twice the amount listed in that region last year — including No. 40 I-Sprint Innovations, a leading identity, credential, and access management solutions provider.

    20 companies in southern Calif.

    18 companies in the southeast U.S.

    13 Canadian companies including Herjavec Group, the No. 2 listed company overall.

    Selection Criteria For The Cybersecurity 500

    “Cyber defense has never been more critical than it is today, and the Cybersecurity 500 recognizes the “companies to watch” on the front lines of this battle” stated Dave DeWalt, previously CEO and Chairman of the Board at FireEye, in Q1 2015 when the inaugural list was published.

    “The Cybersecurity 500 spotlights the evolution taking place by raising awareness of the most innovative companies in the security industry” added DeWalt, now Chairman of the Board at Claroty and Illusive Networks, two Israeli cybersecurity startups which appear in the top 100.

    “For many years, business publications have shared lists of companies of which they recommend readers take note” says Joseph Steinberg, a cybersecurity expert, entrepreneur, author, speaker, and Inc. columnist covering cybersecurity. “The Cybersecurity 500 gives the same convenience and wisdom to people interested in the cybersecurity industry; IT departments, analysts, journalists, and consumers now have a great list from which to learn about the industry and its current providers. The Cybersecurity 500 list also offers a great window into emerging technologies from newer firms which often solve problems about which everyone knows, but has been unable to address” adds Steinberg.

    “The Cybersecurity 500 helps enterprises break through the clutter by offering a listing of the world’s hottest and most innovative cybersecurity players” says Robert Herjavec, founder and CEO of Herjavec Group, the No. 1 privately held company on the Cybersecurity 500. “This differentiation is important because we don’t have time to waste. There is no industry that moves at the pace of cybersecurity.”

    Cybersecurity Ventures continuously looks at new companies for inclusion in the Cybersecurity 500, by soliciting feedback from CISOs, IT security practitioners and service providers, and researching hundreds of cybersecurity events and news sources.

    The selection criteria for the Cybersecurity 500 is subjective and includes some or all of the following when evaluating each company:

    • Cybersecurity Sector (market category)
    • Problem(s) Solved
    • Customer Base
    • Feedback from CISOs and Decision Makers
    • Feedback from IT Security Evaluators & Recommenders
    • Feedback from VARs, SIs and Consultants
    • VC Funding
    • Company Growth
    • Published Product Reviews
    • Demos and Presentations at Conferences
    • Corporate Marketing and Branding
    • Media Coverage
    • Notable Implementations
    • Founder and Management Pedigree
    • Interviews with Senior Management

    The Cybersecurity 500 does not rank companies by revenues, employees, or annual growth. “We do not think a list of the largest cybersecurity companies is useful to our target audience of cyber and IT security decision makers, evaluators, and recommenders” says Morgan. “They already know who the biggest vendors are. Instead, we give a nod to the hottest and most innovative companies.”

    For CISOs and IT Security Teams

    The Cybersecurity 500 is both a list and a sortable directory. A link to the corporate website is displayed next to each company that is listed.

    The driving force behind the Cybersecurity 500 is providing something useful to the CISOs and security decision makers, evaluators, and recommenders. The compilation lets them search and find specific types of solutions from the most innovative cybersecurity companies in the industry.

    Cybersecurity Ventures publishes a new edition of the Cybersecurity 500 each quarter. The revised quarterly editions have new companies coming on the list, others dropping off, and changes to the listing order, to accurately reflect the current hottest and most innovative companies.

    Cybersecurity 500 Commemorative Pieces

    American Registry has announced commemorative pieces exclusively for Cybersecurity 500 listed companies. The recognition products include wall plaques, marquees, counter displays, banners and crystals.

    “American Registry provides the finest museum quality commemorative products for Cybersecurity 500 companies” says Steve Morgan, founder and CEO at Cybersecurity Ventures. “They capture the likeness of our brand and do the very best work possible in order to display the hard earned achievements which have been bestowed upon the listed companies. We highly recommend American Registry.”

    “We are honored to be partnered with the leading research and market intelligence firm in the Cybersecurity space and impressed with the quality of the companies receiving this unique distinction” says Michael Moran, CEO at American Registry.


    The Cybersecurity 500 is published by Cybersecurity Ventures, the world’s leading researcher and publisher of reports covering global cybercrime damage projections, cybersecurity spending forecasts, and cybersecurity employment figures.