22 Sep The Past, Present, and Future of Cybersecurity

Hacking in the Hamptons, Sponsored by Evolution Equity Partners

– David Braue

Melbourne, Australia – Sep. 22, 2023

Sometimes, it takes that little something special for the name of a place to take on an evocative meaning of its own. This transformation long ago turned The Hamptons, an erstwhile potato farming area that in the late 1800s became a favored coastal holiday destination for New York City’s industrial giants, into a lifestyle — and an architectural style — that is recognized worldwide.

The cybersecurity industry evolved in much the same way, with early pioneers already aware in the 1980s that evolving computer architectures could be manipulated or damaged by malicious code.

By the early 1990s, antivirus pioneers were sowing the seeds of what would become the cybersecurity industry — but it wasn’t always obvious, Richard Seewald recalls, what the market would become.

“The 1990s were the decade of antivirus,” Seewald — who as founder and managing partner of Evolution Equity Partners has a long history tracing the evolution of cybersecurity innovators and backing those he feels have the greatest potential — told Cybercrime Magazine during the first of a series of sit-down panels entitled Hacking in The Hamptons.

Key macro trends, including increasing global connectivity via the Internet and the normalization of email, inadvertently created new opportunities for cybercriminals to target their victims with malware — and this, in turn, helped the antivirus industry grow from its early roots into a completely new category of software.

---

---

It was, Seewald recalls, also a significant time because — unusually for the IT industry — the sector was not dominated by American software giants that initially focused on English-speaking markets and ignored much of the rest of the world, including former Eastern Bloc countries with considerable technical expertise.

That strategy created market voids for foreign innovators to build an antivirus ecosystem in which many European and Asian companies were able to carve out significant niches of their own.

“There’s a good reason why these small countries evolved into being antivirus powerhouses,” Seewald said, citing the rapid growth of firms like Czech companies AVG Technologies and Avast Software alongside Romania’s Bitdefender as critical moments in helping the antivirus industry build steam.

“The large U.S. antivirus providers simply didn’t put local language versions into places that were small countries,” Seewald explained — noting that many of the companies successfully pioneered “freemium” pricing models that rapidly expanded their reach — “and for that reason you started to see local champions being built that evolved into global champions.”

Building the wall

Even as antivirus pioneers laid the foundation stones for an industry that would explode in value in coming decades — from $2 billion in the 1990s, to $50 billion in the 2000s, to $250 billion in the 2010s and an estimated $2 trillion this decade — others were considering the security implications of the rapidly evolving client/server Internet.

“At Netscape we knew from the get-go that we needed to protect the information on the open Internet,” noted Taher Elgamal, a career mathematician and cryptography expert who now serves as a partner at Evolution Equity Partners but helped shape the evolving World Wide Web as chief scientist at Internet pioneer Netscape Communications from 1995 to 1998.

“It’s one of the rare occasions where security came before the business,” he continued. “Most of the time you wait and say ‘there are viruses, so let’s go catch them’ — but we actually predicted that once e-commerce got on the open Internet, that attacks would increase and attackers would want to have a ball playing with the transactions and private information floating over it.”

Even as Netscape and competing browsers laid down standards for client-side security, others were exploring ways of not only securing user desktops, but also of protecting the pipes that connected them across the rapidly exploding Internet.

That led to the creation of one of the other pillars of the security industry, as firewalls allowed businesses to monitor and control traffic coming into their organizations.

Even though firewall capabilities are now recognized as a crucial and now-universal capability to protect both networks and networked applications, it wasn’t always that way, recalled Yuval Ben-Itzhak, a general partner with Evolution Equity Partners who in 1999 founded web application firewall pioneer KaVaDo.

Companies “took their business applications onto the Internet and connected them directly to the business, and to databases, but nothing was secure,” he recalls. “There was nothing protecting the application side and no one realized there was a need for that — and it took three to four years for the market to acknowledge that applications also need to be protected on top of the network itself.”

“As a CTO, we realized that threats are no longer static as the Internet becomes more dynamic.”

Protecting against the unknown

As the 2000s progressed, the dot-com correction and rapid evolution of the Web lit a fire under the cybersecurity industry, as companies like Microsoft and Symantec began getting serious about security and innovators looked for ever more creative ways to detect increasingly problematic cybercriminals.

A key conceptual innovation at the time was the use of behavior-based heuristic detection, which stepped away from well-established signature detection methods to focus not on what malware was, but also what it was designed to do.

“Back then, we didn’t call it AI, but it was behavior-based detection,” said Ben-Itzhak, who sold KaVaDo in 2005 and joined cloud-based security pioneer Finjan as chief technology officer. “It was the beginning of AI and machine learning, trying to analyze threats and determine how we deal with something that we’d never seen before.”

Approaching cybersecurity threats with a flexible detection strategy proved critical for cybersecurity firms to have any hope of keeping up as the world rapidly shifted to cloud and business systems were exposed to all manner of novel attacks.

That approach would continue to drive cybersecurity through the 2010s and into the current decade, where increasingly sophisticated AI systems harvest information about new security threats and translate them into workable security protections in real time.

This era of AI-powered threat intelligence is as much about collective defense against cybercrime as security in the 1990s was about protecting individual desktops — and looking back at how the market evolved from the desktop to the application to the web gateway and to mobiles, Ben-Itzhak said, “and now we are in the age of cloud security.”

Building a cybersecurity community

Just as it has expanded the reach of cybersecurity protections globally, the shift to cloud architectures has also supported the creation and strengthening of cybersecurity communities.

Industry conferences like RSA have proven critical sounding boards that bring together tens of thousands of cybersecurity innovators to share knowledge, discuss innovations, and support each other in the pursuit of common goals.

Such communities grow organically, noted Elgamal, who recalls RSA starting in the early 1990s as “a cryptographer-mathematician meeting” — perfect for a career cryptographer who was working as director of engineering at RSA — “and we had 50 people.”

“It’s fascinating to see how it was,” he said, noting that the conference’s growth “actually started by promoting that different companies can come in and belong to its sandbox. Other companies that were even in the cryptography market were silent — but [the show] has encouraged people to come in and sort of cooperate and talk about things.”

Decades later, RSA remains a pinnacle of the cybersecurity conference circuit – “Everybody loves digital connections but in-person connections are really important,” he said – but its core message of collaboration has bolstered the spirit of an industry that, despite its natural competition, also remains aligned around a common cause as experts fight to protect new technologies like Internet of Things (IoT).

Such new technologies highlight the fact that cybersecurity as an industry will always be chasing the moving target of innovation.

“We actually don’t even understand what is the scope of attacks on IoT infrastructure,” Elgamal said. “The world is very different, and presents us with challenges and presents attackers and criminals with opportunities. And I’d like to think that what we are building today is a digital global society — and I do not believe that we’ve seen anywhere close to what it is going to look like.”

---

---

Looking towards the next generation

The cybersecurity industry’s evolution over the past five decades has been marked by both dramatic change and evolutionary growth — yet despite its progress to date the industry, panel members all agreed, is only getting started as innovators continue to explore ways to protect against not only network and device-based attacks, but attacks on the integrity of data, social media, and other critical services.

As specialized investors in the cybersecurity industry, Evolution Equity Partners is better positioned than most to see what’s coming down the line — and the most promising innovators, Seewald said, are emerging from efforts to tap AI to fight the likes of financial crime and interference with software development environments and extended business supply chains.

Just as when small European antivirus firms stepped into a market void to bring their expertise to the world, innovation-rich countries continue to make their mark — with Israel, in particular, as a cybersecurity leader thanks to a combination of cultural and business factors.

“When we look at Israel, we’re seeing a very unique ecosystem,” Ben-Itzhak said. “Each year, hundreds of well-qualified and trained engineers are going into the market, well-experienced and ready to launch a startup.”

“It’s something that is super unique in Israel that is almost not seen anywhere else — and that’s why you see more and more cybersecurity companies coming from the country and this environment, which is just feeding itself.”

The increasing capabilities of innovation hotspots around the world have given investors a wealth of contenders to back — and that, Seewald says, paints a bright future for cybersecurity’s innovation space and its overall capabilities moving forward.

“We’re in the golden age of cybersecurity investing,” Seewald said, “in part because of the opportunity that’s presented to build companies to defend against next-generation attacks that are now more prevalent, better funded, more sophisticated, and targeting the soft underbelly of our society — our infrastructure, our social media, our enterprises, our governments, our voting infrastructure, and so on.”

And while it’s hard to know which innovators will drive the cybersecurity market to the next level, Seewald points to the past success of game-changing companies like SecurityScorecard as proof that the right cybersecurity idea truly can go far.

“It’s a great example of a segment that didn’t exist five to six years ago,” he explained. “Cybersecurity risk ratings were imaginary just a few years ago — but we invested at the seed stage to back that company into later stage growth, and fast forward a few years and the companies are worth several billions of dollars and generating several hundred million dollars in ARR.”

“It’s just a great indicator of the innovation and disruption we’re going to see over the next decade in categories that, similarly, will play into that uptick in growth in the cybersecurity space.”

“It’s been a tremendous ride, and when you look at the next decade, the opportunity for investment in cybersecurity is better than ever. We’re pleased to be at the forefront of that.”

– David Braue is an award-winning technology writer based in Melbourne, Australia.

Go here to read all of David’s Cybercrime Magazine articles.

---