VC Talk

Date:   Saturday , March 31, 2007

Prashant Shah
Principal, Hummer Winblad Venture Partners
Prashant Shah has been instrumental in many investments including Baynote, Bridgestream, Cenzic, InMage, Jareva Technologies, Krillion, Scalent, SyncVoice, Tizor and Voltage Security.
He also observes a number of these boards. In addition, Prashant is an active Charter Member of TiE Silicon Valley, where he is Chair of the Software SIG.

Security is contagious. Every new technology or development platform that is produced will see security have a grasp around it. And this is the biggest challenge in the security space today.

Today enterprise security is moving towards the edge and acquiring a strategic fashion. Earlier on, it focused on proving protection just to the core-centralized assets. Now the software is slowly transforming from a very centralized, mainframe-type to a more distributed architecture. Currently, the area (security) is finding new uses as similar security threats are shifting base from desktops to blackberrys and PDAs. This essentially has opened the market for security that is more ‘enter-fabric’ or inbuilt into the way computing is developed. It has to go beyond just anti-virus facility for desktop and other intrusion detection for servers.

The areas in enterprise security witnessing unprecedented growth are the wireless and compliances sectors. While on one hand, wireless remains the same with familiar set of processes, mindset, the addiction to this morphine has become quite a challenge. Wireless makes things around very easy, end users love it and it makes mobility truly available. From that perspective, there has been an early rush to get wireless without much being looked at all the elements required to get the enterprise secured. The thing about this field is that due to its constant demand, we never look at it as huge potential for security.

There are things still being mulled over in security compliance needs. While it has stepped up to the forefront with CIOs and CFOs coming out with policies, they are yet to find an optimum manner to enforce these policies.

Robin Vasan
Managing Director, Mayfield Fund
Robin Vasan has been focusing on virtualization, security and open source technologies. Vasan currently sits on the boards of Alfresco, Centrify, Determina, Elemental Security, GroundWork, Informance, TrueDemand and Webroot.

Financial gains will continue to fuel security threats, which in turn will continue to determine the market scope for Enterprise Security. One should identify the catalyst that hastens instances of security threat. The erstwhile threats had various catalysts like the viruses from emails or spy ware and keyloggers that targeted the Browser. As an investor or entrepreneur, one should try and think what the next catalyst could be. Focusing a little bit on how the market has developed would give an idea about the emerging fields.

In terms of customer demands, the key issue over the last several years has been security for compliance. Unfortunately compliance is a broad term being used to cover a whole variety of solutions across different segments. At the heart of it, the key element about compliances would be to understand who is accessing what, when, why and how. And to ensure that the information is access by the people authorized to do so.

The key areas under these are garnering investments are Access control, Identity management and Data security. These areas are growing in significance, as recovery of email data stored over time becomes mission critical.

Security threats catalyzed due to the usage of wireless might not cater to a stand-alone independent market. There are two main reasons for this; one being wireless access companies opting for in built security options, for instance Cisco is embedding security directly into switching. Also, other security solutions like security against data intrusion could be implemented for a wireless switch. There are ways to solve the wireless security problems, without the necessity for an independent market.

Asheem Chandna
Partner, Greylock Partners
A Charter Member of TiE Silicon Valley, his areas of interest include enterprise infrastructure, datacenter, networking and security. Chandna represents Greylock on the board of directors at Imperva, Palo Alto Networks, Securent and Xsigo Systems. He is also on the board of directors at Sourcefire (FIRE). He was previously on the boards at CipherTrust (Secure Computing), NetBoost (Intel) and PortAuthority Technologies (Websense).

Enterprise security will continue to be a top IT priority in 2007, especially with rising security threats in compliances and emerging fields. According to a study by IDC, Greylock and S G Cowen, the security market witnessed a 16 percent growth (CAGR) in the last three years. This year, most organizations are expected to allocate anywhere between five to ten percent of their IT budgets on this space.

There is significant increase in Internet facing data centers and focus around data and database protection. Security threats have moved proportionality with the heightened usage of software applications, both inside and outside the enterprise. In fact, over time a certain vaporization of enterprise network perimeters has taken place. This is directing the organization’s priority around database protection.

There have also been increased cases of new traffic with old threats and more recently - new traffic with new threats, as in the case of Web 2.0. This sector has brought along with it a sudden surge in security threats thanks to the new traffic - VOIP, video streaming where applications and data are becoming primary targets for attacks. New threats are calling for newer means to secure the enterprise as hackers have gotten sophisticated and Fire Walls are only the first line of defense. Entrepreneurs can translate this need into an opportunity by innovating in this space. Both public and private companies are increasing their spending to upgrade their security to include AV, IDS, DoS protection and IPS/end-point solutions to add additional layers of defense.

Interestingly, compliance continues to drive the markets. A CIO/Price Waterhouse global survey shows that corporate budget spending is expected to increase by 51 percent in this sector. Entrepreneurs should look at this sector aiming the key customers challenges that include knowing what levels of controls is acceptable, understanding the scope of necessary controls and what inadequate documentation of existing processes could lead to.

In the wireless arena, mobile security promise as a hotbed market in the future. Similar threats that exist in laptops today will find their way into the mobile space only the level of threats would increase. Major platform vendors are integrating key capabilities into network/switching fabric as multi-function appliances gaining traction in the enterprise.According to VentureSource, VC investments in IT software and hardware security companies fell from $1,529 million in 2004 to $703 million in 2006, a two-year decline of more than 50 percent.

However, despite this, the security sector will remain over funded in 2007, though we will likely see a decline of new venture dollars in the space. The year will continue to be an active year for security M&A. With 800-1000 pilot companies’ around- ‘consolidation’ is going to be the key word. We can also expect anywhere between three-four IPOs in the sector. New project areas of priority for IT security customer spending this year, that VCs and entrepreneurs could benefit from will include: compliance, database security, end-point encryption, identity and access management, information leakage prevention, intrusion prevention, messaging security, network admission control and web security.