2022 VC Survey
YL Ventures: “The cybersecurity industry is not immune to geopolitical shifts”
Ofer Schreiber, YL Ventures Senior Partner and Head of Israel Office, joined CTech to discuss how the cybersecurity market is impacted by the tech crisis.
“The latest geopolitical events have had a direct effect on the Israeli tech market in general and the cybersecurity sector specifically, as more and more European organizations now realize the need to fortify their assets, identities, and data from incoming threats - as we’ve witnessed in the recent turmoil in Ukraine,” explained YL Ventures Senior Partner and Head of Israel Office, Ofer Schreiber. “The cybersecurity industry is not immune to these macroeconomic and geopolitical shifts.”
Read every interview in our on-going project
YL Ventures funds and supports Israeli cybersecurity entrepreneurs from seed to lead. In this climate of geopolitical unrest, Schreiber argues that the sector in particular needs to continue being innovative and an essential part of businesses around the world.
“A recession will invariably mean decreasing security budgets and longer sales processes, and CISOs’ priorities - which are always important - will be even more so going forward,” he continued. “The Israeli cyber industry continues to deliver innovative solutions that have proven critical for global organizations and their business goals, and therefore cybersecurity remains a ‘need to have,’ not a ‘nice to have’ despite (and sometimes because of) global events.”
Name of fund/funds: YL Ventures
Total sum of fund: 5 funds, total of $800M in managed capital.
Partners: Yoav Leitersdorf, Managing Partner; Ofer Schrieber, Senior Partner and Head of Israel Office; John Brennan, Senior Partner; Sharon Seemann, Partner, Marketing; Michael Cortez, Partner
Notable/select portfolio companies: Israeli cybersecurity unicorns Axonius and Orca Security, as well as acquisitions by corporations including Twistlock (acq. by Palo Alto Networks), Hexadite (acq. by Microsoft), Medigate (acq. by Claroty) and FireLayers (acq. by Proofpoint), among others. The firm’s portfolio includes Grip Security, Cycode, Satori, Vulcan Cyber, Valence Security, Enso Security, Eureka Security, Opus Security, Piiano Security, and others.
Schreiber joined CTech for its 2022 VC Survey series to explore some of the trends we can expect as we approach 2023 and beyond.
If 2020 was the year of the pandemic, and 2021 was the year of records, how would you define 2022 in the VC sector?
“It may be overly simplistic to view 2022 as the ‘year of the downturns’ in terms of both investment appetite and vendor challenges if our assessment is based on the extreme highs of 2021. Viewed objectively and through a long-term lens, 2022 was a challenging year that marked balancingleveling out between potential and actual revenues.
“One of the relevant factors to observe as part of the recent market trends is the stage of investment. Early-stage startups building solutions for new and concerning pain points remained prime targets for investments in the past year, as the market drivers that fuel their activity, especially in the cybersecurity industry, that we operate in - increasing attacks, cloud adoption, and remote work environments - continue to influence business decision-making. Late-stage startups that raised significant funding rounds in the past two years may still have the capital to burn through, but their bloated valuations (that don’t always coincide with their actual revenues) will make it harder for them to attract new investments in the coming years. These companies may need to make difficult decisions that will invariably impact their growth, such as layoffs, etc.
“The market turmoil has impacted our ability to predict customer behavior, much like the sentiment during the Covid-19 pandemic. This uncertainty then translates into a general sense of wariness and hesitance that stands in stark contrast to 2021’s investing attitude, but this is a positive course correction that will benefit the industry in the long term.”
Who are the big winners of 2022 and why?
“We’ve seen that cybersecurity investments in early-stage rounds have remained relatively stable - and even grown - this year, due to the sustained need for innovative solutions to address pressing problem spaces. Startups that built their business on strong foundations, met benchmarks and practiced fiscal responsibility may even be able to accelerate their growth on the other end of this downturn.
“Additionally, we are seeing a new wave of cybersecurity solutions that cater to stakeholders beyond the CISO and security teams. These startups are introducing an exciting evolution in the cybersecurity sector, as 2022’s tightening budgets have demanded innovation that provides value to other organizational stakeholders including business leaders, C-suite executives, and development teams. Those startups that have recognized this angle may secure their place in the market without being affected by its turmoil.”
Who are the big losers of 2022 and why?
“The ramifications of the market’s turbulence in 2022 have impacted the entire tech industry - including investors in all sectors. I, therefore, don’t see any ‘losers,’ but more of a necessary shift in late-stage companies towards introspection and a welcome examination of processes, products, and growth vectors, looking ahead. Growth-stage investors may have also had to reassess their strategies and priorities this year, in light of the market’s significant effects on startups in these later stages.”
What do you expect in the VC sector in 2023?
“As far as the Israeli tech industry is concerned, the market’s fluctuations haven’t discouraged promising founders from building the next great startups (especially in the cybersecurity space), and haven’t stopped VCs and LPs from vying to be the ones to fund them. YL Ventures, for example, recently (May 2022) raised our fifth fund, in the sum of $400M which will invest in early-stage Israeli cybersecurity startups. This capital will serve the industry in the long term, but I do believe that 2023 will be a challenging year for startups in all sectors.
“Most of the companies that did not raise funding rounds this year and delayed the process will be forced to raise capital or search for the nearest exit in 2023, many of them at much lower valuations than those of 2021 rounds. In 2022, we weren’t ready to look reality in the face. In 2023, we won’t really have an option.”
What global processes will affect (positively and negatively) the Israeli market?
“The latest geopolitical events have had a direct effect on the Israeli tech market in general and the cybersecurity sector specifically, as more and more European organizations now realize the need to fortify their assets, identities and data from incoming threats - as we’ve witnessed in the recent turmoil in Ukraine. The cybersecurity industry is not immune to these macroeconomic and geopolitical shifts.
“A recession will invariably mean decreasing security budgets and longer sales processes, and CISOs’ priorities - which are always important - will be even more so going forward. The Israeli cyber industry continues to deliver innovative solutions that have proven critical for global organizations and their business goals, and therefore cybersecurity remains a "need to have,” not a "nice to have” despite (and sometimes because of) global events.”
How should different companies prepare for the coming year?
“Startups seeking Series A and beyond today will need to demonstrate their ability to sustain the company’s growth well into the future. These startups must display strong results in both ARR and the number of paying customers in order to generate interest from investors. Growth rounds are most affected by the dramatic change in 2022’s investing climate, and this will manifest in fewer rounds and a decline in total capital invested in these rounds compared to 2021.
“Furthermore, startups - especially in earlier stages - must focus on ensuring that their product fits the evolving needs of their customers in order to continue to be relevant and bring value to their market in the near future. For young companies, layoffs should be a last resort, as exceptional talent will always be scarce and extremely valuable for startups. Finally, startups of all sizes would do well to examine their burn rate and extend their runway as much as possible before their next funding round. Proactive decision-making rather than reactionary cuts will help sustain startups beyond the current market volatility and into 2023.”
What will be of the dozens of unicorns born last year?
“Some of these companies achieved top-line growth with a strong product and a wide market, and these startups will sustain their success in the coming year. For others, we will definitely see downrounds and acquisitions at lower valuations than the companies’ previous rounds.”
What sectors in high-tech should we look out for in the coming year - and why?
“As a VC focused on a singular sector - cybersecurity - I can attest that VC interest in cybersecurity solutions has not abated in the past decade, rather the opposite. As malicious actors employ increasingly sophisticated attack strategies and evolve their tactics on a monthly basis, so grows the urgency to find appropriate security solutions to obstruct them. The cybersecurity sector has undoubtedly been affected by the market’s slowdown, but its unique characteristics and significance for business continuity make it less sensitive to economic changes in macro conditions, as changes in interest rates do not affect the appetite of malicious actors. As Israel continues to be the “Ivy League” of global cybersecurity startups, the Israeli cybersecurity industry will no doubt ensure its continued acceleration as a preferred investment target.”
HR: Do the layoffs, those that have already happened and those that are coming, help to fix in any way the distress experienced by companies over the past 2-3 years?
“For most tech companies, salaries are now the most significant expense. These companies raised large sums of capital during 2021, with the intention of fueling their hyper-growth, and recruited in bulk to do so. This year, the tables have turned and they have to revisit their human capital expenses in order to extend their runway, as their growth expectations (ARR) are not going to be met due to the events in the macroenvironment. They should be wary of extreme layoffs, however, in order to ensure that they retain a strong employee base to continue growing despite market conditions.
“I don’t foresee a change in employment conditions for technical positions in the near future, as those who have been laid off will immediately be recruited by smaller or more fiscally-secure startups, especially in the cybersecurity sector. We may witness startups tightening their belts and preferring to scale down their hiring budgets for the less technical positions including Marketing, Sales, HR, and others, and these may be the sectors that will show a slowdown in terms of recruiting in the coming year.”
Eureka Security and Opus Security - YL Ventures’ notable portfolio companies
Eureka Security
Data Security Posture Management. This is a holistic approach to securing all data inside of data stores within your cloud environments, regardless of where it resides and how it got there, and without requiring deep expertise in how each data store operates.
Founders: Liat Hayun (CEO), Asaf Weiss (CTO)
Founding year: January 2022
Number of employees: 20
Explanation behind investment:
Liat and Asaf’s brilliantly unique approach to data security (discover and classify sensitive data and use a platform-agnostic policy engine to manage risk) led to six design partnerships while they were still in the pre-investment stage. This rare stamp of approval cemented our belief in their vision - and their ability to execute it as a true enterprise security solution. As with all of our companies, beyond top-notch technology, we invest in stellar, unparalleled founding teams.
Liat and Asaf have solid backgrounds. Liat is a former VP of Product Management at Palo Alto Networks, and Asaf is a former Director of Engineering at Microsoft and Palo Alto Networks, and they met while serving at the IDF’s elite intelligence unit 8200 (where they each won the prestigious Israel Defense Prize for important achievements in their respective military roles). We were impressed by their leadership skills, critical thinking and outstanding domain expertise as these two professionals devised a plan to revolutionize data security, and implemented it - we just had to be there for support.
Opus Security
Cloud Security Orchestration and Remediation. This is a new approach to remediation in the cloud. Replacing antiquated, time and resource-intensive manual processes, this approach automates remediation processes as needed, while ensuring that all relevant stakeholders in the organization are aligned. Rather than building processes from the ground up, Opus alleviates latency and reduces risk by providing teams with tried-and-tested playbooks based on extensive knowledge and best practices - letting them focus on active threat mitigation across the entire organization rather than build processes from scratch.
Founders: Meny Har (CEO) and Or Gabay (CTO)
Founding year: September 2022
Number of employees: 10
Explanation behind investment:
When we met Meny and Or, they already had decades of experience in the SOAR market and a deep understanding of the problem space and pain points that have developed with the evolution of SecOps in the cloud-native world. They knew how they wanted to attack the major gaps in cloud security remediation, and this fit well with the need we’d been hearing from leading CISOs in our network - visibility tools have helped security teams see what needed to be fixed, but they didn’t know how to do so. When we put the founders in front of these CISOs, it was clear that we had a stellar, professional team ready to tackle what is becoming an increasingly urgent space to resolve.
We weren’t the only ones struck by their vision and ability to see it through, as Opus is supported by top-tier investors and advisors from the global ranks of cybersecurity.