Data security, IAM led cybersecurity investments in 2019

Data security, IAM, and risk and compliance sectors were the big winners for cybersecurity investments in 2019.

Momentum Cyber, a strategic advisor for mergers and acquisitions, recently shared with SearchSecurity a preview of its Annual Cybersecurity Almanac, which details the top 10 sectors by both funds raised and deal count. The report, which will be published in the upcoming weeks, also details cybersecurity trends as well as industry predictions and strategic activity.

The almanac compiles data from nearly 420 unique capital raises around the globe, which is part of Momentum's proprietary database for cybersecurity investments.

"We comprehensively track pretty much all cybersecurity M&A and financing activity whether through traditional sources like PitchBook, Capital IQ, as well as proprietary information provided to us by our network as well as just a number of extensive research reports we sign up to and analysts we work with," said Evan Gibney, senior analyst at Momentum Cyber.

According to Momentum Cyber, three cybersecurity sectors raised more than $1 billion in 2019. Those sectors included data security with over $1.2 billion in funds raised; IAM with nearly $1.1 billion; and risk and compliance with just over $1.05 billion. Representative data security companies include Acronis and OneTrust, while IAM companies include 1Password and Auth0, and risk and compliance companies include CyberGRX and KnowBe4.

Some of the totals were driven by large funding deals. For example, 1Password raised $200 million in November for its first round of funding, while KnowBe4 raised $300 million in June.

On the deals front, nearly 420 venture capital investment deals were made in the cybersecurity industry in 2019. The leaders were risk and compliance at 64 deals, network and infrastructure at 48 deals and data security at 45 deals. Representative risk and compliance companies include SecurityScorecard and QOMPLX; representative network and infrastructure companies include Corelight and Vectra AI; and representative data security companies include TrustArc and Very Good Security.

Gibney pointed out that data security, IAM, and risk and compliance were in the top four for both categories.

"I think a lot of what's driving that is that in the past two years or so, we've seen GDPR and the California Consumer Privacy Act, and we've seen a lot of regulation around access to data, data restriction, and data privacy, and I think probably over the last year or two we've seen a lot of companies preparing for this both on the M&A side and I think on the investment side. And with these regulations and data breaches, I think that's why we're seeing these busy sectors."

Last year's Cybersecurity Almanac listed risk and compliance as the leading sector for venture capital funding in 2018, with 51 deals. Cyber Momentum reported a total of $6.2 billion in cybersecurity investments and a total of 408 deals last year.