Search ST Engineering

Are we missing a market inflection for IoT cyber startups in Israel?

October 5, 2020 - The investors in Israeli startups must have missed “the Covid-19 Pandemic memo” and powered investments in Q2 ’20 to a 5-year high of 170 deals per quarter with US$2.5b raised to record the second highest quarter for capital raised. Former Intel CEO Andy Grove said it best: “Bad companies are destroyed by crises; good companies survived them; great companies are improved by them.” The current crisis serves to sharpen this divide and shine light on who are the potential great companies of the future.

Where are startup investments going in Israel during Covid-19?
One signal of future performance can be attributed to raising venture capital investments during a crisis (the golden rule is those who hold the gold decide the rules). Much has been made of the crisis accelerating market outperformance from enterprise segments in medtech and work collaboration tools to consumer segments in food delivery and wellness. If we lean into the data, the top three Israeli startup investment segments in 1H’20 were in Artificial Intelligence (“AI”), Cybersecurity, and Internet of Things (IoT). Are we missing an emerging “sweet spot” when all three segments overlap – IoT Security using AI?

Why IoT Security market adoption remains low?
Today, IoT devices are pervasive and estimated to reach 25 billion by 2021. Traditionally air-gapped from external networks, they are increasingly connected to the internet, yet remain largely unmanageable (or unsecured) due to inherent design and resource constraints. While there is no shortage of innovations to overcome these challenges with advent of IoT cyber startups and their market potential for disruption, market adoption has largely not kept up (yet). Why is this so?

Time matters – you don’t sell in a short sales window or long sales cycle.
While startups often ascertain market attractiveness based on total addressable market size and enterprise life time value, they often overlook the total addressable time window and time to value. Securing brownfield IoT devices, though deemed a sub-optimal solution, offers the advantage of a large addressable time window for vendor evaluation of deployed devices till decommissioned or replaced. Building security into IoT devices at the design stage arguably offers higher efficacy but requires demonstration of value in a precise and short R&D window for vendor engagement, often not the strengths of startups with limited track record and marketing resources. Startups often focus inordinately on building technology value which at times also entail a high friction path to market value. A common example is to build security embedded on device which brings strong device cyber efficacy but requires a much longer sales cycle marketing to both enterprise customers and device OEMs to embed the solution.

Order matters – you can’t protect what you can’t see.
One of the common traps to finding product market fit lies in pursuing a pain point that customers will pay for eventually but not immediately. Early on, many IoT security startups built and marketed a deep suite of cyber solutions while those who gained market traction stayed focus on a broad inventory of asset discovery capabilities as a beachhead which precedes customer decision making for further cyber investments.

Timing matters – edge device security is ready for market adoption.
The IoT security startups that secured big growth rounds demonstrated the above traits, building direct access to customers with holistic IoT device visibility via frictionless deployments. However, going forward, Chief Security Officers will be hard pressed to provide their boards with comprehensive solutions that can not just see but act categorically on vulnerabilities and threats (don’t bring a problem that you don’t have a solution to). Enterprise customers will start to put pressure on device OEMs to embed cyber capabilities. At the same time, OEMs that have already made strategic investments into device managed services will find edge device security a strategic offering and a natural bolt on to further differentiate from competitors. Demand for edge device security will only be accelerated by a parallel trend for the movement of data inferencing from the cloud to the device as enterprises contemplate AI-powered edge inferencing and analytics as cost effective options to cloud.

Staying ahead of the pack – increase market coverage with security service providers.
The increased market activity among the diverse segments of IT security incumbents, device OEMs and IoT security startups have not been lost on Managed Security Service Providers (MSSPs). They will be motivated to defend existing market share against possible erosion from device OEMs with managed security services. At the same time, OEMs who have yet to build a managed service portfolio may become a new customer segment for MSSPs if they built early strategic partnerships with edge device security startups.
Fuelled by these new investments during the Covid pandemic, market resources and timing are now adjudged favourable for the next cycle of IoT security startups with edge device innovations. These startups now have viable options, that were missing before, to develop dual channel partnerships with device OEMs and MSSPs which will significantly accelerate market traction coming out of the pandemic.

Who knows, the next IoT “Checkpoint” may just be around the corner.