We are free of charge but before you start please donate $5 to help others! Help us. Make a Difference.
Helping others is the first step in making the world a better place and improving the lives of those who aren’t as lucky as you. But it’s also shown to bring about a wealth of benefits for those who choose to help and might just be the key to happiness! We are helping all over the world.
Is there anything hotter than cybersecurity technology right now? With cybersecurity spending rising to counter a raft of increasing threats, that’s no surprise. But beneath the surface, the market is shifting to a more integrated approach that is favoring startups and companies with a focus on cloud-based Zero Trust Network Access (ZTNA) and Secure Access Service Edge (SASE) security solutions.
SASE and ZTNA are both gaining intense interest because they take an integrated approach to security, melding networking security with identity-based access as well as other cybersecurity functions.
One indicator of how hot this area is can be seen in the startup money that continues to flow from the venture capital (VC) space. A flurry of deals in just the past two months has given many young startups billion-dollar-plus valuations (see below). And overall, cybersecurity investment is ballooning. Crunchbase says that only halfway through the year, investment in the area has already surpassed the record-breaking $7.8 billion raised by security companies in 2020.
The macroeconomics behind the funding are obvious: Cybersecurity spending is escalating and taking a greater share of information technology (IT) budgets as organizations worldwide look to fend off the bad guys. Cybersecurity Ventures recently predicted that global cybercrime damages will cost the world $6 trillion annually by 2021, up from $3 trillion in 2015. The same firm said that cybersecurity spending is expected to reach $1 trillion cumulatively for the 5-year period from 2017 to 2021 (Source: Cybersecurity Magazine).
Why Zero Trust and SASE?
The hottest buzzwords in cycbersecurity include Zero Trust, ZTNA, and SASE, all of which use complex algorithmic techniques to verify that the right users, machines, applications, and networks are connecting to cloud and enterprise applications. Zero Trust and SASE can combine several cybersecurity technologies at once — for example, using application data to verify users and encrypting connections across networks — so it’s all part of a move toward a more integrated approach to cybersecurity that helps reduce the burden on network and security managers who must oversee many security tools.
MORE FOR YOU
SASE and ZTNA aren’t specific product categories as much as they are approaches to security architectures that assume “zero trust” for any type of connection until it’s verified by multiple sources of technology or data.
Last summer, the U.S. National Institute of Standards and Technology (NIST) put out a guidance publication on Zero Trust Architecture (NIST SP800-207). The report said that Zero Trust “is not a single architecture but a set of guiding principles for workflow, system design, and operations.” NIST defines Zero Trust as “a collection of concepts and ideas designed to minimize uncertainty in enforcing accurate, least privilege per-request access decisions in information systems and services in the face of a network viewed as compromised.” It recommends a focus on “authentication, authorization and shrinking implicit trust zones.”
SASE is another new area that overlaps with ZTNA. The concept of SASE was popularized by Gartner last year, describing an array of technologies that are being integrated to deliver network security by combining cloud security with software-defined networking technology. Some of the niches being blended into SASE include software-defined wide-area networking (SD-WAN), Secure Web Gateways (SWG), Firewall-as-a-Service (FWaaS), and Cloud Access Service Brokers (CASB). It also includes ZTNA. ZTNA can actually be considered a subset of SASE.
Cybersecurity technology is blossoming to include many pieces of this puzzle, and the market continues to explode. Based on data we’ve seen, the average cybersecurity professional evaluates hundreds of cybersecurity tools and typically uses in excess of 20. Solutions that help professionals consolidate or integrate security products will be in high demand.
Recent Funding in SASE and ZTNA
Now that security architectures are shifting to these more sophisticated architectures that combine networking access and Zero Trust principles, this is generating another wave of startups.
Let’s take a look at a few of the recent funding deals in the cybersecurity market:
- In early June, online identity verification platform Trulioo announced it has closed a $394 million series D round of funding at a $1.75 billion valuation. Founded in 2011, Vancouver, Canada-based Trulioo offers enterprise tools for verifying users, including general identity verification against a number of third-party sources.
- On June 15, Elisity, a cybersecurity startup, announced that it raised $26 million in a funding round led by Two Bear Capital and AllegisCyber Capital. Elisity, whose founding team includes Cisco, Qualys, and Viptela veterans, offers cybersecurity tools designed to secure data and access. CEO James Winebrenner said the capital will be used to scale Elisity’s operations as it accelerates R&D and customer acquisition.
- Transmit Security, a Boston-based startup that’s on a mission to rid the world of passwords, has raised a gigantic $543 million in Series A funding, which may be the largest Series A funding round ever. The round was led by Insight Partners and General Atlantic, with additional investment from Cyberstarts, Geodesic, SYN Ventures, Vintage, and Artisanal Ventures.
- Illumio was an early startup in an area known as cloud micro-segmentation. The company has pivoted a bit, now calling its technology “Zero Trust Segmentation,” and in early June it announced a $225 million Series F funding round at a $2.75 billion valuation. The round is led by Thoma Bravo and is also supported by Franklin Templeton, funds managed by Hamilton Lane, and Owl Rock, a division of Blue Owl Capital.
- In June, Lightspin announced that it has raised $16 million Series A funding for a “next-generation cloud security platform” in a round led by Dell Technologies Capital with significant participation from existing investor Ibex Investors.
- Anjuna in June announced the successful closing of its Series B financing, with an investment of $30 million led by Insight Partners. That brought total company funding to over $42 million, which the company says will be used to launch the Anjuna Confidential Cloud Software Platform, which uses cryptographic hardware to create a secure “enclave” for public cloud applications.
- On June 30, Versa Networks, a longtime leader in the SD-WAN and ZTNA space, announced that it closed an $84 million series D funding round co-led by Princeville Capital and RPS Ventures, with additional participation from Sequoia Capital, an existing investor. The company has raised a total of $196 million. CEO Kelly Ahuja told Futuriom that Versa will use the money to scale the company’s platform and expand its marketing and global sales teams, as well as sales channels. Versa has recently emphasized its work on a SASE platform that can span both cloud and on-premises networking architectures and has introduced new ZTNA products for remote access.
- Netskope last week announced that the company has closed a new $300 million investment round led by existing investor ICONIQ Growth. Also participating in this latest funding round were all other major existing Netskope investors, including Lightspeed Venture Partners, Accel, Sequoia Capital Global Equities, Base Partners, Sapphire Ventures, and Geodesic Capital. The company said the round was oversubscribed and that the company achieved a post-money valuation of $7.5 billion. Netskope, a cloud security firm that competes with public companies such as Cloudflare and Zscaler, started in the cloud-access service broker (CASB) space but has recently added SASE and ZTNA services and now aligns itself with the SASE market.
- Founded in 2019, WiteSand has built what it calls first first cloud-native, multi-tenant solution that provides asset discovery, Network Access Control (NAC), wired and wireless provisioning, monitoring, and flow analytics. The integrated offering can span global networks reaching campuses, remote offices, factories, logistics centers, retail sites, and much more. This includes a ZTNA as a service solution, with default deny and explicit allow policies, defined by the customer. The company just recently (June, 2021) came out of stealth mode with $12.5 million in seed funding to date from institutions and angels.
What’s Next for Zero Trust?
With these huge amounts of money flowing into the market, one has to ask: Why is identity-based security, Zero Trust, and SASE getting so hot now?
One answer may lie in the fact that large cloud providers have released data proving massive demand for network and cloud application access to ensure the right people can get to the right places without being hacked.
One example is Microsoft (Nasdaq: MSFT), which has made a concerted effort to integrate its security strategy around the area of ZTNA. The company said earlier this year that its security revenue has surpassed $10 billion. According to the company’s announcement, a “Zero Trust mindset … is the cornerstone of effective protection, the foundation for organizational resilience, and the future of security.”
This reflects the new thinking of cloud security architects, who see ZTNA and SASE as a general approach to security consisting of a wide raft of integrated products used to verify user access, rather than a specific category.