A new report finds that venture capital investment in early-stage cybersecurity startups slowed in the second quarter amid ongoing macroeconomic headwinds that include 40-year high inflation and increasing interest rates.
The DataTribe Insights Q2 report found that despite increasing demand for cybersecurity services, particularly amid the ongoing Russian invasion of Ukraine, early-stage cybersecurity deal volume decreased in the quarter from both the previous quarter and a year ago.
Cybersecurity seed deal volume fell in the quarter by 19.5% year-over-year, with 41 deals in the second quarter of 2021. Cybersecurity Series A deals plunged 43%, with 12 deals in the quarter. As a percentage of overall deals, cybersecurity seed deals were down but still in line with historical averages of 3%, while Series A deals have fallen from a peak of 8% in the second quarter of 2020.
Valuations on seed deals have also declined, down to 33% from the first quarter but still 50% higher than the second quarter of 2021. Cybersecurity Series A rounds saw a 10% drop in median valuation from $45 million to $40 million, though that was 23% higher than a year ago.
The report notes that although PitchBook’s data showed a decline in early-stage cybersecurity deal volume and valuations, DataTribe continues to see a robust and quality flow of cybersecurity companies.
“In our talks, founders generally understood that capital was scarcer and seemed more open to lower valuations,” the report states. “In the long run, realistic valuations will better serve seed-stage entrepreneurs as they raise future rounds of capital.”
The report also highlighted what’s described as a clear and present danger to industrial environments. The second quarter saw the rise of Pipedream, an industrial control systems malware toolset that targets ICS and operational technology networks.
The Pipedream malware allows attackers to download data, alter devices, surveil industrial environments, identify high-value targets and launch attacks against sensitive systems. The report says there’s a massive destructive potential in these attacks, up to and including loss of life – and defending against them is critical.
The rise of Web3 hacks was also noted as a rising trend. There were 290 recorded attacks in the sector in the second quarter, resulting in a 170% increase in attacks where more than $100,000 in cryptocurrency was lost or stolen.