The Tech Sales Newsletter #74: Cybersecurity ecosystem health check

One of the most useful reports in the cybersecurity space is created by Altitude Cyber and tracks the acquisition and funding activity across the ecosystem on monthly basis.

This week we’ll take a look at the latest stats published December, which will provide us with a good idea of how 2024 played out. I previously analysed their 2023 overview in #36 with the following conclusion:

So no startups for me then?

As with anything else in life, the exceptions prove the rule. If you are already in the industry and find a great opportunity with a team you are familiar with, you should take it.

This also doesn’t mean that BIG MONEY won’t be directed in the future towards disruptive young companies. However, the more relevant question is where YOU, the sales anon, will be able to monetize the opportunity when it comes around again.

For most, this means their best bet is the platform players.

For the rest, we continue to BULLIEVE in the industry and keep securing our customers every day.

The key takeaway

For tech sales: Cybersecurity funding for early stage companies has seen a significant jump compared to the bear market of 2H'22 and '23. The other side of the coin is that it's mostly been concentrated in several key opportunities which are already operating with large GTM teams or don't intend to expand aggressively in sales headcount. 2025 is shaping to be an interesting year and it will create a lot of opportunities for both short term and long term tech sales plays.

For investors: Cybersecurity remains a top 2 priority for IT investment across the majority of surveys with CIOs, COOs or CTOs. The challenge for investors is identifying the lucky ticket to bet on. This is not an industry where you can just spread your money across multiple sectors and pray that it pays off - there are very few winners and often they are not obvious. Unless you have deep technical understanding and insider knowledge into early stage companies, I would caution getting involved in.

2024 in cybersecurity money plays

2024 was definitely an UP year performance-wise. Up until December, cybersecurity startups raised $12.4B vs. $9.4B for the full 2023. M&A activity was also more positive, $52.1B vs. $48.5B.

One of the big shifts this year was the increase in "strategic" acquisitions, i.e., other software vendors expanding their portfolio/buying out competitors. Last year the split was closer to 50:50, but in 2024 there was a clear shift towards reduced PE activity. I consider this a positive development.

In general, deal flow was slow last year, excluding the Splunk acquisition by Cisco, but that also included their Observability business. In 2024, we saw a significant jump in deal valuation, with bigger acquisitions happening across the board in the first half.

The big question is how early 2025 will play out, particularly with the shift in administration in the US (the primary market for M&A activity). The Wiz acquisition, for example, is something that likely would have played out under a new administration (but is likely no longer on the table, as they recalibrated towards an IPO in '26).

On the funding side, we saw a similar uptick in total valuations, although still significantly behind the peak ZIRP market. The notable funding recipients this year were Wiz ($1B) and Cyera ($600M), which will predominantly invest these funds in their go-to-market motion.

2025 trends to pay attention to

Let’s address these in detail:

1. Leveraging AI to Optimize Security: AI-driven cybersecurity tools promise real-time threat detection, automated triage, and predictive insights. This trend is all about using machine learning and AI to enhance existing security areas—SOC (Security Operations Center) efficiency, identity and access management, penetration testing, threat intelligence, governance risk and compliance (GRC), and more.

Talking points from a tech sales perspective:

• Quantify the value: Show prospects how AI reduces time to detect and respond, lowers overhead (fewer alerts that need manual triage), and speeds up investigations.

• Highlight automation: Emphasize how AI can extend security teams rather than replace them—this goes a long way in addressing fears around job replacement.

• Demonstrate real-time ROI: Provide case studies or proofs of concept where customers have prevented breaches or significantly reduced incident-response timelines thanks to automated anomaly detection.

2. Security Operations (SecOps) Leads Industry Evolution: SecOps integrates cross-functional collaboration among security practitioners, DevOps, and IT operations teams—especially as new AI-driven solutions streamline detection and response. Efficiency and automation are becoming the hallmarks of next-gen SOCs.

Talking points from a tech sales perspective:

• Focus on integrations: Emphasize how your platform or service ties seamlessly into existing SIEM, SOAR, or DevOps tools (e.g., Splunk, Jira, ServiceNow).

• Enable central dashboards: Show how to unify alerts, logs, and telemetry for quicker triage. The easier you make it for a buyer’s team to “see everything,” the stronger your value prop.

• Stress the partnership: SOC managers are often overwhelmed. They look for trusted vendors that can deliver not just a tool, but also ongoing support and training to ensure successful adoption.

3. Non-Human Identity Security Becomes Critical: As automation, microservices, containers, and APIs proliferate, you end up with “machine identities” (service accounts, API keys, bots, IoT devices) that outnumber human users. Managing credentials, roles, and privileges for these non-human entities is becoming both a security blind spot and a major compliance challenge.

Talking points from a tech sales perspective:

• Lead with risk reduction: Demonstrate how securing machine identities prevents lateral movement and data exfiltration if a bot’s credentials are compromised.

• Map to regulations: Many compliance frameworks (e.g., PCI DSS, HIPAA) now mandate robust identity governance for all accounts—human or otherwise. Position your solution as a compliance enabler.

• Articulate lifecycle management: Buyers want end-to-end identity lifecycle management: provisioning, rotation, and revocation of non-human credentials.

4. The Cloud Security Evolution: As organizations adopt multi-cloud and hybrid environments, security grows more complex—opening up the market for solutions that unify visibility, compliance, posture management, workload protection, and incident response across AWS, Azure, Google Cloud, etc.

Talking points from a tech sales perspective:

• Unified multi-cloud narrative: Prospective buyers often struggle with a patchwork of tools for each cloud. Emphasize how a single pane of glass can reduce complexity and risk.

• Cloud-native approach: Demonstrate tight integration with microservices, containers, serverless, and zero-trust networking—this resonates with DevOps-driven organizations.

• Elevate posture management: Talk about how your solution not only detects misconfigurations but automatically remediates them at scale.

5. Modern Data Loss Prevention (DLP) Addresses Remote Work Challenges: Work-from-anywhere (remote, hybrid) demands advanced DLP controls that go beyond endpoint to also secure SaaS apps, collaboration tools, and cloud file systems. Companies need to ensure sensitive data doesn’t slip through modern collaboration channels.

Talking points from a tech sales perspective:

• Contextual demos: Show how your DLP solution integrates with Slack, Teams, email, and web traffic. This helps buyers see real-life use cases instantly.

• Emphasize zero-trust: Position advanced DLP as part of a zero-trust data protection strategy that enforces least-privilege access across remote and on-prem workloads.

• Highlight machine learning: Solutions that can understand context (e.g., the difference between sensitive PII data and harmless text) reduce false positives, which is crucial for user adoption.

The most obvious missing topic is supply chain security (i.e., AppSec), which has become an integral part of the DevSecOps stack. Modern software development increasingly relies on external components—open-source libraries, third-party APIs, container images, and more—creating a complex ecosystem (the "software supply chain"). Attackers now target these dependencies to insert malicious code, steal credentials, or compromise the delivery pipeline. Furthermore, as regulations tighten and stakeholder awareness grows, supply chain security is no longer optional.

In general, I would advise taking "new trends in cybersecurity" with a grain of salt from a technology sales perspective. While Wiz and Cyera both dominated headlines, the latter barely has 200 customers (although, to be fair, these are predominantly large enterprises that are a fit). If they over-hire, most representatives will have only theoretical chances of meeting their on-target earnings (Cyera has 25% attainment on RepVue, although that is based on only four ratings).

The GRC (Governance, Risk, and Compliance) angle here is an interesting one—essentially underscoring the idea that the products that will win the most deals will not only be technically sufficient but also have robust reporting tools and integrate well within a larger ecosystem. This means that simply being "best-in-class" is not enough; there are numerous other priorities to be met, which explains why platform-based solutions are becoming more effective.

Let us preface this with the obvious disclaimer: all of these are very high-risk organizations that should likely be features within a larger platform. Most likely, these companies are destined for either acquisition or closure due to lack of funding.

That being said, it is valuable to research how their innovations overlap with your area of expertise within cybersecurity and how they fit into the technology ecosystem your customers are utilizing. This analysis can reveal potential early-stage opportunities with 10x growth potential, worthy of high-conviction investment.

And indeed, 2025 should be focused on high-conviction bets with asymmetric payoffs.