Cybersecurity Thrives on Back of Artificial Intelligence

Defense Department boosts its artificial-intelligence programs

The Pentagon should know that opacity breeds criticism. Yet it has been largely mute on the artificial-intelligence initiative that it rolled out in mid-2018, hiding behind a “classified” veil. That changed last week when the Defense Department released a public version of its strategy. The 17-page document is short on detail; it should still cause a stir among technology insiders. In particular, protecting billions of dollars in artificial-intelligence capabilities is a steroid diet for US-based cybersecurity companies.

From Washington’s perspective, the news conference that broadcast the report underscored a sobering reality. There was a de facto admission that the United States may be trailing developments in China and Russia. In response, the decade ahead will likely see the Pentagon sponsor a stream of hefty, multi-million dollar projects in the artificial-intelligence sphere. There may be echoes of the 1960s space race between the United States and Soviet Union.

The report is a coming-out party for JAIC. The Joint Artificial Intelligence Center, likely to have three or four outposts nationwide, will coordinate expertise across military branches and vet individual projects valued at greater than $15 million. JAIC will also sponsor its own proprietary work.

One real-world example of where this artificial-intelligence focus may lead is Project Maven, launched in April 2017. The initiative is designed to help the Pentagon sort through video surveillance to support drone strikes. Key components were outsourced to Google; employees subsequently protested the weaponization of artificial intelligence. At a military level, though, early versions of Project Maven were so successful that the development budget was quickly expanded.

Large tech companies are not the only winners. We offer three practical recommendations for cybersecurity startups:

Build ecosystem ties. The Pentagon’s move will augment the already-robust startup ecosystem in Washington. At least metaphorically, cybersecurity firms should get better connected there by hiring an industry-specific public relations consultant or even opening a government relations office.

Get to know DARPA. The Defense Advanced Research Projects Agency is likely to play an important role in complementing the work spearheaded by JAIC. The longstanding Pentagon unit commonly awards prizes, rather than grants or contracts, that can spiral upwards into the millions of dollars.

Explore allied opportunities. In the vernacular, a Pentagon contract implies work on advanced military systems. The institution, however, has many facets, including healthcare and finance. The Defense Department’s move on artificial intelligence will transform these areas too.

One defining element of the Pentagon’s approach is to build out its artificial-intelligence capabilities on the back of infrastructure that has been put in place by big tech. There may be limits to that approach. Google, for instance, will no longer work on weapons-related programs, given the internal fiasco over Project Maven. But these large, cumbersome enterprises will be looking for bolt-on capabilities. Young firms in the cybersecurity trade could benefit from corporate venture capital, while more established firms could be fielding calls from a strategic acquirer or two.

The Defense Department’s attention is now centered on artificial intelligence, rather than cybersecurity, but the two are inescapably tied to each other. Cybersecurity is actually downplayed in the just-released strategy report. There is a passing reference which reads: ‘We will increase our focus on defensive cybersecurity of hardware and software platforms as a precondition for secure uses of AI.” As a call-to-action, the statement is subtle, but direct.

Our Vantage Point: Given the high stakes, the cybersecurity industry is set to benefit impressively from renewed emphasis by the Pentagon on artificial intelligence. Opportunities are not limited to headline military programs. They extend to defense administration.

Learn more at the US Department of Defense.

© 2019 Cranganore Inc. All rights reserved.
Unauthorized use and/or duplication of any material on this site without written permission is prohibited.

Image: In America, the Defense Department boosts its artificial-intelligence programs. Credit: Kentoh at Can Stock Photo Inc.

Romania Adopts Its First Unicorn

Artificial-intelligence trends inform the software-bot business

UiPath may not be a household name, but the company is on a torrid growth trajectory. Over the past four months, the firm claims that it has doubled its workforce to about 600 employees across 14 countries to support its software-bot business. With the additional $153 million it just raised from venture capitalists, UiPath can continue that expansion. The firm is now based in New York; it originally hailed from Bucharest.

UiPath is an important player in the robotic process automation business. The company designs software to help automate back-office operations, especially for legacy computer systems. UiPath is noteworthy because it maintains a diverse, enterprise-level client list, including BMW, Exxon, and Huawei.

The latest funding round propelled UiPath to a $1.1 billion valuation, providing entrée to the so-called unicorn club. The term “unicorn” is tech industry jargon for companies that have achieved a valuation level of at least $1 billion. That milestone is an important, albeit arbitrary, rite-of-passage for founders and early-stage investors.

Private-sector valuations are tough to pull apart. Detailed financial data is not readily available, while assumptions about commercial operations are rife. From our arms-length perspective, there are likely two pillars for the UiPath valuation:

Hypergrowth in Revenue. The firm claims that its revenue grew eight-fold last year, following a similarly robust rate in 2016. Our concern here is that growth companies have a peculiar habit of talking about revenue, as if it is the same as profit. In a turbulent venture-capital setting, investors may quickly shift their attention to net income.

UiPath may aspire to dominate the worldwide market for robotics process automation with its muscular footprint. Outside of Europe and the US, the firm has offices in Dubai, Singapore, and Tokyo, among other cities. Yet we wonder whether the software-bot industry will evolve into a business for local service providers? UiPath may be chasing enterprise clients that will ultimately abandon them in favor of boutique companies, if not in-house development teams.

Potential in Office Automation. The broad-based market for office-automation technology may reach as much as $50 billion over the next five years, according to Forrester, the market research company, but the software-bot component may be less than 10% of that figure. Investors appear to be buying into robotic process automation firms as an entry point for the bigger office-automation sector. Yet the overall industry may turn into a free-for-all among the biggest tech players.

The software-bot segment capitalizes on the lack of transparency among competitors. In the trenches, UiPath is going head-to-head with business-to-business brands like UK-headquartered Blue Prism and US-based Automation Anywhere. There are many other firms in an industry where, somewhat irreverently, the key barrier to entry may be the ability to hire top-notch coding talent.

Less than a year ago, UiPath was worth a modest $110 million, according to data from Pitchbook. The issue at play, in our view, is the ever-voracious appetite among investors for artificial intelligence. Gartner, the tech-oriented advisory firm, maps artificial intelligence into the initial, innovation-trigger stage of its Hype Cycle for Emerging Technologies.

UiPath is worth singling out because it is more than just another story of a potentially-distorted valuation. We are enamored by the fact that firm traces its foundation to Bucharest. Romania is not widely recognized for its startup ecosystem. In our experience, venture capitalists tend to ignore small markets because of concern over scalability in limited-size hinterlands. Some businesses—like UiPath—easily transcend those borders. Off-the-grid opportunities may deserve closer scrutiny.

Our Vantage Point: In Silicon Valley, a unicorn-level valuation is a metaphor for sustainability and permanence. In truth, the figure can be merely a snapshot of current investor fashion.

Learn more at the Financial Times.

© 2018 Cranganore Inc. All rights reserved.
Unauthorized use and/or duplication of any material on this site without written permission is prohibited.

Image: Robotic process automation helps to bring order to digital chaos. Credit: aLanaBlue at Can Stock Photo Inc.

Investors Mesmerized by Cybersecurity

Hackers are perceived as sinister

Headlines are one reason cybersecurity is trending among venture capitalists. The Equifax and Uber hacks, among others, are de facto marketing campaigns for the industry. Ransomware headaches like Bad Rabbit and WannaCry remain prominent. At the local level, hackers continue to be lured to school districts and hospitals.

In 2017, investors poured some $7.6 billion into cybersecurity startups, across 548 deals, according to data from CB Insights. That is a 100% increase in value over the previous year. While momentum may subside, investors will likely remain spellbound by the industry.

Cybersecurity firms are not household names. Prominent publicly-traded players can be found in the constituency lists of focused ETFs like HACK and CIBR. Over the past year, Pitchbook identified two privately-held firms with unusually large funding rounds: Rubrik at $180 million and Illumio at $125 million. Both of these California-based companies appear to be valued at more than $1 billion each.

What macro-trends will continue to propel the industry over the year ahead? Intensified activity by state-sponsored actors is a given, but more nuanced points include:

National Regulation. The European Community is leading the way with its Global Data Protection Regulation. The law will come in force in May, levying heavy fines on companies for inferior data management practices. GDPR may quickly become the gold standard among countries worldwide.

Public Relations. Companies will become more astute at managing hacks promptly with customers and constituents. Case experience, such as the fumbling at Yahoo, is guiding development of ready-to-go crisis management strategies by in-house teams and outside consultants.

System Maintenance. Patching and updating is an obvious, low-cost measure to prevent cyberattacks, but the practice remains weak among businesses, especially smaller ones. Executives who are hesitant to roll-out pricey defense programs may latch onto lower cost maintenance activity.

Our best guess on a red herring influencing the industry outlook is artificial intelligence and machine learning. Quickly isolating attacks with next-generation technology sounds like a sure win for investors. But black hats can use the same capabilities to infiltrate government and commercial systems. Pavlovian-like reliance on artificial intelligence and machine learning could mean that some breaches are missed altogether.

Our Vantage Point: Expect macro-trends to further amplify the cybersecurity business. Heightened national regulation and elevated system maintenance, in particular, are likely to sustain revenue potential for industry players.

Learn more at CSO.

© 2018 Cranganore Inc. All rights reserved.
Unauthorized use and/or duplication of any material on this site without written permission is prohibited.

Image: Hacking is an epidemic. Credit: BeeBright at Can Stock Photo Inc.