Banking Titan Baird Gives 9 Pointers for Cyber Investors

Investment bank Baird have made nine observations from RSA Conference that investors should consider when investing in today’s cyber market

Investment bank Baird have released nine observations that investors should consider when investing in today’s cybersecurity space following their team's attendance at the 2024 RSA Conference in San Francisco.

Ranging from ROI and The Rise of The “Platform Play”, to Shifting from “Threat” to “Risk”, and AI as an Enabler, Not a Business Model, the observations highlight the evolving landscape of cybersecurity and that investors need to consider the new directions that companies are likely to take in the near future.

About Baird

These comments come from Baird’s cyber security investment banking team, led by Simon Pearson and Sebastian Daumueller, after the group spent the week at and around RSA meeting with CEOs, investors and thought leaders in the cybersecurity ecosystem.

Simon Pearson (left) and Sebastian Daumueller (right)

Baird, one of the largest investment firms in the US, which manages and oversees over US$430bn in client assets, has a history of making accurate predictions and strategic moves. In 2021, the bank saw its net revenues climb nearly US$1.1 billion in, led by a 149% increase from its equity capital markets teams. 

Why the RSA

The RSA Conference, a global series of IT security conferences, sees approximately 45,000 people attend one of the exhibition each year. It is a pivotal event in the cybersecurity calendar, bringing together industry leaders, innovators, and practitioners to discuss the latest trends, technologies, and threats. 

Previous announcements at the conference - such as RSA 2010 where the Obama administration publicly revealed the Comprehensive National Cybersecurity Initiative, which was formerly kept a secret - prove the importance of the conference, and the information that can be obtained by attending first hand. 

This year’s event saw AT&T’s cybersecurity business has rebranded as LevelBlue, CrowdStrike unveil enhancements to its Falcon Cloud Security offering and an expanded Google Cloud partnership for incident response, and Inpher announced the general availability of SecurAI to protect privacy of large language model inputs like ChatGPT using NVIDIA's H100 GPUs. Announcements that emerge as themes for some of Baird’s observations. 

 Baird's takeaway

  1. Macro Tailwinds Remain Strong: The cybersecurity investment landscape remains attractive due to the increasing volume of cyberattacks and evolving threat landscape. External pressures such as regulations, insurance, and third-party risk management are driving further adoption of cybersecurity measures.
  2. Shifting from “Threat” to “Risk”: There is a growing emphasis on reframing cybersecurity from a threat-centric to a risk-centric approach. This involves integrating risk assessments with threat intelligence, detection, and response to provide outcome-based platforms and services. The extended perimeter, including supply chains and customers, is also a critical focus area.
  3. ROI and The Rise of The “Platform Play”: Reporting capabilities are becoming crucial for Chief Information Security Officers (CISOs) to justify cybersecurity spending. The trend towards consolidated cybersecurity platforms is accelerating, driven by the need for better visibility, improved efficiencies, and addressing customer pain points associated with fragmented tools.
  4. Weighing Tech Risk: Investors are cautious about technology risk in the fast-moving cybersecurity market. Sustainable technology leadership is challenging to forecast, making businesses that leverage best-in-class technology with their own intellectual property, processes, and service layers more attractive.
  5. Power of Channel Sales: Fast-growing vendors are effectively leveraging channel sales strategies, including Managed Service Providers (MSPs), Managed Security Service Providers (MSSPs), telcos, resellers, and marketplaces, to scale rapidly.
  6. Threat Intelligence Is Increasingly Important: Threat intelligence from public and private sources is vital for identifying the latest cyber threat tactics and trends. Operationalizing this intelligence for Security Operations Center (SOC) analysts is becoming a key focus.
  7. AI Is an Enabler, Not a Business Model: AI is integral to modern cybersecurity, aiding in data navigation and operational efficiency. However, it should not be the primary investment thesis. Incumbent market leaders with access to large data sets are best positioned to benefit from AI.
  8. To Be or Not to Be… Friends and Foes of Microsoft (and Other Giants): The influence of major players like Microsoft, Palo Alto Networks, and CrowdStrike is a significant consideration. Businesses that align with these giants' ecosystems are likely to benefit, while those that do not may face challenges.
  9. The Human TAM: The human element in cybersecurity is gaining importance. Investors are trying to quantify the Total Addressable Market (TAM) for human capital in cybersecurity, considering factors like in-sourced vs. outsourced support and cyber skills. The debate continues on whether cyber training should be an HR or IT responsibility.

Baird's insights from the conference highlight the dynamic nature of the sector and the strategic directions that companies are likely to pursue. As the threat landscape evolves, the importance of integrated platforms, risk-centric approaches, and leveraging AI and threat intelligence are shaping up to be paramount for the near future of cybersecurity.


Make sure you check out the latest edition of Cyber Magazine and also sign up to our global conference series - Tech & AI LIVE 2024


Cyber Magazine is a BizClik brand


Featured Articles

SolarWinds: IT Staff Dubious on Organisation's AI Readiness

A recent trends report by SolarWinds reveals that very few IT professionals are confident in their organisation's readiness to integrate AI

Is Stress a Driving Force Behind the Cyber Skills Shortage?

A SenseOn study has showed 95% of IT leaders in the UK and Ireland say stress impacts their ability to retain staff

Rapid7 AI Engine Update Sees Gen AI Supporting SOC With MDR

Rapid7's enhanced AI Engine will now use machine learning models and new Gen AI models to separate real attacks from false alarms

Google Securing WFH with Zscaler and Netskope Partnership

Network Security

Why Have Cybersecurity Budgets Soared for TMT Companies?

Operational Security

Mandiant's Analysis Unveils Cause of Snowflake Data Theft

Operational Security