I read this article about how Webroot hired a new CEO. Some of the blog speculation is that this new CEO hire is a tune-up to an upcoming IPO filing. One of the interesting things to consider is that information security was the “web 2.0” of 2003 — many companies got funded and there was the belief that there was a deep market of buyers for start-ups. Since then, a lot of things have changed. McAfee and Symantec have cooled off and are struggling a bit. Microsoft is poised to enter the market, which could have a profoundly negative impact on the ability for folks selling to consumers to eke out a profit.
What’s interesting, however, is that there are a lot of information security companies who have raised a fair amount of money and, as such, would most likely be looking to an IPO as a good way to return money back to their investors. With the IPO market for tech companies beginning to come back, there ought to be at least a few companies who have raised a decent amount of venture capital. I decided to take a crack at compiling a list of all of the information security companies I could find that had raised more than $30 million in venture financing in their lifetimes. Below is a list (and I am sure it’s incomplete) of companies who fit the bill:
The point of this brief post is that there are quite a few well-funded private information security companies who are probably coming up on interesting times. The market dynamics are changing (new entrants, less M&A, but a more accessible IPO market) and it will be interesting to see how these companies respond.
For what it’s worth, I think it will be tough for Webroot. I use Webroot’s product on one of my PCs and think it’s great. But I also think there are a lot of consumers out there who would take a free product from Microsoft (or a virtually free product bundled with an anti-virus or anti-spam product) over a separate offering. There are obviously customers who do care enough to buy a strong product like Webroot’s but I have some doubts about how deep that market is. The debate around Sourcefire and Fortinet will be much more interesting, I suspect.