Avatar

Building a company from the ground up is not for the faint of heart. I know, I’ve been there. As co-founder of Duo, the leading provider of Zero Trust access security, I know what it means to dedicate yourself fully to a vision, to your customers, and to your team. And I know how daunting it can be to find the right investors to join the team – people and organizations that truly understand, and believe in your vision.

Today, the Cisco Investments team released their 2021 CISO Survival Guide to Emerging Trends in the Startup Ecosystem. Written in partnership with three leading VCs, this report breaks down trends in four areas of the security startup arena: Secure Access Service Edge (SASE), DevSecOps, Privacy & Compliance, and Automation.

There is a wealth of insightful information for CISOs in this report. I’ve highlighted a few key takeaways below.

  • SASE is not an end-state target or product. Instead, it’s an implementation of security controls at a cloud edge. Because Zero Trust and XDR are integrated architectural outcomes, the majority of CISOs are anchoring their SASE strategies here.
  • Data access control is the #1 priority for CISOs in privacy and compliance. Today, we are seeing a new category of privacy engineering emerge in the security startup landscape to manage data access, authorization, and other technical controls “by design.” A great example of this is Securiti, who Cisco recently invested in back in April.
  • More and more, CISOs are looking at how to align security operationally through DevSecOps. In fact, 97% of CISOs plan to implement “Security Policy as Code.” This is an area of critical importance to Cisco, and recently we invested in Styra, focused on unifying policy management across technical environments.
  • CISOs have found automation has been most helpful in detecting phishing attacks and application vulnerabilities. Phishing is still the number one attack vector for organizations, leading nine out of 10 breaches. Automation has become enormously valuable in helping security practitioners address the increasing volume of attacks.

As the Chief Strategy Officer for Cisco Security, I work closely with the Cisco Investments and Corporate Development team to build theses around emerging tech trends, evaluate startups, and make decisions about where to invest, partner, and acquire.

As an advisor in the M&A process, there are things I look for in every company we meet with:

  • The right strategy: Does their vision align with our customers’ priorities, and operational realities? Are they putting customer needs at the center? Do they build trust with customers by being transparent, ethical, and reliable?
  • The right team: Are they building a culture that marries individual success to team success to customer success? Are they dedicated to an inclusive workplace that enables people to be their best?
  • The right execution: Are they focused on just being the smartest and best-resourced, or do they understand how to learn, adapt, and lead in these hyper-competitive markets?

Technology is fundamentally a people business, requiring the intersection of ideas, perspectives, and talent to drive progress. The same is true for the 2021 CISO Survival Guide. By bringing together some of the top cybersecurity-focused VC and customer voices, the guide offers a unique take on the security landscape, key trends, and transitions that all security professionals should keep an eye on.

Cisco is a company that has exceptional internal R&D, but we’re also a company that values, embraces, and enables innovation across the industry. If you’d like to view the full report or share with your colleagues, you can download it here.


We’d love to hear what you think. Ask a Question, Comment Below, and Stay Connected with Cisco Secure on social!

Cisco Secure Social Channels

Instagram
Facebook
Twitter
LinkedIn

 



Authors

Dug Song

Chief Strategy Officer

Cisco Secure