Modern information technology systems are constantly evolving, creating fertile ground for cyber-attackers. To avoid being easy targets, organizations increasingly need to rely on rapid innovation in cybersecurity technology to keep their information secure.

But the cybersecurity industry is competitive and fragmented, and bad actors are constantly adapting making it a challenge for security teams to stay ahead of trouble. That’s created a huge opportunity for startups looking to fill the void. We believe tomorrow’s cybersecurity market leaders—providing the strongest protection for their clients in a scalable way—will be the ones who can confront the following key forces.

Vulnerabilities are growing as the IT infrastructure evolves.

Where companies once operated from on-premises servers and networks guarded by firewalls, the shift to the cloud and mobile devices quickly melted away the perimeter, making firewalls less effective. Enterprises responded with zero-trust, the idea that security starts with verifying each user, instead of ending at the network’s border. But each new shift in IT infrastructure requires a greater complexity of tools to mitigate risk and defend against would-be attackers.

Today, some of the greatest risk lies in multi-and hybrid-cloud environments. Whether it’s through misconfigurations or compromised credentials, cloud breaches usually begin with attackers mistakenly being granted access to a cloud asset. To keep their clouds secure, organizations need tools that help security, IT, and developers work together to ensure workloads function properly while keeping permissions airtight.

Attack vectors and threats are becoming more sophisticated.

Adversaries are innovative and sophisticated, constantly inventing, evolving, and spreading new attack vectors. The SolarWinds attack—where hackers gained months of access to high-profile corporate and government clients without detection—highlighted how damaging a supply chain attack could be. Prominent ransomware attacks continue to leave individuals, businesses, even hospitals crippled. Email remains the primary attack vector, but collaboration tools and social media present additional vulnerabilities.

Successful startups in cybersecurity will help companies find unknown risks in their code, build multi-channel phishing protection, and create secure, durable backups to quickly restore an organization’s IT infrastructure after a catastrophic event. Cyber-attackers will continue to advance their techniques and capabilities, so it will be incumbent on security-focused founders to develop and continuously vet the new technologies necessary to stay secure.

Cybersecurity tools need to be automated and user-friendly.

The usability of a security tool is as important as the technology itself. Tools that fail to deliver actionable insight or aren’t user-friendly quickly become shelfware. With the proliferation of APIs, customers expect products to be open and extendable—easily integrating with the rest of the tech stack without compromising security.

With increasing demand for products that tackle security earlier in the continuous integration pipeline, a shortage of qualified cybersecurity professionals is forcing CISOs to seek greater automation in their in their security operations. Rather than seeking tools that offer new data sources, they are primarily looking for ways to help them triage and contextualize existing alerts, scaling the power of their current teams.

***

Understanding these forces is critical to envisioning the future of cybersecurity. We’re excited to work with founders building tools to address needs in these areas, and we continue to seek out new entrepreneurial teams and founders who are bringing that future to life.