Data: The World's Most Valuable Resource

The Cyber Explosion: Data in a New Era

The year 2020 was undeniably impactful. While remembered for the pandemic, social upheaval, and political unrest, it also marked a pivotal moment in cybersecurity history. The incident involving SolarWinds, a midsize company based in Austin, Texas, will be central to understanding this shift.

The SolarWinds Hack and its Implications

Malicious code embedded within a software update from a trusted provider served as a gateway, granting access to vast amounts of private data – petabytes, in fact – across 18,000 organizations. This included both Fortune 500 companies and government agencies.

The significance of the SolarWinds breach lies in its scale and the resulting financial losses. It underscores a critical point: cyber strategy is fundamentally company strategy. It’s no longer simply an audit item, but an integral component of C-suite planning, influencing everything from employee onboarding to daily coding practices.

A Surge in Cybersecurity Innovation

I anticipate a wave of innovative startups emerging from this cybersecurity reckoning, mirroring the growth seen after previous market disruptions. The next decade promises substantial growth within the cyber market.

Current forecasts predict $100 billion in new market value by 2025, bringing the total market size to approximately $280 billion. However, I believe this estimate may be conservative.

Data: The Fuel for Cyber Growth

A primary driver of this growth is the ever-increasing volume of data. Cyber security is often a secondary consideration, following priorities like development speed, IT asset management, or data handling. The notion of “data as the new oil,” coined by mathematician Clive Humby 15 years ago, has proven remarkably prescient.

Since that time, the total amount of data globally has expanded by a factor of 74. By 2025, IDC projects the data universe will reach 175 zettabytes. To put that into perspective, one zettabyte equals 1 trillion gigabytes. Downloading 175 zettabytes would take 1.8 billion years – a truly staggering figure!

This exponential growth continues unabated. Data is constantly generated from diverse sources, including social media interactions, website analytics, and IoT device monitoring. Numerous billion-dollar companies have been built on the ability to ingest and visualize this data.

The value of the next generation of API startups will be directly proportional to their capacity to share and ingest data, enabling seamless communication within the application ecosystem.

The Challenges of Data Management

Data empowers us with knowledge, but its proliferation also presents challenges. As Nick Halstead, founder of InfoSum, aptly observed, “data is sticky and gets all over the place.” While improper data storage isn’t new, the sheer volume of data and the multitude of storage locations significantly complicate security efforts.

The rise of remote work – with over 40% of the global workforce operating on insecure networks and personal devices – further exacerbates these challenges. Traditional perimeter security and database administrator roles are becoming increasingly inadequate in this multicloud environment.

Without a comprehensive understanding of your data – its location and nature – effective protection is impossible. Even with vulnerability alerts, their relevance is questionable if your tools lack a complete data landscape view.

Regulatory Responses and Compliance

Governments are responding with regulations like GDPR in Europe and CCPA in California, signaling a broader trend. These privacy acts aim to grant consumers greater control over their data and impose penalties on non-compliant organizations.

These developments compel organizations to address fundamental questions: Where is our data actually located? How do we ensure its security? How long should we retain it? Is all the data we collect truly necessary? When should we delete it?

Traditional tools offer periodic compliance and security assessments, akin to financial audits, but they are limited to known data locations and often struggle with unstructured data.

Industry feedback highlights the limitations of current data loss prevention (DLP) tools:

• “DLP is the biggest unsolved problem in security.”
• “Nothing out there does data system discovery.”
• “Data discovery … I get asked about it … there’s nothing.”

Emerging Solutions and Investment

The sheer volume of enterprise data demands a new approach. This is attracting significant attention from founders and investors. Companies like Wiz, which raised $100 million in Series A funding, provide visual representations of cloud deployments and risk-weighted vulnerability assessments.

Open Raven, an Upfront portfolio company, raised $15 million in Series A funding to build a data-wrangling solution. Their approach involves inventorying and classifying data to identify high-risk areas. They focus on providing scalable solutions for both structured and unstructured data across diverse cloud environments.

These companies represent different facets of the data visibility challenge, and further innovation is needed in this space.

A Defining Moment for Cybersecurity

I believe the SolarWinds breach marks a turning point in cybersecurity. It’s a field that increasingly intersects with and influences broader business strategy. Often hidden within device management or data companies, cybersecurity is now central to unlocking the potential of cloud migration.

I am confident that the period following SolarWinds will be the most innovative in the history of the cybersecurity market, and I am eager to contribute to this evolution.