Why Israel may become the winner in the global cybersecurity market, and what can make it fail
Looking at factors that played a critical role in turning Israel into one of the global leaders in cybersecurity, what the future looks like, what can make the country fail
Welcome to Venture in Security! Before we begin, do me a favor and make sure you hit the “Subscribe” button. Subscriptions let me know that you care and keep me motivated to write more. Thanks folks!
Join 10,000+ leaders shaping the future of the cybersecurity industry
Anyone who is at least a little familiar with the cybersecurity market knows that Israel is a critical player in the global tech ecosystem. First and foremost, Israel is where it all began: the Check Point IPO in June of 1996 on NASDAQ went down in history as one of the key events that kickstarted the global cybersecurity vendor market as we know it today. Since then, the country’s role in the security space has only solidified as one exit after another, one VC fund after another, Israeli entrepreneurs started to carve out more and more of the market.
Today, companies such as Palo Alto Networks, SentinelOne, Wiz, Orca Security, Torq, and many others have become household names. Yet, even those in the industry who see the ever-growing power of the Israeli cybersecurity mafia, do not fully realize the extent to which it is set to define the future of the field. In this piece, I am looking at several factors that played a critical role in getting us here, what the future looks like, and what can prevent Israeli cybersecurity companies from solidifying their global domination.
Why Israel may become the winner in the global cybersecurity market
Israeli entrepreneurs: hungry and business-focused
Hunger and desire to do what it takes to make big things happen
Israeli entrepreneurs are strongly driven to make big things happen; there is this insatiable hunger in their eyes, in their energy, in their strong bias for action. They work long hours doing what needs to be done and are not willing to take “no” for an answer. It’s quite rare to see this drive when talking to cybersecurity founders in the US: most have had rewarding and well-paying careers before starting their companies, and the level of hustle one needs to succeed in the US is often (although not always) lower compared to what’s required in Israel.
This bias for action, the determination to succeed, and what Israelis call chutzpah, which is best translated as fearlessness and audacity, are in my view the most critical ingredients driving the country’s success in the cybersecurity space. Although these qualities are by no means exclusive to entrepreneurs from Israel, and there are plenty of startup founders in nearly every country who are equally driven, I do believe that as a percentage of the total, Israelis are much more likely to live these values. For instance, the percentage of tech employees in Tel Aviv who are planning to start their own company is much higher than in any other part of the world (probably second only to San Francisco and the Bay Area). This shouldn't come as a surprise: Israel has the highest number of startups per capita in the world.
When looking at the way Israeli founders approach starting cybersecurity companies, it's hard not to notice their opportunity-focused mindset. Prospective founders in the US, for instance, typically have an idea they are very passionate about, and they start the company to make their vision a reality. Building the business is seen as a necessity to implement and scale the idea - a means to achieving what they set out to achieve.
A lot of the Israeli founders, on the other hand, think about the business side of their venture from day one. It’s common to see several co-founders come together and say “Now that we have the company, let’s decide what we’re going to build”. From that point onward, they look for ways to ensure their venture will be successful. Before they write a single line of code, they will go out to validate the idea with a wide variety of CISOs (the typical founders will meet 30-40 of them through their VC’s vast network), sign a few design partners, and even raise capital. All that enables them to de-risk the opportunity, and set out on the path of building a business.
Israeli VCs: leveraging the unparalleled advantages
Betting on and funding industry-defining innovation
Back in 2022, YL Ventures raised its Fund V, described in the firm’s press release as “the largest seed fund ever raised for cybersecurity”. It indeed is, and there was a lot to celebrate - a VC firm is getting more capital to support global cybersecurity innovation led by the Israeli founders. For those who understand the math of venture capital, it instantly became clear that YL is taking a unique path and making a very bold bet in the venture space.
The business of venture capital creates all the incentives for VCs to raise large funds and accumulate assets under management (AUM). However, when that happens, most funds are forced to either start focusing entirely on the later-stage companies or become stage agnostic. This is because one fund (pool of capital raised from VC’s own investors, limited partners, or LPs) typically invests in 15-25 companies (20 would be the average). About 50% of the capital would often be allocated for follow-ons (keeping their holdings or doubling down on successful bets).
Since YLV Fund V is a $400 million fund, it means that the VC is likely looking to allocate a large pool of money for follow-on investments. It will probably invest the first $120-170 million into 20 companies, and use the remaining capital to maintain or increase their stake in top winners by participating in subsequent rounds. Another math equation that matters here is the fact that after a funding round, VCs investing in the company will get roughly 20% of the equity ownership. And, most funds often want to partner with other “friendlies” and have them participate in smaller amounts (be “followers”). Let’s bring all this together in the hypothetical scenario:
A company is seeking seed funding - typically the first round that involves institutional investors. The purpose of the seed is to develop a working product, get it to the market, and fuel the initial operations of the new firm. At this point, most companies would have a working prototype and decent evidence that someone is willing to pay for the solution.
YL Ventures will invest $6-10 million and will likely get their partners to invest another $1-3 million into the company
Assuming a $7-10 million seed investment, this would mean that post-money, the company will be valued at $30-50 million.
This sample scenario shows one thing: YL Ventures is truly betting on industry-defining companies. If the startup is worth $50 million at the seed stage, it’s almost inevitable that there is an expectation it will become a “unicorn” (valued at over $1 billion) by series B. The VC is very transparent about its ambition, stating that “Today’s Israeli cybersecurity founders are looking to build massive companies with the possibility of taking them public.” Although the economical situation has changed, and we’re past the time when almost anyone coming out of the 8200 would raise $7-8 million based on a pitch-deck alone, the ambition and the drive of entrepreneurs hasn’t changed; what changed is the evidence VCs are looking for to develop their conviction.
One of the challenges of many startups is that their investors aren’t ready to continue supporting them and doubling down as the company grows. This happens for various reasons: a VC fund may only be investing at pre-seed or seed, the fund size may not be large enough, or the partners may have a different idea about follow-on funding. Israeli VCs solved the problem of needing to secure follow-on capital by raising large funds upfront. Some even started raising new funds dedicated for A+ rounds, like Glilot+ (led by Lior Litwak, who refers to it as an "Early Growth fund"). Founders who receive money from the top Israeli investors know that they will continue supporting them as long as the team can execute and push forward.
A superstar team and access to growth capital are the two key ingredients needed to build a market leader, and Israel has both.
Building support systems and resource hubs to help founders succeed
It is hard to find a VC firm these days that would not look for ways to communicate its value-add even if few can deliver on that promise. The top-tier Israeli investors are that rare exception - every step of the way, they look to support their entrepreneurs on their journey of starting and scaling a successful startup.
Getting a check from one of the top Israeli VCs, such as Cyberstarts, YL Ventures, Team8, Glilot Partners, and Jerusalem Venture Partners, to name a few, comes with a lot of practical help. YL Ventures, for example, clearly communicates the types of support it provides on its website. It includes:
Introductions to design partners and customers (they proudly state that in the first 2 years, over 40% of customers were secured via YLV)
Guidance and support on go-to-market strategies, POCs, sales strategy & motion
Marketing strategy and execution, collateral and content creation, media coverage and speaking engagements, market research and competitive analysis
Ideation support through dozens of customer and expert calls, continuous market validation from industry domain experts, market & competitive research, MVP support, and more
Follow-on funding, research and introductions to top-tier investors, building strategy and preparing collateral for follow-on rounds, and other funding support
HR, recruitment in the US and Israel, sourcing, interviewing, and assessing executives, and helping with opening international offices
Building and scaling operations departments, budgeting, partnerships, daily operations, logistical support, and the like
It’s clear that a check from YL, Cyberstarts, and other Israeli VCs comes with tremendous portfolio support and value add, not common in any other part of the world.
Team8's "foundry" offers prospective entrepreneurs a different model: their boosted ideation process takes 2-3 founders with no idea and provides them with a list of problems in the cyber domain. The Team8's CISO village, on the other hand, helps founders validate their hunches and potentially even find their first customers. As their website explains, “We are defined by our commitment to our Village — a formal community of decision-makers, business executives, technologists, industry leaders and academics. We put our problems and learnings on the table. Each person comes at it from a different perspective, with unique knowledge, insights and experience. The discussions foster progress, market validation, and often lead to end customers.”
Making introductions to security leaders
At an early stage, the most important resource startups are looking for is access to security leaders. First and foremost, having the ability to interview CISOs greatly simplifies the process of customer discovery: being able to ask 20-50 security leaders questions, understand their current state of affairs, what tools they are using and what their shortcomings are, as well as what CISOs are willing to spend money on in the next year or two, is invaluable. Second, early-stage startups need design partners - companies who are willing to take a chance on the new player and help it build a solid solution to a painful problem. Last but not least, entrepreneurs are looking for their initial set of reference customers, a critical step in the startup’s journey, especially in cybersecurity where so much of the purchasing process relies on trust.
Being able to list several Fortune 100, Fortune 500, and even Fortune 1000 companies as customers can truly be a life-changing event for any cybersecurity startup. Selling to CISOs is hard, and having a warm introduction from a VC can make a huge difference. The top-tier Israeli VCs built powerful networks of security leaders from the top US and global enterprises, which gives them the ability to act as a powerful resource hub for startup entrepreneurs, bridging those building the next wave of cybersecurity innovation with those who need it. In this arrangement, CISOs get to both support the innovation and benefit from its outcomes, while security entrepreneurs get a force amplifier in the form of executive leader support.
Israeli military: a bootcamp for entrepreneurs
It is not a secret that the Israeli Defense Forces (IDF) and its Unit 8200 are known for having developed incredible offensive and defensive capabilities. This wasn’t really by choice - since its inception, the country had to fight for survival and defend its way of living against adversaries from several directions. After decades of investments and hard work, the IDF became what it is known as today - one of the most advanced cybersecurity military forces.
The United States arguably possesses much more superior cyber warfare capabilities than Israel but that should not be a surprise: the US spends close to $2 trillion on the Department of Defense (DOD) alone, while Israel, being a much smaller economy, invests in its military about 7 times less. In both countries, the military offers an incredible ability for service members to build their character and develop technical proficiency in cybersecurity. No private sector company is ever going to tackle the technical challenges so advanced as the NSA in the US or Unit 8200 in Israel, and no service provider will give its employees as much freedom as these two agencies.
Unit 8200 isn’t just an elite military unit, it’s much more. In one of the conversations with a friend who is ex-8200, we concluded that the military is Israel's equivalent of the US college system. Both create strong bonds between people, help them learn, mature, and develop strong social bonds (although the military service doesn’t result in the student debt). Unit 8200 and other elite technological units are the Israel’s equivalents of Ivy League or the top American education institutions like Stanford and M.I.T. Both signal to prospective employers that the alumni are at the very top of their field, both enable people to meet, build close relationships, become a part of the tight-knit community, find co-founders, and start companies. Similar to how a Yale or Harvard alumni from Chicago would leverage their network in New York to start a business, an ex-8200 who's founding a startup would use their network to reach VP's in leading tech companies, and CISO's - for quick validation, design partnership or even adding them to the core team. In my view, Unit 8200 fosters a sense of comradery that is much deeper than any university. It even has its own alumni association (over 19,000 members), which runs annual networking events, international hubs, acceleration programs, and communities for first-timer founders such as the Founders Circle.
The focus on entrepreneurship and the idea that military service is something temporary are some of the core factors that distinguish the elite Unit 8200 from the elite US agencies such as the National Security Agency (NSA). The top US cybersecurity practitioners who join NSA tend to stay there for decades; if they leave, it is typically to retire into cybersecurity consulting, and sometimes - to become CISOs at large organizations. It is worth noting that this has started to change, to a large degree because of the work of DataTribe - a cyber-focused foundry that backs the top alumni of the US intelligence agencies and helps them to start companies; examples of successful DataTribe portfolio companies include Dragos and Enveil. The Unit 8200 alumni, unlike their US counterparts, usually leave in their late 20's to join their friends in a successful startup, or build a path-defining company on their own.
Israeli ecosystem: re-invest in your network
Another critical aspect that led to Israel’s dominance is the fact that cybersecurity entrepreneurs in this small country re-invest in their networks. I have previously discussed how Check Point gave rise to a large number of new startups; it is just a very tiny part of what being a part of the Israeli security market looks like.
Source: Venture in Security
Israeli entrepreneurs are tightly connected: those who exit their ventures, become angel investors in companies started by their friends, and limited or general partners in the country’s VC firms. Experienced founders are acting as advisors for their peers, and paying it forward by opening the doors to those in their network on the journey to building their business. A great example of people who have shaped the Israeli ecosystem is Shlomo Kramer, who co-founded Check Point, started Imperva and Cato Networks and made over 58 personal investments in startups.
Because of how small the local ecosystem is, the talent moves around, and people who have proven that they can execute, are in high demand. What is especially interesting is Israel’s culture of early adopters: companies are always helping one another by becoming early customers and design partners. Often, no money exchanges hands: one founder will say to another “I’ll be your design partner, so I’ll let you come in, see what we do, how we do it, and how your solution could fit in our environment”.
Israeli government: provide support and build bridges
The government has played a critical role in fostering the ecosystem in Israel and making it possible to build valuable international corporations. Back in the 1980s, the government realized that without access to capital, it won’t be able to create the conditions necessary for the business to thrive. In 1983, it launched a program called Yozma which matched any foreign VC investment in Israeli startups. If the company had a successful exit, the VC was asked to return the portion of the government investment, while leaving the excess returns to the investors. This combined with smart, strategic policies in other areas made it possible for Israel to draw 28 times more venture capital on the per capita basis than the United States less than forty years later.
The country went much further than incentivizing VCs to invest in Israeli companies. To stimulate growth, it created over 40 research and development (R&D) grants, some of which cover as much as 50 percent of approved R&D expenditures. These programs, combined with access to cutting-edge cybersecurity technologies and a strong talent pool, motivated a long list of prominent international corporations including Microsoft, Amazon, Intel, McAfee, City Bank, and IBM, to open their cyber-focused research and development centers in the country.
Other government incentives include tax reductions for companies creating or transferring their IP to Israel, as well as various tax deductions for angel investors who support the nation’s early-stage startups. The Israeli government has been continuously looking for ways to stimulate the growth of the tech ecosystem, and the programs it built to accomplish it turned out a great success. The way the country structures its support is to incentivize global ambition and good execution; unlike some other nations where similar programs ended up enabling local, inwardly looking ambitions, the Israeli startup ecosystem is almost entirely focused on the international markets.
Crossing the chasm for the Israeli cybersecurity startups
I strongly believe that Israel has great potential to become the winner in the global cybersecurity market. The country has figured out the formula for startup growth, which as I’ve discussed before, looks more or less like follows:
find a problem and validate that CISOs are willing to pay for solving it,
get a few local design partners,
raise pre-seed capital from Israeli angels,
build an MVP,
start selling to customers in the US,
raise seed from local VCs (ideally - YL or Cyberstarts),
build the product,
raise a big round of growth capital from US-based VCs,
come out of stealth, enter the American market as a powerful force, and start aggressively fighting for market share.
This playbook, supercharged by a pool of ambitious entrepreneurs, hands-on support from VCs, startup-friendly government regulations, and other factors discussed in this article, greatly increase the likelihood that the country’s presence in the cybersecurity market will continue to grow. There are, however, obstacles Israel will need to overcome for its hopes of market domination to materialize.
Israel has its version of the crossing the chasm problem: growing their cybersecurity companies into large multinational enterprises.
The ability of Israeli founders to rely on a closed and interconnected ecosystem of supporters is a big asset at the early stage, but as the company scales, it becomes a liability. For a new startup, having a way to get its first 10-20 customers is important for two reasons:
It signals to the market that the company is solving an important problem, and that other customers trust the startup with their security.
It allows the founding team to learn and build a repeatable sales motion.
When Israeli founders start companies, they get their first set of customers by selling to their friends and friends of friends, as well as fellow Israelis in other companies. Although this helps them to get the logos & customer testimonials, it doesn’t result in learnings about what it takes to successfully sell into an enterprise. Moreover, the CISO networks founders get introduced to by their investors tend to consist of like-minded security leaders, often from the tech-savvy, cloud-native early adopters. Since early adopters are a “loud minority” (they constitute a small percentage of the market but are very vocal about their needs), this segment isn’t representative of the security industry as a whole. As a consequence, founders end up designing a skewed offering: their product, go-to-market strategy, business model and even sales reps are all fed the feedback & ideas from this mature, homogenous, and interconnected crowd of friends and supporters. The company they build is likely to struggle to cross the chasm to the early & late majority (traditional corporates and conglomerates which either choose “best of suite” platforms, or turn to services).
When everyone comes from a similar background, talks to the same people, gets the same advice, and develops the same strategies, it naturally limits the imagination. Although being an alumni of elite military units such as 8200 and getting backed by top VCs such as Team8 can be a tremendous competitive advantage, it can also limit people’s ability to generate and pursue new ideas. SentinelOne founder Tomer Weingarten puts it best: “We can be completely outside of the box - and that's what makes us strong. We do not have the 8200’s frame of mind, we can think the way we want - and that's a tremendous strength that people do not fully understand.” Israel has been and continues to be one the world’s leaders when it comes to technological cybersecurity innovation; what it needs is the ability to innovate the business models, go-to-market strategies, and sales and marketing approaches. These new ideas are more likely to come from bringing together the perspectives of the leading Israeli entrepreneurs and combining them with those of the American, and global counterparts.
Another challenge Israeli founders run into has to do with their ability to scale. The determination of entrepreneurs and the abundance of resources and support systems make it doable to get to the US after raising a first round of growth capital. What gets much harder is establishing a solid footing and moving the head office to the US. At this point, there needs to be a lot of organizational planning, deep-level thinking, and strategy - something that cannot be achieved by moving fast and breaking things. This is the time when the hunger, and the opportunity-focused mindset, which enabled the company to grow thus far, no longer help it grow to the next level. New skills, experiences, and approaches are required - and while many leaders can keep up with the demands of the new role, naturally some cannot. Founders who reach their limits, and who are self-reflective enough to realize that, or those backed by great VCs, at some stage end up hiring a US-based executive team. Not everyone is happy about this turn of events, and many prefer to rather sell the company before the pressure to transform is high, which may or may not be the best decision.
One way or another, for Israel to win in the ever-more competitive global security market, it needs to think big and build sustainable security enterprises with the potential to IPO. Until that happens, I think we will continue to see the ever-growing number of early-stage startups being successfully acquired before series B, and the increasing number of serial founders and angel investors these exits create.
Israel has established itself as the world’s leader in the technology sector: it has the highest in the world number of startups per capita, the highest in the world percentage of engineers and scientists per capita, and ranked second in the world in R&D expenditure per capita. Cybersecurity is one of the most critical sectors for the country, and Israel has been enjoying great success in the field. Although there are some tough questions it needs to answer and hard problems to solve, the trajectory so far has been quite impressive.
Israeli entrepreneurs have figured out many ways to build and strengthen their competitive advantages: with the level of support early-stage startups get in the form of capital, CISO networks, distribution channels, industry partnerships, and the like, it is often both hard and not exactly smart for the US-based companies to go head to head against their well-funded competitors.
There are many parts of Israeli success in cybersecurity that are hard or outright impossible to replicate: the role of the military service, the entrepreneurial spirit, and the community-focused, “let’s all succeed together” mindset. There are also others which, I think, more countries should be looking to learn from, for instance, the role of the VC ecosystem that goes well beyond providing capital, the case study of how to attract foreign capital, and the formula of how to build a culture of design partnerships.
The world of technology is rapidly evolving, and so does the cybersecurity ecosystem. Entrepreneurs building the next generation of security innovation, must remain agile, move fast, and iterate often. As Charles Darwin famously said, “It is not the strongest of the species that survives, nor the most intelligent; it is the one most adaptable to change.”
Huge thanks to Dor Morgenstern, Senior Product Manager @Torq and Founder of the Founders Circle at 8200 Young Forum for his feedback and comments.