David DeWalt Keynote Address at the 2018 Cyber Investing Summit

Good morning are you doing? Can we do the Southside beautiful day in New York? I think so awesome. Thank you for that wonderful introduction Scott preciate it and thanks for having me. What a wonderful opportunity to get a chance to talk to everybody about cyber investing. It's kind of little strange for me being a CEO for all these years and now I'm on the other side investing into cyber company. So I recognize a lot of people in the room. So true fun for me. I actually have my daughter here as

well. And she's up here in the back. If you want to know nervous, you know, you get to prison for a time but she's up there critiquing me from your homework assignment and all good. I spent 17 years 68 quarters being a CEO in high-tech on Highway 68 in the Austin high-tech world, you know, it's every quarter is like a year. It feels like I've been lucky. I've been really lucky. I had a front-row seat to the cyber security. Changes over the last 20 years and has been amazing. Just watching what's happened. And what's

been going on. I go all the way back to my days. I will see you right after I was CEO documented we acquired say so I got a lot of exposure to our essays business while I was at AMC and then became CEO McAfee and then sold at 2 until then I found these two hot companies one called Mandy on twinkle FireEye and ultimately became chairman of both those companies which I loved and I loved fire. I so much became CEO Isle of Man being so much. I bought it don't recommend a strategy all the time. But we had a chance to take the company public have a

wonderful IPO and ended up spending a 5 years in one day and now I'm in a good advisor be here with my slides and things as I try to do as much as I can to create visibility in cyberspace. The CEO you try to you know, do everything you can to kind of see the whole business. So when I tried to focus in on is just see the entire cybersecurity Market if I can and will see that I'm a part of you'll see that one of the big themes is visibility. So we're doing Investments some of the partners here from momentum cyber here as

well. We do investment and advisory services for companies m&a Services. I'm also with Optive so I get to see a lot of distribution and reselling in the industry, which is very helpful to see Trends my chair Safety and Security for Delta Airlines, which is a fortune 40 company big responsibility of a scar to from some breeches and things have been going on if you want to learn about that, but it's really, you know, see how products are used in how products are being sold. I also sit on N stack so I've been present Pointing out for 9 years and tssc I cleared so I do a lot of work with the

intelligence Community whatever I can do across the world to see what the trends are. That's what I try to focus on 517 different things on my part of which OCD is a CEO. I guess it applies in all parts of life. But what am I going to do for you today is just trying to show you what I see in a little bit of the trends a little bit of the threats a little bit of the themes and hopefully for you these seven major categories and on precise this at the end of show you the seven major categories that I think have the greatest opportunity for cybersecurity be surprised at all. Seven

of the categories. Most people are because these categories I believe her where the greatest offense is dislocated from the defense. So wherever you see offensive capability that has the biggest Gap to defense That's where the investment opportunity sets in my opinion and I have seven of them to show you that we walk through that take a big picture of you. If you've heard me speak before, you know, I've used this analogy for 15 years called The Perfect Storm the perfect cyberstorm and I'm going to show you six tenths as part of the cyberstorm these six tenants 15 years ago when I was

doing presentations for Mcafee and RSA are the exact same ones have anything I believe they've exponentially ground and I believe these 15 for the next 15 years. You'll see the exact same tennis driving cyber industry to Heights. We've never seen trillion dollars over the next five years, spending the real quick. What are they speed of innovation? Right? So if you take a picture of you what's the biggest challenge we have in cyber Innovations a lot faster than we can defend against and right now if you're running a large company and you're trying to defend against that you're

seeing over on Vulnerabilities a week come in from Benders some days and some weeks. It's even more than that. So what do you do with a hundred 7172 vulnerabilities that are coming in across your entire architecture mobile Cloud Network operational technology social environments. What's your attack surface and how to solve that? That's one of the biggest conundrums almost every species so has right now is how to prioritize the speed of innovation and then Patchett manager and defend against it and

constantly we have new types of Architecture is being deployed with never got around that and I'm going to show you some of these major new ones that are just absolutely hurting every company that's out there and pretty interesting. Of course all these vulnerabilities guess what's happened exponential growth in the number of attackers. So right now we see well over 800 unique groups. These are you know, Groups that can be anywhere from hacktivist to criminals to nation-states to just about any type of organized groups that's offensive and more than

80% of those groups have more funding than the largest single cyber security company in the world does for R&D. So just think about that for a minute. So the offense look how much money they get and look at the hottest most R&D Rich cyber security company and 80% have more funding and more resources than those companies do so. What do you think the advantages of this is a major problem now 29 countries in the world that have declared an offensive group basically have a real cyber offensive Warfare unit. We have 63 countries that have active defensive

groups in unit. Probably most of those also have offense just have him declared it and almost every country in the world has declared in a cybersecurity is a national security problem. So come a long way. Just watch The importance of this and what's been going on here in the world in the types of groups. We didn't used to work and worry about like nation-state attacks back in the in the first part of the century. Now, we do every day and many of them have collusion with criminal groups and you guys know this is a major issue having 800 offense the group's this well-funded. So what

are the levels of danger that we're all facing today? I'm trying not to be too. I'm going to phone out on a beautiful day here in New York, but you know if things keep you up at night when you're watching what the offense can do today, and I'll show you a couple things, but it's amazing to see what advantages we're now seeing offensive cyber hat but your girl in some of the Next Generation technology areas that are coming out. Of course, this one exacerbates that you can almost Market with a calendar the moment you see a geopolitical tension in the world. Guess what happens? Meet with

an attacker person. I mean you could plot of the next calendar we can put the calendar out for two years at every major political event in the world will be cyberattacks leading up to it and doing it and it's just part of the way the world works today every country trying to get in Vonage on another one of them were tensions the more attacks and of course combine that with lack of governments around this area because who's the offense the very government whose regulating you end up with this perfect storm of issues and then you throw on top of that very poor law enforcement models as a

result of that and you end up having an Elvis Perfect Storm and then I will send this thing called an annuity and we can't track attribution very well and you have like who did it kind of problem and who's involved and how do we catch him what we do? And I know I'm speaking to the choir but big picture 15 years ago is what we worried about 15 years later. This is what we're worried about 15 years from now same issue. My opinion this will not fault. We're nowhere near getting regulation, you know better cooperation and now better ways which we do with our neighbors on these issues and it

just looks like in a serious environment. Of course, the Legacy security providers to which I was one many many years have trouble keeping up and I'll talk to you a little bit about this when you were CEO of a major company, you have a hard time doing anything more than developing your current product. Let alone what's coming a year from now 3 years from now because of the pressure of earnings so ends up having to get this innovator's dilemma the Legacy products kind of Decay and ultimately that's why we see best-of-breed products come around all the time. And this is the way this

will ecosystem were so perfect storm. But absolutely the most unbelievable investment scenario I've ever seen so I don't know how many be sold this report. I would put out called the winter is coming like btig. Really good report. I completely disagree with it. So whatever for the record I do because I don't think there's Winter's coming because what I'm going to show you is the threats like was Drive spending Cycles spending cycle Drive investment cycle investment Cycles Drive major companies were going to

see for the first time in the next 5 years my opinion prediction the first cyber-security worth a hundred billion dollars. Think about that. Anybody know what the most valuable cyber security company is now roughly a market cap. 20 million roughly a hundred billion because of everything you see here. What are the dangers that we're having evolution of the threat to this for a long time obviously to go back to the 1990s, you know early part of this Century. You know, what did you see quantity base Huayra right quantity base viruses. Let's see

if we can spread a virus around Trojans adware spyware many of you know, all these terms how fast can we multiply it out at McAfee when I was there every day. We write a purse 2002 signatures Blacklist whose signature is trying to keep up like a mouse on a wheel trying to keep up with every known signatures and every known virus. It was in the world when I left Mac if we weighed 68 million signatures everyday that we updated 68 million in 2011. So we tried to write in a generic signatures polymorphic signatures peracetic signatures to try to create

families of these things and still is 68 million of a virus is today is millions and millions of signature self. How do you keep up with that problem very difficult. And of course as we moved on every attack with Lourdes Leon it networks and if we started to watch what I called the Great China IP were many of you heard me speak at a front row seat to this 5571 known attacks by 22 Military Intelligence organization since that's what man did inquire I responded to or confirmed. Now, this is our confirmation, but we had

such good intelligence that we could track for the most part those Patxi's apt campaign Suite rack 5771 on American soil. Freemasons on a 5-year. So you want to talk about the Great Purge of intellectual property. This was the window that that occurred of course what happened during that? When do you know we saw a massive growth of cyber spending and response that occurred and of course if you fast forward a little bit as you move from crime to espionage during that window and then we get this great when I consider Russian information Warfare, which were remnants of now and

these two countries were very different away. Their Styles worked China was pretty noisy. At least the way we saw it. They often didn't care that they were caught they would write comments in their code around in all things that were obvious that they were written in Mandarin and it was them. In fact, they were famous because they were called the comment crew and we invited them on the front page of the Wall Street Journal do my time and many of the comments were like, fuck you America, right? It was not too hard to describe what they were doing and they would just attack our network still

as much as I could. Until we ended up with a peace treaty with China in 2015 summer which slowed it down a little bit but geopolitical tensions and this Administration has ramp that back up then we have a little bit of a cyber sandwich. We have turn on one side restaurant the other if you're America's View and of course America quite good at this game too, and we have probably the greatest superpower conflict in cyberspace we've ever had by far and so gloves are a little bit off and we're seeing just a lot of information Integrity issue intellectual property attacks and back and forth

to pretty interesting state of things. If you are in the world on government type of growth in a 15 year. So what happens if you take the threat landscape and kind of oil it down to quantity bass virus is all the way to Quality bass apts. What happened? What happened? Industry during that time when I ran McAfee not a very big Market 3 billion dollar market and a virus pretty good. We grew as you got into the next stage with firewalls and refresh is Network defense-in-depth occurred Market doubles more than doubles and of course threats started to drive this

18% years later 16 billion dollar market. I love putting virtual machines up there cuz that's why I write but we're give me lots of growth here and do salt apts merge with another major expansion doubling again. Now, look where the market is today, you could argue with software billion here and there but a 90 plus billion dollar customer spend Market probably exceeding a hundred billion in 2018, maybe more threats Drive customer spend clearly Association to it outside.

So we're going to see over 22 billion dollars of Finance activity here in the current state 16.5 billion. And when you going in the Cyber from a lot of different groups 95 billion over a couple year. In m&a and you can almost track threat cycle spin cycle Bender cycle solidation cycle and there goes my there's no way around that. That's why I'm so bullish on cybersecurity is because this threat in this domain is so unmanage from all the perfect storm reasons. I showed you do be vendors who can't

handle this transition from one threat landscape to another but no matter what the spending environment just as every country in the world arms themselves for this battle. Forest Park a little bit about kind of what this means That's a good sign with a fact just like one slide. Sorry about that. Let me just talk to you. I'll tell you a little bit about what I'm seeing here for a second just in terms of Trends. That's why has a little bit of Trends thing on it and I'll just I'll just go back to you later claimed more fun.

So what's happening Trend wise in Tulsa right now. We have almost 3,000 cyber security vendors out there in the world. We're seeing Costa 500 new cybersecurity companies born every year that number looks like a sin to have consistent. So pretty interesting to watch the number of endres grow. What we track is how many vendors do you think? We're going to get some sort of liquidity. What's the state is not 3000 so of the 3000 between MMA and IPO, we're going to see less than 1% Get some sort of liquidity scenario over the next 3 to 4 years. So what's going to separate

if you're an investor looking at cyber security companies and saying three thousand of them 1% get a real exit an m&a exit or some sort of IPL exit. How do you discern these companies from an investment point of view? That's not to say 2,900. Am I going to die? It's just to say 2,900 of them aren't going to see some major return probably on their on their breath because he build a gift from 0 to 10 million much easier to get from 10 to 100 Lane pretty hard to build to get from hundred to a billion really hard and sustain yourself a Bubba Billy. There's only a couple of

men the world. So, you know, how do you start to think about investing and part of what you'll see here? If you saw the slide was I always teach List of the CEOs know your window, what does that mean? No your window. If you don't understand what the threat landscape is how much time you have to execute that threat window and in that in a window Market opportunity you lips when I first joined FireEye. I knew my window wasn't that long? There's just no way around it apts were a really difficult issue to deal with wasn't like I could invent the sandbox and nobody else to do that.

So by the time I got public at 150 competitors and we grew the business from almost zero to a billion in sales a year in a 3/4. I knew my window. I knew I had to execute in that window because eventually I have all kinds of competition maybe the APC threat would disappear and you have to do it. So any company who you really look at understand how much time do they have how much competitive mode do they have in can the executor window? Can they raise the Capital management team? Executed go-to-market model and I would say this Axiom

for you. If you think about investing intellectual properties a game of inches go to market is a game of miles. So what else is companies in a sector it'll be 10:15 companies and the intellectual property difference is we came and tell the difference a little feature here a little feature there. Maybe it'll Tywin architecture difference or not game of inches their game. I can figure out how to sell distribute manage great prophet. Wow, what a difference management teams figuring that out is the 1% rule. That's what I look for. You can find 20 companies in

a sector you like which one has the eye of the tiger to win this game? And which one doesn't and it's amazing watch me how many fail to get over these homes because I just don't understand the window how to execute to go to market and want to go with you. So pretty fascinating problem that we're facing is a lot. Bonding companies in a category and only a few break out when I was at FireEye. We had computers like Impalas vanilla. What does Italy have Fidelis the Mala, you know last line all these companies all about the exact same as far as the difference with execution on the go to

market and eventually in a we were able to win and get enough market share to grow. So what a difference that makes as you think about it and I was so people. Yeah, good luck filing a patent. You do don't even bother finally attack doesn't even matter if it matters. But I mean by the time you get a patent your windows help. Even spending time and it's just a waste in my opinion to worry about that or even like checking into it one man. One man. You think about when I think about where new investment opportunities are in

cyber, here's how I think about it when you go back in time wherever the greatest dislocation Offense and defense was if you see here on this Myra my right inside your right hand side. You see the greatest opportunities for investment. So at times it was like, oh right these Computing devices like PCS were quite vulnerable Windows was doing everything that could Microsoft everything they could to patch it, but it was very vulnerable everybody. We watch Cloud come along public clouds come along industrial social satellite and I'll show

you these in a second but it's amazing that this location occurring in these latter for areas where you can hardly count the number of cybersecurity companies on one hand that are actually solving these problems how good the offense is in this area and whenever you see a big attack surface and low visibility to the problem, is there an investment opportunity and a risk and those two go hand-in-hand. Let me show you a couple of these that I really I think our big sorry these slides are a little a little lost soul. The right here for you. First one that I'm really big on right now. I

called drones and don'ts so what's drones and domes you heard this concept before so right. Now we're going to watch in the next three years most likely was called beehives beehives are these ground stations base stations that enable you to deliver goods via drones will be in every city in the world over time assume the FAA regulation for they'll come and the idea behind it. As you can deliver packages drones to whatever business called me last mile delivery Amazon Amazon Prime air which label on that they can launch 3000 drones / base station and they'll help

hundreds of Base stations around the world. That's just one vendor Amazon. I'm on the board at Delta Airlines were concerned same thing every time a plane takes off and lands. We fooled a belly full of cargo. What are we going to do have our drone Fleet right outside that deliver the goods to your or your bags to your house. We want to be able to What are these things in 60 minutes are left? If you could in order of prop eventually you're going to see massive numbers of drones flying in the sky, especially in unregulated countries first and eventually hear them coming no matter what happens.

What do we have to do to protect that we have to build Network defense on where are rooftops. So instead of doing Network deep packet inspection on your physical Network. You're going to do a light our sonar like model on your roof and you're going to be looking for communications coming into your Dome and the Cyber domes are going to sit over every facility in my opinion in the world military airports stadiums anywhere where there's a risk if I'm a bad guy and try to smuggle it into the stadium. I fly a drone in with 50 kilos of dynamite

and if it's not detected. Wow, what kind of damage could I do? So the ability to buy one for $500 at Fry's Electronics and flight a mile and a half in the sky at fifty kilometers per hour with 50 kilos of package is what we have today. So the question is what defense will we put in place to stop that from happening my opinion, you'll see a handful these companies there's about five or six really interesting technologies that put little mesh networks above your facility and constantly track it. They have the ability to EMP or DDOS a drone. It comes into your space and

eventually the building knocked a drone out of the sky with some sort of ddosing or electromagnetic pulsing or even Kevlar netting or some sort of mechanism to capture the Drone really important Next Generation problem. My pain is coming and I'll show you the corollary to in the second. Big areas in my opinion industrial probably my biggest fear is watching the industrial problem. Why is because the offense is really good and the defense is nascent from a part of one of them. I know Colinas hear some more clean of the founder of clarity develop ways to do deep packet inspection on

Industrial protocols. Anybody know what industrial Protocols are these aren't your standard TCP IP protocols? These are protocols that modbus the MP3 Rockwell has their protocol Siemens has there is Honeywell there Schneider. There are bus there and there's literally hundreds protocols that are essentially Caulking between skater devices and controllers and these protocols need to be monitored because if there's any disruption in that protocol, you could bring down critical infrastructure. So today there's only a handful of companies in a Bob's on Drago's Drago's as well. But

there's a couple of companies just starting out that are beginning to say. Wow. There's a problem in the industrial networks. We better fix it everybody here of Wanna Cry and pet you and not pet you one of the issues that happened with those ransomware virus releases was they crossed over from it networks 202 networks and when they crossed over it wiped out or halted our operational Tech in some big companies a few big ones an ounce of Federal Express Merck and others that have their major Manufacturing Systems brought down because I got the people started to realize

I better start to think about how to protect all the industrial networks in my opinion see a billion dollar type company. Out of that sector alone. Just trying to solve an industrial cyber platform in the in the world or the rest will get acquired something to happen. Somebody will Publix and we'll get a choir coyote Arium sure you all know when you think about what's happening in the iot space. I hope the company go public or forescout recently. What's the number one thing that company did visibility at the switch Layer of a network to see what devices on your network? Do mosquitoes

were surprised at how many devices were on their Network? They didn't know about or weren't managed typically three times more than they thought they had think about that three times more than I thought they had until these devices Were Somehow coming in either wired or Wireless near field or some communication mechanism connecting to their Network and most of those devices were quite vulnerable. So i o t management security around this a lot of good really interesting companies being formed in the space to solve iot security, especially as it thinks about how do we protect that

how do I authenticate that iot device? How do we create a identity controls encryption of a Communications and ultimately connecting it safely to a network or cloud or a satellite the water interesting vendors are involved with owning call Ford rock that has I am controls you can put in an iot device on an edge controller and manage iot securely to I think this is where the Market's moving. Going over to the third one social and satellite pretty pretty obvious issues here. You guys know how many companies do social network security today? my knowledge

to there's 500 network security companies over a hundred and twenty companies and there's two working on social network privacy and security, because social Safeguard zerofox these two companies very interesting. They created almost a SIM for social. What's a SIM for social they're actually looking at events and information flow coming out of the social networks and digital hubs trying to look for anomalous Behavior. So save the waltz only has a Twitter handle and a snap handle and a Facebook handle but my location and IP address are different that would look a little suspicious. This is what

the Russian campaigns were about. How do you get that? How do you watch for anomalies across that you guys know how many networks in the world right now have more than 100 million users on them. 83 83 hubs and networks and social at a more than 100 million users each 3.8 billion users online right now pretty amazing 83 of how are you monitoring your assets your employees don't take over issues false identity issues on these networks. They're all outside your own network. How do you manage him? My opinion will be a

billion dollar company coming out on social privacy security managing almost like you with hiccups plonker arcsight for your network. You're going to see the same thing set up for your social last couple 40 and I'm running out of time satellite my biggest fear in the world right now. Is this one bar none? Even after I said, the industrial thing satellite scares me, why is satellite scare me so much if you look at how much Innovation is occurring how many devices are connecting to satellites? It's daunting everything. I watch my car every aircraft we have all connecting up late now

and all completely reliant on satellite Communications how security thinks satellite Communications are Right. Now we have 1536 orbiting Leo and Geo satellites were launched a thousand more in the next 1 year. So what's the next Generation internet? Satellite mesh networks. Everything's going to connect going to be faster service be all the time connected fiberlink will be one platform for internet growth, but satellite will be another if you look at the consumerization of devices infrastructure iot

devices connecting Uplink is astonishing can anybody name a satellite security vendor? Is one mystery flavor defense Cat in the Hat. There's not many out there today that know how to monitor satellite Communications protecting authenticate those connection block an almost behavior on those connections. And if you ever heard of a cup of cold one where they're going to launch thousands of a little orbiting satellites companies, there's a whole bunch of agricultural companies energy companies. All launching satellites is unbelievable. Very interesting

space. I believe they'll be a billion dollar company coming out of that domain as well last two real quick Cloud this bunch of emerging companies lack of visibility here is crazy my quick Delta stories this we got briefed at Delta wall public here painful experience. If you ever gone through it on on the side of protecting, but we got three stew a third party vendor call 24/7 and the 24/7 was a live chat service talking to delta.com and we were on Able to see that 24/7 was breached and they were screen scraping and cross-site scripting from our sight to their

and they were screen scraping credentials 24/7 or visibility was delta.com. We monitored everything on the site everything on our network. But how do we protect against some indoor hanging off our Cloud off or never? Wasn't so easy it turn that we have 29 vendors hanging off for citing within know it. 29 little Revenue optimization clouds all helping us do a 20 billion dollar Commerce Business Online. What do we have to do now monitor those network connections, maybe even Monitor and do vulnerability scanning of their systems make sure their

contracts have it so we can scan them by Cloud isn't just your own infrastructure like Salesforce or other types of real infrastructure. It could be any type of cloud activity. You know, what the number you know the number of cloud applications. What is the average Enterprises? 928 Do you know how many the Cecil thinks her to poison your organization by the Sea so pull 42. Does anybody think there's a little dislocation between how many is deployed? And how many are actually running? How do we get our head around

that problem cybersecurity investing a mysterious really interesting companies in the Cloud area last one. I'll tell you about is crypto. Obviously, I think this is a major issue with blockchain and what we're seeing major projects are in crypto involved with a couple of incubators are really focused on this area. But over the next couple years our Reliance on cryptocurrencies is going to be unbelievable. Someone's going to emerge here as one of the major cyber security vendors helping to solve authenticate and basically manage crypto movements currencies felicitations all through block. So

interesting World War end. Atari out yet. I can talk for hours. I swear and I really excited about this. But thank you for having me really it's been a lot of fun. Hopefully you got something out of this and I'm a part of this little entity. I think I mentioned is called the back. Maybe it's there. Anyway, so Knight dragon has two companies in a momentum in alysia's and I'm trying to focus again. I'm just creating Max visibility Max investment opportunities use every angle like and what is the hottest domains and build them invest in them make them happen here some of the

companies that are in the kretzu for what I've been doing. So thank you for having me. Appreciate it.