May 11, 2024 - Business

Thoma Bravo on why cybersecurity biz models are "broken"

Illustration of a cursor and a dollar bill.

Illustration: Shoshana Gordon/Axios

This week, Axios caught up with Thoma Bravo managing partner Seth Boro, to chat about the cybersecurity sector's opportunities and challenges.

The big picture: Like other areas of software, venture-backed cybersecurity startups that raised funding at inflated valuations during the pandemic are now great acquisition targets, says Boro, who helps run the firm's cybersecurity investment efforts.

  • "We're seeing a massive opportunity in those companies that are overvalued but have great tech," he explains. "It's just that there's broken business models."

Yes, but: The industry isn't consolidated the same way it once was.

  • You're not seeing big multiplatform companies emerging and growing through acquisitions, as Symantec and McAfee once did, says Boro. "Today it's more focused.… It's much more strategic and much more thoughtful. We're staying in our lanes."

Zoom in: It's become much harder for cybersecurity software vendors that aren't at the top of their category.

  • That's largely because the interest rate hikes that began two years ago elongated sales cycles from customers, which still persist today.
  • "It was much harder for people to forecast their spend. There were many more steps that got introduced into the process, and companies had to adapt to that," says Boro.

Meanwhile, the generative artificial intelligence factor has added a layer of complexity to existing problems. "Bad actors who are incredibly well funded now have a new tool to use," he adds.

  • Still, it's also a tool for cybersecurity companies, primarily in two ways, he says. It makes their software "more usable," helping summarize threats and making them more understandable.
  • It also helps companies and their customers detect cybersecurity threats more efficiently.
  • Of course, "everyone has a generative AI strategy today," he adds.
Go deeper