Robert R. Ackerman, Jr.

Founder and Managing Director, Allegis Capital

Venture Capital and the Innovation Ecosystem

December 5, 2013—The CyberWire interviewed Bob Ackerman, Founder and Managing Director, Allegis Capital. Allegis, based in Palo Alto, California, USA, invests in early stage companies developing enabling technology and software to serve emerging markets. We caught Mr. Ackerman shortly before he went in to moderate his SINET Showcase panel on "Bringing Order out of Chaos."

The CyberWire: Let me start by asking about the venture capital community. How well do you think that community understands its own vulnerability to cyber threats?

Ackerman: [Laughs.] Well, the cobbler's children are always barefoot, aren't they? Seriously, our organizations tend to be very small and maintain minimal sensitive information. Much of what data we do keep are financial records of a reporting nature—not very interesting targets. We tend to rely on third-party banking institutions to manage our finances, and they, of course, are very much aware of the cyber threat and committed to effective defense. That said, we do use a number of tools internally- anti-virus and anti-spam – as well as appliances for local and cloud-based backup of our data and critical infrastructure. In the case of Allegis, most of the solutions we use are from our portfolio companies.

The CyberWire: What trends do you see in VC interest in cyber start-ups?

Ackerman: The trend lines are up and to the right. We've seen some high-profile IPOs over the last eighteen months—FireEye's being a good example. There's certainly a growing awareness of the increasing cyber threat, and a corresponding growth in investor interest in infrastructure protection solutions.

Historically, cyber has been a specialized area of interest that hasn't always gathered the same level of investor interest as other sectors, eg. Consumer Internet or Social Commerce. That is changing with the growing awareness of the scope and scale of cyber threats and the demonstrated returns from cyber IPOs and M & A transactions. The combination of demonstrated opportunity and investment returns have led to new investment interest on the part of venture capital funds, angel investors, and private equity firms. As a result, we are seeing valuations move up.

As those valuations rise new investors are attracted to the sector – moth to the flame phenomena. The challenge comes when investors without the required technical or domain knowledge try to make investments in cyber: we run the risk of investors overinvesting in companies that don't necessarily merit the valuations or capital that is being discussing. Cyber is certainly not a bubble, though—we're not seeing the kind of inflated valuations we're seeing in social media companies, for example. There's significant serious demand for cyber security solutions but these technologies tend to be rather complex and investors need some domain expertise to see through the froth.

The CyberWire: What challenges do cyber entrepreneurs and investors face as they seek funding?

Ackerman: While not all companies need venture funding, those that seek venture capital investment need to fit the proscribed parameters. They need to have a realistic prospect of scaling their business in a way that would generate an attractive return on investment for a venture investor. There's a lot of interesting work being done, but it's sometimes difficult for entrepreneurs to realize that only a small fraction of interesting work can scale the way venture investors require. It's not that the ideas aren't good and valuable; it's just that scale is essential to hitting the ROI benchmarks for venture investors.

Entrepreneurs, God bless them, often brand themselves as things investors are interested in investing in – they "go where the money is". "Big Data" and "Social Media" would be two recent examples. This tends to create a lot of noise through which investors need to sort in evaluating potential investments. Hence the importance of investors having the technical and domain knowledge to sort the wheat from the chaff.

Finally, for entrepreneurs, the right investors can improve their probability of success. The path from concept to product to market for a start-up is a minefield, and investors (and operating executives) with experience in traveling that path can materially improve a start-up's probability of getting to its destination intact.

The CyberWire: What role do you see for government in supporting start-ups?

Ackerman: There's a clear and compelling logic for government customers to engage with young cyber companies. Much of the cutting-edge innovation in cyber is being done by those start-ups. But how government should engage is a problem. The government can be an unattractive market: its procurement processes are alien, complex, and protracted.

There's a kind of impedance mismatch between the government and the innovative startup. Startups have a narrow window of time in which to demonstrate their viability, and they usually don't have the time or resources to devote to pursuing government work. The return on investment isn't always advantageous. So if the government customer wants to leverage the innovation of cyber start-ups, I think the government needs to reduce the cost of doing business for these young companies.

There are some good models out there. In-Q-Tel is one. Agencies like DARPA, HSARPA, IARPA, and ONR (for example) have proven they can be good partners with entrepreneurs. The SBIR program has been a good one. But I find that while these efforts tend to be well understood inside the Beltway, they remain unfamiliar to those outside it, even in Silicon Valley. So there's a communication challenge—the government needs to pierce a wall of ignorance.

The CyberWire: Any final thoughts for the cyber community?

Ackerman: I think I'd like to see three things:

First, I'd like to see the nation move forward on a legislative and regulatory framework that enables rather than restricts cooperation and collaboration in cyber security. A shared defense is the only way to we can collectively defend ourselves. Anything that fosters information sharing, for example, would be welcome.

Second, Fort Meade is the world's greatest cyber security post-graduate institution. With all due attention to the sensitivities, it would be highly advantageous to leverage some of its expertise out to industry. Defending the commercial world is after all part of the common defense. This is challenging, because of course security is vital, but it's a challenge worth taking up.

Finally, Maryland and Virginia have significant promise as centers of cyber innovation whose entrepreneurs don't always find it easy to connect with relevant capital. I'd like to see a mature investment ecosystem that enables innovative product companies to scale. A complete ecosystem is the key to growth and viability, which in turn support scalability and sustainability.

The CyberWire: Thank you, Mr. Ackerman.