Along with cyber security itself, I’m always super interested in tracking the ecosystem of startups: how they shape the sector itself, the venture capitalist backing and the dynamics of exits, like acquisitions by established vendors or IPO.
The cyber industry is constantly changing and adding new sub-sectors, terms, acronyms, buzzwords and everything else - so I find it tricky sometimes to keep up with which new thing is the big thing. The same goes for identifying when something’s being over-hyped, or if it does indeed deserve the hype.
Naturally I’m a tech person, not a financials person, but in recent years I’ve become fascinated by this side of cyber. Understanding emerging domains helps me keep up as a cyber professional, but I also love tracking startups, understanding VC patterns and generally improving my understanding of financial analysis for major vendors.
To help me with this, I follow several industry analysts:
Francis Odum
CSPM, CIEM, NHI, CWPP, CDR, CNAPP, ASPM, DSPM, SSPM…and that’s just part of the cloud security umbrella. Cloud security is perhaps most representative of how complex and fast-moving the industry can be over a short time. We especially saw this with the meteoric rise of Wiz from inception in 2020 to acquisition for $32b in 2025 by Google.
Francis’ analysis reports help me get across broad sub-sectors like in the CNAPP report he co-authored with James Berthoty.
Another example is Francis’ report on the emergence of Security Data Pipeline Platforms (SDPP). This helps break down what the segment is, why it exists and how the market is expected to grow over the next few years.
I was also surprised to see Anomali listed, as I’d always known them primarily as a threat intelligence vendor. However as the report details, I hadn’t realised the extent of their pivot over recent years into a data and operations platform - earning them a place in this market too.
Francis also published “The Beginner’s Guide to Cybersecurity” which is a great starting point for those new to the industry or wanting to brush up on a high-level overview of the cyber industry.
Cole Grolmus
Cole runs “Strategy of Security”, which analyses the business and strategy aspects of cyber security. Cole’s analysis explores the practicality of and logic behind acquisitions, both completed ones and rumoured ones.
Mastercard’s acquisition of Recorded Future was an interesting one that surprised a lot of people in the industry, particularly in the threat intelligence market. A financial services company buying a cyber vendor? Yet, it wasn’t the first example of this by Mastercard, with a number of cyber acquisitions in the past few years, including RiskRecon in 2019.
As Cole goes on to explain, 95% of threat actor motives are financially motivated (as per Verizon’s DBIR). Digital transactions make up 30-40% of Mastercard’s total transaction volume.
If all the companies in the world were mapped to a dart board, Mastercard is at the center of the bullseye.
― Cole Grolmus, Strategy of Security
It’s with this central position in the middle of the payments ecosystem that it makes sense for Mastercard to protect against fraud, identity and risk elements. Cole’s blog talks about the additional avenues Mastercard can benefit from, beyond securing itself as a company and its customers: by selling its own sawdust and utilising the vast amount of transaction and fraud data it now has.
Cole also regularly posts his thoughts on potential acquisitions. He’s been kept very busy the past few weeks by Palo Alto - first with the rumoured Sentinel One acquisition, and then the real acquisition of CyberArk:
And about unicorn startups raising capital, analysing the reasons behind the recent rapid rise of Chainguard in the secure container market (i.e. removing a colossal pain point for developers at scale):
Richard Stiennon
Richard is dedicated to tracking and cataloguing every vendor in the entire cyber security industry. Currently, that equates to over 5,000 vendors and 10,000 products! Richard has an extremely diverse background in cyber, having formerly held positions including the VP Research at Gartner, the Chief Marketing Officer at Fortinet, and an advisor to many organisations. Interestingly for me on a personal level, he even lectured (online) at Charles Sturt University, an Australian university from my very own little home town of Albury!
Richard runs IT-Harvest, the industry analyst firm powering the attempt to document each cyber vendor, and includes a platform for customers to view this data. I haven’t personally used it due to the cost required to gain access, but that’s because it’s aimed at commercial customers.
IT-Harvest tracks various stats like the Cyber 150 (their view on the top 150 cyber companies that are interesting to track), the Fast 50 Under 50 (the 50 fastest growing vendors with 20-49 employees), and even the 307 cyber vendors exhibiting at Black Hat 2025:
Richard also publishes the “Security Yearbook”, summing up the entire cyber security vendor landscape and all of IT-Harvest’s research in a yearly volume:
In the book, you’ll find a comprehensive directory of cybersecurity vendors, updated for 2025, complete with headquarters location, category, sub-category, number of employees, and growth trends. The author has also included an insightful and concise history of important and relevant sub-sectors of the cybersecurity industry, including Distributed Denial-of-Service defense, network security, endpoint detection, identity and access management, data security, and governance risk compliance.
― Richard Stiennon, Security Yearbook 2025
This sort of stuff is definitely on the nerdier end of the spectrum (that’s why I’m talking about it!), but this data is incredibly valuable if you’re a prospective customer, or a venture capitalist looking to add something new to the portfolio.
Wrap-up
So there you go - that’s a snapshot of what I typically follow in the industry outside of technical cyber and threat intelligence news. Hopefully you find it helpful! As always, feel free to reach out and connect 👋