Cyber60

CISO SURVEY

  • With
    WAKEFIELD
  • Top Priorities IN CYBERSECURITY
  • Eight Areas of Opportunity FOr CyberSecurity Builders
Presented by

2024-2025

WELCOME TO THE CYBER 60, SECOND EDITION

At Lightspeed, we’ve been investing in enterprise founders for over 25 years. Cybersecurity investing is one of the pillars of our global enterprise practice, and a focus area of deep immersion and commitment.

We’re also releasing our second annual CISO survey, conducted this year with the world’s leading industry research firm, Wakefield Research. Wakefield surveyed 200 CISOs at companies with $500 million or more in revenue on their top priorities in cybersecurity.

The results point to a resilient and growing demand for cybersecurity solutions: most CISOs are anticipating greater reliance on cyber vendors and contractors over the next 12 months. And a supermajority told us that AI will impact their decision making when choosing their next cybersecurity vendor.

Lightspeed is proud to build with several of the companies recognized in this report. We congratulate every company in the 2024-25 Cyber 60 for their contributions to safeguarding our world.

Introduction

The global cost of cybercrime, according to the data firm Statista, will reach $13.82 trillion by 2028 — roughly 10% of the predicted global GDP. The staggering costs tell us that as criminals deploy cutting edge technology in their attacks, enterprises must have a strategy of continuous upgrades, enhancements, and vigilance, if they hope to mitigate them.

That’s why Lightspeed remains bullish on cybersecurity. Gartner’s most recent sector outlook report calls for sector growth of 13.4% this year, as information security remains the top technology investment in its 2024 CIO and Technology Executive Survey.

Last year, we wrote that we remain in the early days of the fight to defend the global technology infrastructure from bad actors. This remains true, however we are seeing that the savviest, most hardened enterprises are more deeply integrating cybersecurity initiatives into their business practices. Startups that provide solutions that can respond to this “shift left” transformation today are the ones that stand the best chance of becoming the household names of the industry tomorrow.

WHERE GROWTH COMES FROM IN CYBER

Lightspeed’s three-pronged view of the industry’s growth vectors, derived from research, conversations with industry experts and the experiences of the Founders and companies that we are building with, remains intact:

  1. 1.

    SECURITY SPENDING IS OUTPACING OVERALL IT SPEND, AND ACCELERATING

    Gartner projects an 11.7% CAGR for Information Security investment between now and 2028, an increase from its previous estimates.

  2. 2.

    VENDOR CONSOLIDATION REMAINS A MARKET OPPORTUNITY

    Fifty percent of CISOs in our Wakefield Research survey say vendor consolidation is a top priority for the next year. Lightspeed believes that this represents a cyclical opportunity for nimble startups to show value, by filling in the gaps created by consolidation.

  3. 3.

    ATTACK COMPLEXITY CONTINUES TO INCREASE

    AI is a double-edged sword. AI-powered solutions have become a key part of every CISOs toolkit, but also represent new vectors of attack. There is also the emergent need of defending the enterprise’s AI initiatives, including prompt injection and other attempts to compromise or exploit the AI stack. In addition, projects like cloud transformation continue to increase attack surface area, while state-sponsored cyber attacks make headlines and cause chaos in critical infrastructure.

You can’t advance technology without advancing cybersecurity - cyber startups are critical in pushing the industry forward! Guru Chahal Lightspeed Partner. Enterprise.

IT’S CYBERSECURITY’S MOMENT

AI has captured the public’s imagination, but some of the most important technological developments have come in the cybersecurity sphere.

Crowdstrike’s July outage highlighted the need for cyber resilience strategies;
Germany’s government says

1 in 10
organizations in the country affected by the outage are changing vendors. Meanwhile, Cloud protection vendor Wiz declined to be acquired by Google, announcing it would remain on a path to the public markets. 
The very role of CISO is shifting, as security becomes an integral part of every major business decision rather than an after-the-fact box to check.
SOLUTIONS THAT ARE ENABLED TO BOTH PROTECT AI SYSTEMS AND DEFEND AGAINST AI ATTACKS ARE THE PLATFORMS OF THE FUTURE. Arif Janmohamed Lightspeed Partner. Enterprise.

CISO Survey: Top Priorities in Cybersecurity

Lightspeed commissioned industry leader Wakefield Research to survey 200 CISOs to understand trends in the market, areas of growth and opportunity, and the transformative impact of technologies like cloud and AI.

The results show that cybersecurity remains a haven for innovation, and that the generational opportunity to build enduring companies remains intact.

In our study with Wakefield Research:

CYBERSECURITY REMAINS THE TOP PRIORITY FOR ENTERPRISE TECH SPENDING 68%

of CISOs said their organizations were increasing cybersecurity budgets this year.

CONSOLIDATION USHERS IN A NEW WAVE OF INNOVATION 50%

of CISOs said vendor consolidation is a top priority for their organization over the next year.

VENDOR CONSOLIDATION CONTINUES 7

The average number of cybersecurity products or solutions CISOs in our study are currently employing.

AI HAS BECOME IMPERATIVE 87%

of CISOs say AI will have an impact on their vendor choices for cybersecurity over the next year.

Cyber threats have grown exponentially in both volume and sophistication over the past decade, and AI exacerbates that risk. Building new cyber startups to tackle the growing threat landscape has never been more important. Arsham Memerzadeh Lightspeed partner. Enterprise.

WHAT CISOs WANT

Based on data from the Wakefield Research study conducted for Lightspeed, these eight sub sectors of cybersecurity continue to hold promise for future growth and startup and investment activity. 

Each figure below indicates the percentage of CISOs who view spending on the area as important:

  • 1
    IDENTITY ACCESS
    MANAGEMENT
  • 2
    CLOUD
    INFRASTRUCTURE
  • 3
    APPLICATION
    SECURITY
  • 4
    DATA
    SECURITY
  • 5
    ZERO
    TRUST
  • 6
    INSURANCE/
    RESILIENCE
  • 7
    SECURING AI
    APPLICATIONS
  • 8
    SECURING AI
    INFRASTRUCTURE
Identity access
Management
95%

of CISOs in our survey said cloud infrastructure was very important among their spending priorities this year.

IAM is forecast at $16.6 billion in 2023, growing at 15.7% in 2023 and at a five-year CAGR of 11.6%.

 Gartner
cloud
Infrastructure
96%

of CISOs in our survey said cloud infrastructure was very important among their spending priorities this year.

Cloud security is forecast at $5.8 billion in 2023, growing at 24.9% in 2023 and at a five-year CAGR of 22.5%.

 Gartner
APPLICATION

SECURITY
97%

of CISOs in our survey indicated application security as a very important spending priority this year.

Application security is forecast at $5.9 billion in 2023, growing at 14.6% in 2023 and at a five-year CAGR of 13.6%.

 Gartner
Data
Security
95%

of CISOs in our survey said data security was a very important or important spending priority in their upcoming budget cycle.

Data privacy is forecast at $1.4 billion in 2023, growing at 17.7% in 2023 and at a five-year CAGR of 17.5%.

 Gartner
Zero
Trust
96%

of CISOs in our survey said Zero Trust was an important spending priority in their upcoming budget cycle.

ZTNA is forecast at $1.5 billion in 2023, growing at 50.0% in 2023 and at a five-year CAGR of 31.1%.

“ZTNA is growing rapidly, and our forecast was recently increased.”
 Gartner
Insurance/
Resilience
95%

of CISOs in our survey said insurance/resilience was an important spending priority in their upcoming budget cycle.

Cyber Insurance is projected to grow from $10.3 billion in 2023 to $17.6 billion by 2028, at a CAGR of 11.4%.

 MarketsandMarkets
SECURING AI
APPLICATIONS
97%

of CISOs in our survey said implementing AI tools was an important strategic priority over the next 1-2 years

The potential for founders to build AI-native SECURITY solutions is perhaps the single greatest cyber opportunity of this ERA.

 Guru Chahal Lightspeed partner. Enterprise.
SECURING AI
INFRASTRUCTURE
97%

of CISOs in our survey are concerned about AI/ML powered attacks

Only 34% of Organizations are already using or implementing AI Application Security Tools

 Gartner
CYBERSECURITY LEADERS MUST BE ABLE TO MEET THEIR CUSTOMERS WHEREVER THEIR ORGANIZATION IS MOST VULNERABLE. Anoushka Vaswani Lightspeed partner. Enterprise.

HOW BUILDERS CAN RESPOND

CISOs are responsible for securing three distinct areas of business operations and additionally responding to the Cambrian explosion of AI across the enterprise. Here then, are the four areas where startups can strategize an approach to win them as customers:

SECURE WHERE BUSINESS APPLICATIONS ARE RUN
  • The transition to cloud is an opportunity for innovation.
  • The need to secure legacy, on-prem systems will not disappear soon.
SECURE HOW APPLICATIONS ARE BUILT
  • Application and developer security are constantly evolving.
SECURE WHO IS
ALLOWED ACCESS
  • IAM is rapidly growing.
  • PAM is becoming required by cybersecurity insurers.
SECURE AI: THE NEW SHADOW IT
  • By 2027, 75% of employees will acquire, modify or create technology outside IT’s visibility — up from 41% in 2022, according to Gartner.

CISOs Say

Wakefield asked CISOs what kinds of new tools they were looking for in the marketplace. Here are some of their most compelling answers:

“AI-driven systems that can automatically isolate infected systems and prevent lateral movement.”

“Advanced capabilities for integrating and analyzing data from multiple sources and platforms.”

“Advanced AI-Powered Threat Detection: More sophisticated AI-driven solutions that can predict and identify zero-day threats and sophisticated attacks with greater accuracy.”

“Tools that integrate threat intelligence across all types of data sources and provide actionable insights in a more automated and streamlined way.”

“We need a unified security management tool for multi-cloud environments that works seamlessly across AWS, Azure, and Google Cloud, providing consistent security policies and monitoring.”

Founders seeking to compete with incumbents would be wise to take note as they build their companies and search for product-market fit.

THE AI IMPERATIVE

AI’s influence as a transformational technology is just beginning. Over time, AI will dominate cybersecurity as the fundamental technology to build with, securely manage, and, of course, defend against.

Are you a builder using AI? Email cyber60@lsvp.com to learn more about working with Lightspeed.

THE CYBER 60: THE TOP VENTURE-BACKED CYBERSECURITY STARTUPS

Lightspeed is proud to present the top 60 venture-backed cybersecurity companies in the market today with our partner, FORTUNE.

These companies are led by visionaries; some are founders on the third startup, and some are striking out on their own for the first time. Some companies are generating hundreds of millions of dollars in revenue and some are pioneering new solutions that will become the platforms and technology standards of tomorrow.

We’re proud to recognize the Cyber 60 winners for 2024.

When Lightspeed is an investor in a Cyber 60 company, it is noted with a Lightspeed lettermark. Companies recognized for the second year in a row have a 2x on their entry.

EARLY STAGE

  • CEO: Murali Basavaiah
    Andromeda is an AI-powered Identity Security Platform for human and non-human identities. It automates identity permissions and lifecycle using context, risk, and behavioral analysis and defends your business against identity breaches.
  • CEO: Gil Barak
    Blink Ops is a no-code/low-code cybersecurity automation platform designed to make building, collaborating, and scaling security workflows easy using natural language and generative AI.
  • CEO: Anderson Lunsford
    BreachRx brings order to the chaos of incident response. Its platform modernizes incident response by empowering businesses to respond in a highly coordinated, efficient, and compliant manner, replacing the current paradigm of disparate teams using manual, disjointed processes and tools.
  • CEO: Gadi Bashvitz
    Bright Security’s enterprise-grade, dev-centric DAST platform empowers organizations to identify & remediate vulnerabilities early & iteratively in the SDLC. Bright is the DAST of choice for WebApp, API, business logic, & LLM vulnerabilities for leading FSIs, accelerating resolution velocity 10X.
  • CEO: Donnchadh Casey
    Calypso's Security Platform allows enterprises to build and adopt GenAI applications safely by solving for pain points such as prompt injection attacks, jail break attempts, data & IP loss prevention, global regulation and compliance. By thinking of security from the get go, enterprises are able to see faster time to production and Return on Investment from their GenAI investments.
  • CEO: Ofir Har-Chen
    Clutch is the industry's first Universal Non-Human Identity Security Platform, built for the enterprise. It offers complete visibility, governance over lifecycle management, effective posture and risk management, real-time detection and response, and proactive Zero Trust protection for all NHIs across the entire enterprise landscape, including Cloud, SaaS, and On-Prem.
  • 2x
    CEO: Slavik Markovich
    Descope is a drag & drop customer identity and access management (CIAM) platform. Hundreds of organizations use Descope no / low code workflows to reduce user friction, prevent account takeover, and save engineering time spent on building and maintaining authentication.
  • 2x
    CEO: Varun Badhwar
    Endor Labs helps application security teams identify, prioritize, and remediate SDLC risks without slowing down developers. From open source software (OSS), to containers and LLMs, Endor Labs secures everything your code depends on.
  • CEO: Christopher Sestito
    HiddenLayer, a Gartner-recognized AI Application Security company, provides security solutions for artificial intelligence algorithms, models & the data that power them. With a first-of-its-kind, non-invasive software approach to observing & securing AI, HiddenLayer is helping to protect the world’s most valuable technologies.
    • jit.io
    • Founded 2021
    • $38,5M RAISED
    CEO: Shai Horovitz
    Jit's Open ASPM platform is built to unify application and cloud security scanning in one place and drive tangible business outcomes via Security Plans. By engaging with development teams directly within current workflows, and prioritizing the vulnerabilities that matter via our AI-powered Context Engine, Jit enables full security coverage without slowing down deployment.
  • CEO: Israel Duanis
    Linx is the modern Identity Security and Governance solution for modern enterprises
  • CEO: Alan Shreve
    ngrok is your app and API’s front door. ngrok provides a fast, secure and powerful API gateway, Kubernetes Ingress, DDoS protection, firewall, and global load balancing as a service.
  • CEO: Danny Brickman
    Oasis Security is the management and security solution for non-human identities (NHIs). It is the first solution purpose-built to address the unique challenges of visibility, security, and governance of NHIs across hybrid cloud environments. Oasis leverages advanced AI-based analytics to automatically discover NHIs, assess their risk, and identify their owners throughout the environment. With its integrated, policy-driven governance capabilities, Oasis orchestrates the entire lifecycle of NHIs, including remediation and compliance management, all within a single solution. Leading organizations across a wide range of industries use Oasis to foster innovation and collaboration among security, identity, and engineering teams, enabling secure digital transformation and cloud adoption.
  • CEO: Nadav Czerninski
    Oligo provides security teams with powerful capabilities to observe application components, detect intrusions, and mitigate threats, all while keeping developers focused on features—not fixes. Oligo’s unique technology determines exploitability and detects compromises instantly—even when attackers leverage unknown vulnerabilities.
  • CEO: Neatsun Ziv
    OX Security simplifies AppSec by consolidating redundant tools, providing accurate risk prioritization, and eliminating manual tasks. We make life easier for security and development teams, empowering businesses to innovate and move faster with confidence, while enabling scalable, secure development
  • 2x
    • P0.DEV
    • Founded 2022
    • $20M RAISED
    CEO: Shashwat Sehgal
    P0 helps customers secure access in their cloud, across all identities, human users as well as machines and NHIs, without affecting developer workflows.
  • 2x
    CEO: Shahar Ben-Hador
    Radiant Security is the maker of the industry’s first AI SOC Analyst, which uses gen AI to emulate the experience, processes, and decision-making of top-tier security analysts. With Radiant, SOC teams detect more attacks, respond more rapidly, and get more done.
  • CEO: Aayush Ghosh Choudhury
    Scrut liberates growing enterprises from the morass of compliance debt to proactively manage their strategic risk.
  • CEO: Ankur Shah
    Straiker is developing security for the AI era and has not yet publicly released its solution.
  • 2x
    CEO: Amiram Shachar
    Upwind is the next-generation cloud security platform that combines the power of cloud security posture with runtime context and real-time protection— helping security teams prioritize critical risks and respond to them faster.

Honorable Mention: Dropzone

EARLY GROWTH STAGE

  • CEO: Robert Johnston
    Adlumin is the leading security operations as a service platform built for the channel.
  • 2x
    CEO: Nikhil Gupta
    ArmorCode helps organizations shift from chasing vulnerabilities to reducing risk. The AI-powered ArmorCode ASPM Platform integrates with all your security tools to create a unified understanding of risk across your applications, infrastructure, containers, and clouds. The system leverages intelligent risk scoring to automatically prioritize your most critical risks, and orchestrates security workflows with developers to remediate issues efficiently and at enterprise scale.
  • 2x
    CEO: Howard Ting
    Cyberhaven is the AI-powered data security company revolutionizing how companies detect and stop the most critical insider threats to their most important data. Our AI technology analyzes billions of workflows to understand every piece of data within an organization, when it's at risk, and takes action to protect it.
    • dazz.io
    • Founded 2021
    • $110M RAISED
    CEO: Merav Bahat
    Dazz enables security and engineering teams to remediate risks and reduce exposure across code, clouds, applications, and infrastructure. The company's Unified Remediation Platform leverages AI to rapidly uncover blind spots, prioritize issues, and streamline fixes, so risk windows shrink from weeks to hours.
  • CEO: Eric Fourrier
    Gitguardian has become the leader in secrets security and is focused on providing a comprehensive platform for Non Human Identity security including not only secrets detection in the SDLC, Public GitHub and many developer tools but also providing strong remediation capacities, secrets lifecyle management and intrusion detection features.
  • 2x
    CEO: Lior Yaari
    Grip Security is the industry leader in SaaS identity risk management. By leveraging identity as the central control point, we provide a comprehensive approach to securing all SaaS applications—including shadow SaaS and shadow AI—empowering organizations to adopt SaaS confidently and securely.
  • 2x
    CEO: Jon Miller
    Halcyon protects businesses from ransomware attacks, data extortion, and operational downtime without the need to pay criminal organizations or restore systems from backups.
  • 2x
    CEO: Roni Fuchs
    Legit is a new way to manage your application security posture for security, product, and compliance teams. With Legit, enterprises get a cleaner, easier way to manage and scale application security and address risks from code to cloud.
  • CEO: Dr. Ali El Kaafarani
    PQShield is a post-quantum cryptography (PQC) company building the quantum-safe cryptography solutions that are modernizing the vital security systems and components of the global technology supply chain. It delivers real-world, high-quality secure implementations of PQC in hardware, software and the cloud, as well as being a leading contributor to post-quantum cryptography standardization projects around the world.
  • 2x
    CEO: Ian Swamson
    Protect AI provides the broadest and most comprehensive platform to secure AI/ML applications.
  • CEO: Benjamin Netter
    Riot prepares employees for cyberattacks by delivering bite-sized, personalized training to your workforce via Slack and Microsoft Teams.
  • CEO: Saket Modi
    Safe Security is the leader in AI-driven cyber risk quantification and management space, dedicated to empowering organizations to effectively manage cyber risk by providing real-time insights and actionable recommendations, enabling CISOs to make data-backed decisions. It takes into account both your own Enterprise (1st party) and Eco System (3rd Party) Cyber Risks.
  • 2x
    CEO: Al Yang
    SafeBase is a trust center platform for friction-free security reviews and uses A.I. to answer security questionnaires seamlessly
  • 2x
    CEO: Isaac Evans
    Semgrep’s mission is to profoundly improve software security and reliability. Semgrep OSS is an open-source static analysis tool designed for developers to perform fast and customizable code analyses across large codebases.
  • 2x
    CEO: Feross Aboukhadijeh
    Socket is a developer-first security platform that protects your critical apps from software supply chain attacks. Socket was built by prolific security experts whose open source software is installed over 1 billion times per month. Customers include top organizations in tech, media, manufacturing, and finance.
  • CEO: Devin Redmond
    Theta Lake's multi-award winning and patented Risk & Compliance Suite is used by customers in over seven countries across more than five industry verticals, including six of the top 10 North American Banks, to solve archiving, surveillance, insider risk, and data protection needs for modern Unified Communication & Collaboration (UCC) tools. In Gartner's Data Protection category, Theta Lake is the only vendor in the market with integration partnerships and direct investments from the leading UCC providers including Zoom, Salesforce, RingCentral, and Cisco.
    • torq.io
    • Founded 2020
    • $192M RAISED
    CEO: Ofer Smadari
    Torq is at the forefront of hyperautomation, transforming how businesses and IT processes are identified, evaluated, integrated, and automated with speed and efficiency. The company tackles a crucial gap in contemporary cybersecurity strategies. By liberating security teams from the cumbersome task of manually overseeing threat detection and remediation on a large scale, Torq ensures seamless communication and coordination across all systems, enhancing their collective functionality.
  • CEO: Mickey Boodaei
    Transmit Security is the only vendor that provides a fusion of fraud prevention, identity verification and  customer identity management, including market-leading orchestration, phishing-resistant authentication and API security. We enable our customers to prevent fraud and address user experience challenges while minimizing complexity and costs.
  • 2x
    CEO: Tarun Thakur
    Veza is the identity security company, helping organizations secure access across the enterprise. Veza’s Access Platform goes beyond identity governance and administration (IGA) tools to visualize, monitor, and control entitlements so that organizations can stay compliant, achieve least privilege, and de-risk the breach.

Honorable Mentions: Lumos, Sublime, Material Security

GROWTH STAGE

  • 2x
    CEO: Jeff Shiner
    Trusted by over 150,000 businesses and millions of consumers, 1Password offers identity security and access management solutions built for the way people work and live today. 1Password is on a mission to eliminate the conflict between security and productivity while securing every sign-in for every app on every device. As the provider of the most-used enterprise password manager, 1Password continues to innovate on its strong foundation to offer security solutions relied upon by companies of all sizes, including Associated Press, Canva, Salesforce, Under Armour, and Intercom.
  • 2x
    CEO: Evan Reiser
    Abnormal Security is the leading AI-native human behavior security platform, leveraging machine learning to stop sophisticated inbound attacks and detect compromised accounts across email and connected applications.
  • 2x
    CEO: Nick Schneider
    Arctic Wolf is a global leader in security operations, enabling customers to manage their cyber risk in the face of modern cyber-attacks via a premier cloud-native security operations platform.
  • CEO: Yevgeny Dibrov
    Armis, the asset intelligence cybersecurity company, sees, protects and manages all physical and virtual assets - from the ground to the cloud - ensuring the entire attack surface is both defended and managed in real time.
  • 2x
    CEO: Rotem Iram
    At-Bay is making small and mid-market businesses more secure by uniquely combining insurance and cybersecurity into a single risk solution with InsurSec. With close to 40,000 business customers in the US, At-Bay currently safeguards up to $800B in collective business revenue.
  • 2x
    CEO: Dean Sysman
    Axonius is a cybersecurity SaaS company that enables customers to gain a comprehensive understanding of all their digital assets. Our platform solves the age-old problem faced by organizations of all sizes - managing the expansive sprawl of devices, users, apps, and cloud infrastructure, and identifying and remediating the security gaps that exist amongst those assets.
  • 2x
    CEO: Shlomo Kramer
    Cato provides the world’s leading single-vendor SASE platform. Cato creates a seamless and elegant customer experience that effortlessly enables threat prevention, data protection, and timely incident detection and response.
  • 2x
    CEO: Dan Lorenc
    Chainguard is the secure foundation for building with open source software. The company's portfolio of secure, minimal container images helps organizations embrace a new culture of software development where starting left with security, not shifting left, is the reality. Its customers include Fortune 500 enterprises and leading technology and security companies, including Anduril, Canva, Domino Data Lab, Checkmarx, HPE, GitLab, Snowflake, and Wiz.
  • CEO: Brian Dye
    Corelight transforms network and cloud activity into evidence that security teams use to proactively hunt for threats, accelerate response to incidents, gain complete network visibility and create powerful analytics. Corelight’s global customers include Fortune 500 companies, major government agencies, and large universities. Based in San Francisco, Corelight is an open-core security company founded by the creators of Zeek®, the widely-used network security technology.
  • 2x
    CEO: Guy Moskowitz
    Coro, the leading cybersecurity platform for the SME market, revolutionized cybersecurity with the introduction of the world’s first modular cybersecurity platform in 2023. Coro’s platform empowers organizations to easily defend against malware, ransomware, phishing, data leakage, network threats, insider threats and email threats across devices, users, networks and cloud applications. Coro’s platform automatically detects and remediates the many security threats that today’s distributed businesses face, without IT teams having to worry, investigate, or fix issues themselves. Ranked on the 2023 Deloitte Technology Fast 500, Coro is one of the fastest growing cybersecurity companies in North America today.
  • 2x
    CEO: Clint Sharp
    Cribl, the Data Engine for IT and Security, empowers organizations to transform their data strategy. Customers use Cribl’s vendor-agnostic solutions to analyze, collect, process, and route all IT and security data from any source or to any destination, delivering the choice, control, and flexibility required to adapt to their ever-changing needs.
  • 2x
    CEO: Adam Markowitz
    Drata builds trust across the cloud by helping companies of all sizes modernize their governance, risk, and compliance (GRC) programs. The company’s automation-led approach and hundreds of integrations replaces manual processes and gives companies a full view of their security compliance posture.
  • 2x
    CEO: Snehal Antani
    Horizon3.ai’s NodeZero autonomous security platform, developed by military cyber operators, research experts, and offensive security specialists, conducts autonomous pentesting, integrates real-time threat detection, and provides GRC insights. Organizations of all sizes use NodeZero to continuously assess their cyber risk to identify vulnerabilities, reduce risk, and strengthen defenses against evolving threats.
  • 2x
    CEO: Kyle Hansloven
    Huntress is a leading cybersecurity company focused on protecting and empowering small businesses to mid-sized enterprises. Combining the power of the Huntress Managed Security Platform with a human-led 24/7 Security Operations Center (SOC), Huntress provides the top-rated technology, services, education, and expertise needed to help companies overcome cybersecurity challenges and protect critical business assets.
  • 2x
    CEO: Mike Fey
    Island is the Enterprise Browser company, reimagining how to manage work so everything the enterprise needs – advanced security, IT and network controls, data protections, application access, and advanced productivity features – is naturally embedded into the browsing experience users expect. Island is led by enterprise security and software technology veterans who are reimagining the future of work for the world’s largest, most dynamic enterprises.
  • 2x
    CEO: Sanjay Beri
    Netskope, a global SASE leader, helps organizations apply zero trust principles and AI/ML innovations to protect data and defend against cyber threats. Fast and easy to use, the Netskope One platform and its patented Zero Trust Engine provide optimized access and real-time security for people, devices, and data anywhere they go.
  • 2x
    CEO: Vishaal "V8" Hariprasad
    Resilience helps organizations become cyber resilient to material losses by staying ahead of bad actors. Resilience is the world’s first cyber risk company that offers risk quantification software, cybersecurity experts, and A+ insurance in integrated solutions purpose-built for large and middle-market organizations.
  • CEO: Suresh Vasudevan
    Sysdig secures cloud innovation with the power of runtime insights. From prevention to defense, Sysdig prioritizes the risks that matter most. Sysdig. Secure Every Second.
  • 2x
    CEO: Christina Cacioppo
    Vanta is the leading trust management platform that helps simplify and centralize security for organizations of all sizes. Over 8,000 companies including Atlassian, Omni Hotels, Quora, and ZoomInfo rely on Vanta to build, maintain and demonstrate their trust—all in a way that's real-time and transparent.
  • 2x
    • wiz.io
    • Founded 2020
    • $1.9B RAISED
    CEO: Assaf Rappaport
    Wiz helps secure everything you build and run in the cloud. Our platform, which is trusted by more than 40% of the Fortune 100, enables security, dev, and devops teams to work together at scale and at speed.
  • CEO: Benny Lakunishok
    Zero Networks provides Radically Simple Segmentation in a Click Stop lateral movement by restricting network access to essential assets only. The solution is automated, agentless, and MFA-powered.

Honorable Mentions: Claroty, Cyera, Illumio, Security Scorecard, Forward Networks

METHODOLOGY

The Lightspeed Survey was conducted by Wakefield Research among 200 US CISOs at companies with a minimum of $500M in annual revenue, between July 24th and August 1st, 2024, using an email invitation and an online survey.

Results of any sample are subject to sampling variation. The magnitude of the variation is measurable and is affected by the number of interviews and the level of the percentages expressing the results. For the interviews conducted in this particular study, the chances are 95 in 100 that a survey result does not vary, plus or minus, by more than 6.9 percentage points from the result that would be obtained if interviews had been conducted with all persons in the universe represented by the sample.

The FORTUNE Cyber 60 is a listing of the most important venture-backed startups that have not had an IPO, acquisition, or other significant exit event.

The list is alphabetized into groups of 20 by stage: early stage companies, early growth stage companies, and growth stage companies.

To construct the 2024-25 Cyber 60 list, Lightspeed requested data from over 500 cybersecurity startups and performed an initial sort by ARR and current and prior year growth rate.

Lightspeed then validated the accuracy of the self-reported data and reviewed the business operations of each company for inclusion. Lightspeed partners also nominated companies for consideration based on proprietary research including consultation with our CISO network, and analysis of the cybersecurity market landscape. No company was added or removed from the list for any reason except those listed above.

About Lightspeed

SERVING THE BOLD BUILDERS OF THE FUTURE.

For over twenty years Lightspeed has been the first investor and an early backer of some of the most innovative companies in the world, dedicated to serving bold Founders with big ideas.

We stand behind our Founders with high conviction, from Seed to Series F and beyond. We pursue opportunities based on their merits, regardless of where the Founder resides, because the future is global and so are we, with offices in 13 locations across 7 countries, comprising one Lightspeed community.

Visit us at LSVP.COM to learn more.

Fraction Fraction

Faction Ventures, LLC (“Faction”) and Lightspeed Management Company, L.L.C. (“Lightspeed”) are separate businesses that operate independently of each other. Faction is a registered investment adviser under the United States Investment Advisers Act of 1940, as amended. Faction advises its own fund(s) and does not advise any Lightspeed clients, and Lightspeed does not advise Faction or any of its clients. Lightspeed and Faction are parties to an agreement pursuant to which Lightspeed holds certain interests in Faction and the fund(s) Faction manages.

continue to the Faction Site