Dave DeWalt|
dave dewalt 1 (1)|NightDragon_GroupPhotos-54_Retouched

Dave DeWalt wants to build more cybersecurity unicorns

Former McAfee and FireEye chief executive Dave DeWalt is amassing one of the fastest-growing war chests for cybersecurity investments.

Last week, his firm NightDragon announced it had raised $750 million to “invest in and advise late-stage and growth companies in the cybersecurity, safety, security and privacy industry.” Earlier this year, DeWalt announced he was leading a more than $300 million cybersecurity-focused SPAC, or special purpose acquisition company, to seek out a merger, acquisition, or other business combination to effectively take that firm public.

DeWalt, who also serves as a board member and vice chairman of a wide variety of companies, including Cybereason, Team8 and Delta Air Lines, says his goal is to advise the next generation of cybersecurity firms, and create a few multibillion-dollar “unicorns” in the process.

“Taking on one company now seems small compared to what I'm doing now,” he said. DeWalt talked to The Record recently about the technologies and tools he’s particularly excited about, as well as why he’s no longer interested in being a cybersecurity CEO. The conversation below has been lightly edited for space and clarity.

The Record: What can you tell us about this new $750 million fund.

Dave DeWalt: The two minute version is that for 20 years I was the CEO of companies and I ended up founding this platform called NightDragon, which is named after one of the first Chinese cyber intrusions that we discovered back when I was CEO of McAfee. It was a seminal moment because we realized the Chinese military was in full force doing espionage campaigns on our high tech and oil and gas industries at the time. My vision was to build a platform that really is specialized in this market we call cyber safety, security, and privacy—we're focused on everything from traditional cyber markets to drones, satellites, robotics... We have three components to the platform, and the crown jewel is the growth fund we just announced. We were completing the financing during COVID, which was quite an interesting process, but we started out between $300 million and $400 million, then it went to $500 million, $600 million, $700 million...

We’re targeting companies that are in the $20 to $50 million in revenue phase that are solving a major risk in the market, and we will try to scale them into an IPO, help them get public and meet the demand.

We also launched this spring NightDragon Acquisition Corp., which is a $345 million SPAC that’s dedicated entirely to the cyber safety market. So in the last year we’ve raised over $1 billion and have the pieces in place to make investments and take companies public—you can almost think of it like an Andreesen Horowitz or Kleiner Perkins for cyber. The whole idea is that we create programs, partnerships, and playbooks to help companies scale faster. We give them capital, and our goal is to make unicorns out of these companies. 

TR: Where’s the money coming from?

DDW: We have two large banks that supported us. And then we have a lot of institutions in the funds— traditional endowments and other types of platforms that are able to put capital in place—and individuals too. The SPAC was primarily Wall Street institution money.

"You've got everybody with a new architecture—work from home, work from everywhere—and a ransomware cancer that’s upon us and you end up with a proverbial storm. It’s the highest single threat environment we've ever experienced by a large margin."

— Dave Dewalt

TR: SPACs have gotten a lot of attention lately, but it can be an esoteric subject. Will you be merging with a single firm?

DDW: It was significantly oversubscribed—in the billions. It was incredible. It showed the demand for this market segment. It is a single vehicle SPAC, not a multi-container SPAC, which means we will merge with one entity to take them public over time. We haven’t merged with any entity yet, but we’re in the middle of all that.

TR: Is there a time limit?

DDW: Twenty seven months from the issuance, so we’re in no particular hurry but we're working very steadily on all the components.

TR: You’ve talked a lot in the past about ‘super cycles.’ Can you explain that concept and describe where we are in the cycle right now?

DDW: Going back 20 years to when I really got active with this market, I've seen these threat cycles that seem to be driven by a geopolitical scenario that ultimately creates a significant amount of customer spend, which then drives a significant amount of investment spend. You could see it during the era of what I called quantity-based viruses—that led Symantec, McAfee, Trend Micro into the markets. And then you started to watch these quality-based threats where APTs come into play, and it drove a super cycle. Then we had information wars over the last four or five years with disinformation and manipulated information campaigns.

Now we’re entering into, again, a perfect storm, where the four or five crises we had over the last 18 months have really elevated the threat landscape. The pandemic, the climate crisis, the government crisis here, the cultural crisis, the economic crisis—you can’t put more crises into a pot and stir it. You've got everybody with a new architecture—work from home, work from everywhere—and a ransomware cancer that’s upon us and you end up with a proverbial storm. It’s the highest single threat environment we've ever experienced by a large margin.

So we're in a pretty interesting threat cycle, and as a result you can see as the economy comes back that there’s a security spending cycle, too. There's not a Fortune 500 company I’ve talked to—and I'm on some boards—that’s not increasing their cybersecurity spending substantially because of what’s happening. I think we're going to see a big boost in customer spend almost simultaneously—this was the first time I watched the threat cycle, the customer cycle, and the investment cycle almost happen simultaneously. It used to be a little bit of a lag, like, wow, there's a threat problem, we should catch up with investments. This is the biggest single year of investments we've ever seen in cyber by a wide margin, and it’s coming from such a variety of investment sources, too. Sovereign wealth, corporate balance sheets, private equity, growth equity, all kinds of venture worlds.

2021-08-NightDragon_GroupPhotos-54_Retouched-1024x683.jpg

IMAGE: NIGHTDRAGON

So you're at a peak here, but to me it’s like climbing Mount Everest—I feel like we're at base camp one. It looks like the peak, but there are four more base camps to go. Cyber is one of the biggest battlegrounds in the world and probably will be for a century.

I never thought I'd see a cybersecurity company cross the $50 billion market cap, and now we have CrowdStrike. Within two years, I think we'll see our first $100 billion cyber company.

TR: Do you think that first $100 billion company is going to be CrowdStrike, or a company that nobody knows about yet?

DDW: It takes a little inertia to get to $100 billion, clearly. But, you know, getting from zero to a billion in revenue now is shorter than it's ever been. I did it in three years at FireEye, and that was five years ago. CrowdStrike did it in a handful of years as well.

The markets are fast and it sure looks like one of the existing top five could get there—if you look at where Palo Alto, ZScaler, and Fortinet are at, they’re in the $20 billion to $40 billion and beyond range. The top five cyber companies are enormous, and that even discounts companies like Microsoft, Cisco, Amazon, and others, which have big cyber businesses.

TR: What do you think are some of the technologies and tools that will help protect against future attacks, whether it’s the next SolarWinds, Colonial Pipeline, or JBS?

DDW: This expanding attack surface is the most disturbing thing that we have, and it's also the greatest euphoria because capitalism and innovation are wonderful things. But there’s a gap right now that attackers are exploiting, and that's a story seen throughout the history of our cyber domain. 

"Cyber is one of the biggest battlegrounds in the world and probably will be for a century."

— DAVE DEWALT

It’s a huge gap, and you can see it. It doesn't even take much of an operation to bring down major infrastructure right now. You know this—some of the ransomware operators out there are not very sophisticated, but they have been able to inflict massive pain on our infrastructure and government, because we’re so vulnerable.

We live in such an asymmetric theater where the attackers have such an advantage over the defenders, and I don’t think that asymmetric theater has ever been wider. And if you look at things like the software and hardware supply chain, the gap is so substantial it just hurts my head. During the last two to three decades, we've been outsourcing our manufacturing, which creates vulnerabilities—we don’t have a single American 5G infrastructure provider, which led to Huawei and the visibility on vulnerabilities in that supply chain.

Where are our IoT devices made? What vulnerabilities do they have? The cloud has a lot of inertia right now as companies try to modernize their cloud projects, but we’re still trying to figure out how to do basic posture management on cloud infrastructure—we still can’t get past leaving an S3 bucket open, let alone behavioral analytics and real time detection and prevention of breaches and cloud containers and infrastructure across clouds… 

I believe one of the biggest companies that will emerge out of this will be a multi-cloud security suite. Someone’s going to come along in a way similar to what we did for the endpoint suite. If you look at McAfee or Symantec, we had a little antivirus, we had a little host intrusion, we had a little DLP on the host, a little encryption on the host. We had four, five, six, seven, eight, ten products that we would cross-sell on to the host. Then CrowdStrike did it better and put it into the cloud. But we haven’t seen a cloud security suite yet, and whoever wins with a multi-cloud version that cuts across everything is probably going to be your $100 billion-plus company, in my opinion. There are a lot of young contenders, and we’ll see who gets that.

TR: Just to shift the conversation in the last few minutes, I noticed you’re currently juggling more board, advisory, and executive positions than most people have in their whole career. How do you balance them all?

DDW: It’s the power of the team, which is a lesson you learn quickly as a CEO. You can't build a company by yourself and you can’t do as many things as I'm doing without an amazing team of people behind you, and we have some of the best there is. 

But yeah, I’m on 17 boards and the Guinness Book of World Records is 14. I’m joking, but hopefully you can tell that I love what I do. I have kids that are all grown, I’m fortunate in life, and I just love to work because I live to work and it’s fun.

TR: Do you have any desire to go back to being the CEO of a cyber company?

DDW: No, none. I found a way to multiply things where I can help 20, 30, 40 companies. Being the chairman or vice chairman, where I'm the mentor to a CEO and my team is helping me out… it scales. And so taking on one company seems small compared to what I'm doing now in the grand scheme of what my impact can be and what this company's impact can be.

Get more insights with the
Recorded Future
Intelligence Cloud.
Learn more.
No previous article
No new articles
Adam Janofsky

Adam Janofsky

is the founding editor-in-chief of The Record from Recorded Future News. He previously was the cybersecurity and privacy reporter for Protocol, and prior to that covered cybersecurity, AI, and other emerging technology for The Wall Street Journal.