Meet Bob Ackerman, Managing Director of AllegisCyber Capital

Steven Loeb · September 6, 2019 · Short URL:

Ackerman is also the co-founder of cybersecurity investment foundry DataTribe

Venture capital used to be a cottage industry, with very few investing in tomorrow's products and services. Oh, how times have changed!

While there are more startups than ever, there's also more money chasing them. In this series, we look at the new (or relatively new) VCs in the early stages: seed and Series A.

But just who are these funds and venture capitalists that run them? What kinds of investments do they like making, and how do they see themselves in the VC landscape?

We're highlighting key members of the community to find out.

Bob Ackerman is Founder and Managing Director of AllegisCyber Capital.

In founding Allegis, Ackerman's mission was to build a seed and early-stage venture firm that would combine operational experience with an entrepreneurial spirit and a focus on forging true partnerships with portfolio companies to build successful and sustainable cybertechnology companies. Bob has been recognized as a Fortune 100 cybersecurity executive and also as one of “CyberSecurity’s Money Men”.

As an entrepreneur, he was the President and CEO of UniSoft Systems, a global leading UNIX Systems House and the Founder and Chairman of InfoGear Technology Corporation, a pioneer in the original integration of web and telephony technology and creator of the original iPhone.

Outside of Allegis, Ackerman teaches New Venture Finance in the MBA program at the University of California, co-manages his family’s small Napa Valley winery – Ackerman Family Vineyards, and enjoys fly fishing.

VatorNews: What is your investment philosophy or methodology?

Bob Ackerman: AllegisCyber Capital is 20 years old, but that's only if you measure it in terms of when we were formally organized; we’ve actually evolved quite a bit. I date our origins back four or five years ago, and that when we created our cyber innovations platform and we evolved to be the first venture firm actually focused exclusively on cybersecurity. We actually raised the first dedicated cybersecurity venture fund in the world. 

I’m the founder of the firm, and we can talk about how we got there, but what we noticed was that for 20 years we had been investing in cybersecurity and it continued to be a larger and larger percentage of our portfolio. It turned out, of all the things that we did, we were particularly good at cybersecurity, so about six years ago someone raised the question, "Have you ever thought about focusing just on cybersecurity?" We spent about a year thinking about that and what would it mean. At that point in time, quite frankly, the fact that we were doing cyber was viewed a little bit in the weeds. We came to understand that the market was not vertical, it was broadly horizontal, and with the digitization of the global economy, in fact, the integrity of that economy was going to come down to cybersecurity. So, six years ago we shifted the firm’s focus to cybersecurity, four years ago we raised the world’s first dedicated cybersecurity fund, and then May of this year we did the first close on our next cybersecurity fund.  

VN: What are the opportunities you see in the cybersecurity space? How do you see it evolving?

BA: If I go back to our original analysis, and I just touched on it briefly, you’ve got this massive digitization effort that is underway in basically in all aspects of our life: personal, commercial and governmental. That’s taking place on a global basis so anything that any of us do, globally, is moving us into the domain of cyberspace, and we’re doing that as rapidly as we can. Whether it’s social media, whether it’s e-commerce, or whether it’s government activity or trade or whatever you want to think about, it’s all moving into cyberspace. A good friend of mine, Mike Hayden, who’s run the NSA and the CIA, described cyberspace as, "The largest unregulated, uncontrolled domain in the history of mankind." So, it's the wild west, if you will. Basically all of our activity, on a global basis, is moving into this wild west environment where there are no rules, no one’s in charge and there’s an element of anarchy. The systems that are enabling that digitization were never designed with security as a design criteria. If you look at information technology today, basically we’re operating, in many cases, with an architecture that’s 50 years old, where the definition of security was, "Did you lock the computer center root door?" You didn’t have the level of connectivity you have today, you didn’t have the access to data that you have today, you didn’t the velocity of data that you have today.  

Fast forward 50 years, all the world’s information is available online, it moves at the speed of light, all of our activity is moving into the cyberspace domain, and security is an afterthought. So, our premise was that that’s going to be a problem which basically means that’s going to be an opportunity. It’s an opportunity and a problem set that’s not focused on information technology but it is focused on the full scope and scale of our activity, which happens to be enabled by information technology. That was the premise that got us to thinking about cybersecurity, not as an information technology problem but as a risk problem around a global digitized economy.

When we began to think of it from an investment perspective, one of the things we observed is that cyber is an area where it’s all about cutting-edge innovation; there are no ribbons, there’s no recognition for second best in cybersecurity. You have to be at the top of the game, because the adversary is just as smart as the good guys and sometimes they’re better motivated. So, there’s no award for second place. It’s a market that’s driven by innovation and virtually all of that true cutting-edge innovation is all taking place in private companies, not in public companies, which is good news for venture capitalists.  

Because of the size of this market, and the number of players that want to be involved, including big companies, there’s a very active M&A environment, as well as a path to IPO. CrowdStrike is a good example of an IPO, and Cylance is a good example of an M&A transaction. So, there’s this almost gold rush mentality, driven by this large macro, that drives valuations for cybersecurity companies up and drives exits across the spectrum. When a cybersecurity company exits, whether it’s an IPO, which is really a recapitalization, or an M&A transaction, it tends to exit at a premium to enterprise software companies, and that’s a byproduct of this market dynamic that we’re talking about. And fueling all of this is this macro factor where the market is just exploding in terms of demand. Large corporations, for example, have come to understand that cybersecurity is not about information technology, it’s about enterprise risk. Basically, it is the existential risk to the enterprise and they’re stepping up their budgets, not because they want but because they feel like they have no choice. So, against the innovation side, you have this exploding market, which is totally uncorrelated. If you look at the Nasdaq, heaven forbid the Nasdaq’s off 50 percent tomorrow, I’ll tell you right now that cyber budgets are going to be up and to the right, they’re not going down. So, when you look at cybersecurity, because it is this existential risk, it’s not an area of discretionary investment; it’s an area where companies have absolutely no choice but to invest in technologies to defend and secure their business. So, you’ve got this area of innovation which is large, rapidly growing, all the innovation takes place on the private side of the equation, there’s a virtuous path to liquidity and the whole damn thing is totally uncorrelated with anything else in the marketplace. So, at a macro perspective, from an investor point of view, that’s about as good as it gets.

The challenge is cybersecurity is really hard and complex. This is not the sharing economy, taking nothing away from the sharing economy, but this the domain of deep computer science, deep math, deep physics. This stuff is very complex, it moves very quickly, it’s very fluid, and so if you’re going to be successful in this domain you really have to build domain expertise to be able to not only identify where the problems are but identify where the problems and opportunities are going to emerge, how to evaluate technical approaches and teams, at a level that’s, frankly, back to old school venture capital. In many ways I describe this as going back to the roots of semiconductors, this is complex hard to do stuff. That expertise originates from a couple of very specific places, in my opinion, and it makes it a very interesting market but also makes it a very different market than a lot of the other things that the venture community might look at.  

VN: What are some of the verticals you like to invest in?

BA: I’m not going to think of it in terms of verticals, I’m going to divide it into spheres of innovation. One sphere is where the industry spends the bulk of its time today, which is basically identifying and mitigating legacy vulnerabilities. Going back to my analogy of a 50 year old architecture, what we find today is there’s a whole bunch of gaps and holes and vulnerabilities that are in our existing infrastructure that are being targeted and exploited by our adversaries. So, the job number one is to stop the bleeding. If you can imagine a dyke with a thousand holes in it, that’s where we are today, and what we’re doing is we’re running around trying to plug up each of those holes to stop the water from coming through the dyke. That’s important, but it's reactive and not prescriptive. 

If I think about where innovation needs to go in cybersecurity, it’s back to, "How do we stop water from coming through the dyke? How do we get prescriptive? How do we get ahead of the problems and threats, as opposed to reacting to the problems and threats?" So, that next wave or phase of innovation is focused on a holistic approach to security; I describe it as "data-centric security," where we understand that adversaries are coming at us, we understand what their objective is. How do we make it difficult to impossible for them to compromise our systems and the data contained within those systems? One approach is remediation of history, the other is, "How do we become prescriptive about this future?"

VN: What is the size of your current fund and how many investments do you typically make in a year? 

BA: We haven't announced anything about the new fund, to tell you the truth; I guess the Wall Street Journal picked it up in a regulatory filing. We're actually still in the market, but the first close was $200 million, which is what they reported and I would imagine we will disclose additional investors, and we’ll probably reach our target capitalization at the end of the year.

In a fund we will typically made 20 to 22 investments, normally, and we’ll do on average probably six investments a year, but it could be eight, just depending on what we see. We most often get described as “old fashioned venture capital.” We are not about raising massive amounts of money and making as many investments as we can; we basically have a playbook in terms of what we’re looking for, where we think the challenges are going to arrive, what we think the approach is to those challenges is likely to be, and we target identifying teams that can respond to those challenges or starting companies. DataTribe is a good example of where we start things, tapping into DNA coming out U.S. National Labs, principally the NSA. We operate in a very large market that is very focused and so we tend to take a pretty deliberate approach to our investing.

I gotta tell you, when we did our first dedicated cyber fund four years ago, people thought it was too niche, too specialized, “You guys are a little geeky.” Nobody thinks that today, and what you’ve seen in the venture community is a massive rush into cybersecurity. That’s not so much about cybersecurity; it says more about the venture community. Wherever the venture community finds there’s momentum they tend to rush towards that opportunity. How many companies did you hear about that were the Uber of this, that or the other thing? The sharing economy metaphor. So, the venture community does this, and has always done this. For us, though, that just adds noise to the ecosystem, because there are 3,500 cybersecurity companies today. One of the questions I get asked a lot is, “Is cyber overcapitalized?” And the answer is, “Yes and no.” The “me too” stuff is overcapitalized, and the really cutting edge, differentiated stuff is undercapitalized. The question is, where do you want to operate? We tend to operate to operate on the cutting edge, which is why we do the things we do with DataTribe, it’s why Allegis actually starts companies as well, if we don’t find something in the marketplace. The key and the challenge in the market is understanding the difference between the two. Threat intelligence is a classic example; there’s in excess of 100 threat intelligence companies out there. How many do we need? I don’t know. Half a dozen? A dozen, maybe? We don't need 100 plus, but when you have that massive, herd effect running into the cyber industry from the venture community, if they don't know the difference, if they don’t fundamentally understand the marketplace, a lot of things get capitalized that perhaps should not be capitalized. That’s that area where you end up with a bubble and too much money chasing too few differentiated, quality opportunities. At the same time, if I jump over to some of the data science approaches to cybersecurity that we work on, we’re pretty much out there by ourselves most of the time.  

VN: What stage/series do you invest in and how much is that in dollar amount for you? 

BA: We are not point investors, we invest through the life cycle of a company. If you look at the new Allegis fund, Cyber Innovation Partners II, that is an early stage, focused platform.  DataTribe is where ideas are germinated, while Allegic focuses on Series A and Series B, and a little bit of Series C on a select basis, but the vast majority of what we do in terms of number of investments is Series A and B. 

We are usually a lead or co-lead investor, and the check size really depends on how much capital a company is raising. We made a Series A investment in May and that was a $7 million check, but we’ll write $3 or $4 million checks, and if we look at things that are Series B and later we’re writing $10 million initial checks. We reserve capital because we’re very long-term oriented, so when we go in and make an early stage investment we expect to roll up sleeves, we expect to be very active with a company; again, we are not a financier, we build companies, and once you take that attitude you’re in for the duration. We're not just placing bets and hoping it works out, we’re actually part of the team, we write the check but then we bring our operating network, our network of relationships, our customer access, we bring all of that to bear. When you make that kind of an investment in a company, you’re in for the long term, so we expect to participate in the all follow-on rounds of financing as our companies develop and continue to grow.

VN: What kind of traction does a startup need for you to invest? Do you have any specific numbers?

BA: No, we don’t have hard numbers. I think you know the relationship between Allegic and DataTribe: I’m the co-founder of DataTribe, so that’s there to scratch a particular itch that we have, because we have a lot of knowledge in terms of where we think companies should be built, and if we can’t find them in the marketplace then we’ll go start them. We have a company in our portfolio called CyberGRX, and it’s first round of financing was a Series A, and I’m the co-founder of the company. We had an idea, we had no revenue, so Jay Leek, who was then the Blackstone chief information security officer, now over at Clearsky, Jay and I identified an opportunity in the marketplace, we had a vision as to how that opportunity would be addressed, we looked at the marketplace and couldn’t find anybody that we could invest in that could build the vision that we had, so we said, “Look, we’ll just start the damn thing ourselves.” Then we brought Fred Kneip in as our CEO and co-founder. That’s one where we had a vision and that’s it and its first round was a Series A. That’s a little unusual today but what it all comes down to for us is the macro: what is the problem? How big is the problem? How does the approach against the problem fit into our worldview? And then it comes down to how differentiated a company can we build and the team, and the team ends up being priority number one, two and three, but not to the exclusion of the macro.  

We’ve got Series As that we’ve done that have got no revenue; more often than not what we will see is that there is some level of validation. There’s an initial product that has some demonstrated validation from the marketplace, with a team that we believe in, where we believe we can add value to getting the company from concept through successful execution. Revenue might be $1 million, it may be $2 million, if we’re talking about Series A; you talk about Series B then you’re looking at companies that are in the upper single digits of bookings or revenue traction, in terms of what you typically like to see at those companies. 

VN: What do you think about valuations these days? What's a typical Seed pre-money valuation and Series A?

BA: We tend to be valuation sensitive, which is a little unusual in today’s marketplace. There’s so much capital in circulation that some valuation discipline has broken down a little bit. When the market corrects, and the market always does correct, that will be wrung out of the system.

Our approach to being valuation sensitive is a little bit different in that we actually limit our partners to six board seats. I’ve got friends in the business that are on 12, 15 or more boards; we’re the antithesis of that. We limit our partners to six boards because we just don't think you can sit on more and add the level of value with a company that we expect from ourselves. What that means is that we have to own enough of a company to be able to generate a return on time invested. It’s a very different approach to thinking about the market. It’s not, “We’ve got a fund, how fast can we deploy it? Cover the space and let nature sort it out.” That’s not us. We are much more of a rifle shot approach within our domain, carefully selecting companies, making an investment where we’ve got good alignment with the founders, and then rolling up our sleeves and going to work. I think part of our reputation in the marketplace comes from our whole team being ex operating executives, so our natural inclination is to be player/coaches. 

VN: There are many venture funds out there today, how do you differentiate yourself to limited partners and to entrepreneurs?

BA: The first thing you have to get through is do people believe in cybersecurity or not? Like I said, four years ago it took a pretty thick rug, it wasn't obvious; today it’s much more obvious. The limited partner community still, in some cases, doesn’t fundamentally understand the nature of cybersecurity. When you talk about a focused fund they tend to think of it in terms of a vertical silo but cybersecurity is not vertical, there’s nothing vertical about it. It’s broadly horizontal. If there is a microprocessor and data involved, you have a cybersecurity risk and exposure. So, that’s the first thing you have to get through.

Once get through that, we really begin to talk about domain expertise and our track record. We’ve been at cyber for 20 years, there are not many people that can make that statement. Our track record in cyber is very good, but you don't stop there, you move on the other things that you do to differentiate. If you look at DataTribe, the reason I started them with my partner Mike Jenke was that we saw an opportunity, which Mike articulated to you, to tap into the deepest reservoir of cyber engineering research in the world, which is in Maryland, and to leverage that to build next generation, cutting edge cyber security companies. We saw that as an opportunity, but we also felt that it was absolutely essential to building the next generation of successful cyber companies, and, frankly, it also creates some proprietary deal flow for us. We talk about that, how we not looking at the same opportunities, not sitting on Sandhill Road looking at the same string of startups coming through the office, as everybody else. That is not our approach. Our approach is to develop very deep, very precise insights and to target where we want to build companies. If we can find them in the marketplace, great, if we can’t then we will go start them. Very unusual for a venture firm. 

Beyond that, its the operating network we’ve built around the investment platform. When you look at cyber companies, by and large what you’re dealing with are very technical founders that may have little, if any, commercial experience. So, a venture firm that’s operating in those areas, particularly in the early stages, really needs to bring very strong operating chops and the patience to develop those capabilities within those young companies, and then, basically, a network of relationships. What we do at DataTribe applies to the rest of the platform, and what we’ve done on the Allegis side: you look at a team of investment partners that all have operating background; the most recent addition to our team is Dave DeWalt who I describe as the “apex predator in cybersecurity” from an operating perspective. Dave was the CEO of FireEye and took them public, was the CEO of McAfee and the CEO of Documentum. So, Dave has been a top industry executive for 15 plus years, and with that comes a phenomenal Rolodex and access to basically every customer in the world. So, between Dave and myself we probably know every major customer in the world and we understand all of the distribution channels on a global basis; Dave sits on the board of Optive, which is a $2.5 billion cybersecurity distributor for the North American marketplace. So, what we’ve built around the investment platform is a set of operational capabilities that are designed to accelerate the access to the market that our portfolio companies have and to smooth that transition.

The beauty of being focused is you can develop an ecosystem around that focus, and that’s what we’ve done with cybersecurity. If you follow cybersecurity, the voice of the industry is Cyberwire; they’re the ones that do daily podcasts that people in 175 countries listen to and Cyberwire is a DataTribe company. That’s not accidental. So, around the investment platform we built an operational go-to-market capability that understands, past the technology, the challenges that our companies will confront and the access to the resources they’ll need to be successful. That's a very different approach to the marketplace. If you look at the investment platform, you’ll see Allegis at the early stage venture piece, you see DataTribe as our startup foundry, and later this year we’ll announce another element of our strategy which will incorporate growth. If you look at us a year from now, you’ll probably see about $1 billion being managed by operating executives out of the cyber domain who are stage agnostic. We’re taking a fundamentally different approach to the marketplace.  

VN: What are some of the investments you’ve made that you're super excited about? Why did you want to invest in those companies?

BA: Let me give you a philosophical answer, then I’ll connect some dots.

One of the risks in our Silicon Valley-centric culture is we find a great idea, or a market that’s got a lot of opportunity, and the herd crowds in, whether that’s entrepreneurs or venture capitalists. Everybody’s chasing the golden unicorn and that’s what drives Silicon Valley and it has for years. Silicon Valley’s reputation doesn't need me to defend it. Cybersecurity is a little bit different in that it requires very deep technical expertise; this is not something you can pick up along the way. So, part of our criteria when we look at teams we’re going to partner with is domain expertise. If this is your first cybersecurity company then we’re the wrong investor to talk to. We look for people that have spent their entire career in cybersecurity. That usually comes from one of two places: either you’ve been at a place like Symantec, one of the early cybersecurity companies, and you’ve developed an understanding of the market, proven your technical chops. Or you’ve come out of US National Labs, principally the National Security Agency.

I've got a thesis on cybersecurity that if you look at all the activity in cyber that’s taking place on a global basis, in most cases those playbooks that adversaries use to attack any given customer or critical infrastructure, whatever it may be, originated somewhere as an offensive playbook. The state actors, operating in the name of national intelligence, are operating five to seven years ahead of industry. What that means for us is that when we’re building companies we have a bias towards people coming out of that environment because they wrote the offensive playbook. They are what I call the “domain masters,” and if you’re going to build a capability against an attack vector, you want to be working with the people, if you possibly can, that developed those tech vectors. That are inside the head of the attacker, of the adversary, know how they think, know how they’ll attack, because they were once in those same shoes. DataTribe captures a lot of that DNA, which is why it sits in Maryland. We see that in the Allegis portfolio with companies like Area 1 or Synack here in Silicon Valley. The founders of those two companies are ex-NSA, and so we think when it comes to cybersecurity and data science that government labs are where some of the most advanced capability in the world is, so we deliberately try to tap into that.

I’ll give you a really good example of a company that’s worked through this journey. There’s a company in our portfolio called Dragos, which is an industrial control systems security company. They’re the guys that make sure that the electrical grid doesn't get turned off by hackers, that petrol chemical facilities don’t blow up, that water systems function. All of the things that we call critical infrastructure. The CEO and the founding team of Dragos came out of the National Security Agency. Once upon a time they were nation state actors developing offensive capabilities to protect the interests of the United States and, along the way, when adversaries began to attack critical infrastructure, because of their domain knowledge, they moved from offensive to defensive because they had the expertise. They understood the systems, they understood the networks, they understood the technology, they understood the nature of the attack. They had domain mastery. 

When they started Dragos they started it with DataTribe, and it’s a good example of what DataTribe does, bringing in not just capital but expertise and resources to help the team take their technical knowledge and their technology vision and shape that into a company. When Dragos was ready for their Series A financing, it was co-lead by Allegis. So, in some ways DataTribe becomes a little bit of a farm system that’s optimized around working with entrepreneurs who are just starting a company and have very little, if any, commercial DNA but have a great idea and a great vision for the marketplace. DataTribute was built around the skills, the resources that need to be available to facilitate the transition of those companies, and then it feeds Allegis.  

Prevalion, in the Allegis portfolio, is another company that started at DataTribe, and it started with two people with deep domain expertise, a great idea about how to change the landscape in cybersecurity. They spent a year working through the DataTribe process to the point in time where they were ready for a Series A financing, which was led by Allegis.

VN: What are some lessons you learned?

BA: What proves itself time and time again is that the business is fundamentally about people, people, people. A great macro opportunity, that’s a good place to start. Great technology, always important. But, at the end of the day, your ability to win, or your inability to win, will come down to people. It’s not technology, it’s not the market, it’s always people and that’s a truism that people understand but it’s too easily forgotten too many times.  

One of the big challenges in venture, and it’s not so much venture as it is about innovation, is getting market timing right. From an innovation perspective you can be right on the fundamentals and wrong on timing, and it’s not a success. So, being able to align the idea with the market timing for that idea, the market’s willingness to embrace that idea, becomes really, really important from an investor perspective. The second company that I started back in the 90s was called InfoGear, which built the original iPhones. So, the fundamental patent was ours, we owned the trademark for iPhone, we owned the trademark for iPad. The architecture that drives the smartphone industry today, we created a lot of that. We sold the company to Cisco, we had a very nice exit, but not compared to the market as we see it today. That was a matter of market timing - we were just ahead of the market. So, when you’re operating in venture it’s understanding not just technically what’s interesting and what’s disruptive, but how does that tie into where the market is today? Are you eliminating a point of pain around which there are dollars attached? Or is this a really great idea that the world will eventually embrace? The challenge is that if you’re waiting for the market to develop the carrying cost of the investment, it can just totally destroy the opportunity for successful investment. If you’re five years ahead of the market, it’s better to wait four years and then start. So, all of us, we see ideas that we love and are truly disruptive that will make a difference, but whether it’s as an investor or an entrepreneur you have to be very sober about, is the market ready for this idea today? Why is the market ready for this idea today? Why will the market embrace this idea today? That’s one of the fundamental questions that sometimes we look past and we find out that we’re operating too hard ahead of the curve. 

Another issue, and it sounds trite but people struggle with it, is product-market fit. It’s just going back to, who is the customer? The problem the customer has, how valuable is the solution to that problem? And can I address that with my product or offering? I don't think companies do nearly enough work upfront trying to get that product-market fit right. It’s like, “We’ve got money, let's go sell.” If you haven't figured out product-market fit then you’re going to burn through a lot of money selling a product that that does not have a fit in the market. So, that’s another one of those areas where if you want to talk about what does all scar tissue teach you? It’s get product-market fit right. I’ve too many companies that have raised massive amounts of money based on the promise of their capability to solve a problem, and they don't get product-market fit right and they blow through all that capital. Then they’re back having to do some sort of a reset, if they’re fortunate enough to be able to do a reset.  

VN: What excites you the most about your position as VC?

BA: I tell people all the time, “I’m not an investment manager. I build companies.” So, I still view myself, fundamentally, as an entrepreneur. I love the process of sitting down with bright people that have an idea of how to change the world in a significant, fundamental way and then partnering with them to take that vision and see it realized. You look at the temperament of our firm, we are all about finding those opportunities, rolling up our sleeves, becoming part of the team and leveraging our own operating backgrounds and our expertise in building companies to help entrepreneurs take a vision and to see it realized. 

It’s fundamentally a creative process. People look at venture capital and say, “It’s finance,” and there are parts of venture capital that are, particularly the later stage, but early stage venture capital is a creative process. I thoroughly enjoyed my career as an entrepreneur building companies in Silicon Valley, and what we do allows me to keep working with the next generation of entrepreneurs to lend my experience, to lend my network and resources to facilitating their success on their journey. It’s heady stuff and when you really become part of the team, you get to celebrate the ups, and you struggle with the downs, but you’re in the trenches, on the field, fighting with the rest of the team that you’re backing. That’s rewarding if you’re wired that way, and the personality of our firm reflects that and I think it’s what we all enjoy.

VN: Is there anything else that you think I should know about you or the firm or your thoughts about the venture industry in general?

BA: We launched something last May, and it’s a separate activity, called the Global Cyber Innovation Summit, which has been described by the people who were there as the, “Davos of cybersecurity.” It’s an invitation-only event over two days, it takes place in Maryland, and the idea is to bring together the cognoscente of cyber from around the world so they can spend two days in an environment where there’s no selling allowed, it’s all about thought leadership and in an environment where we’re operating on the very cutting edge of cyber, whether it’s innovation or it’s policy or whether it’s strategy or whether it’s governance.  

We did the first Global Cyber Innovation Summit in Baltimore last May, we had about 200 people there, again all by invitation, and it was an amazing gathering of people. We had 70 or 75 chief information security officers out of the major corporations from around the world, we had people from outside the United States, we had a number of presentations by the NSA, we had the head of cyber from the FBI, the head of counterintelligence from the FBI. So, it was this really interesting amalgamation technology innovations, chief information security officers, policy people and cutting edge innovators. We also had a board session on cybersecurity in the board of directors led by a number of Fortune 100 board members. 

The idea behind it, where it came from, was a series of conversations with friends of mine in the industry who were all lamenting the fact that cyber has become so hot that wherever we go today, we're all being pitched. You can’t go anywhere without being pitched by one of those 3,500 cybersecurity companies that want to raise money. We were lamenting that we couldn’t just get together ourselves and talk about ideas, about where we think the industry is going and where the problems are going to come from in the future. One my friends said, “We should just do that, we should just create that.” That idea became the seed for the Global Cyber Innovation Summit. The rules are that have to be invited, which means you have to have a level of stature within the community, but there’s no selling allowed. There are select companies that are invited to participate in the program because they’ve got domain expertise in an area that the community thinks is important. It was amazing what it created; a Fortune 50 chief information security officers, who I will not name, said, “That was the best two day conference that I’ve ever been to, because it was driven by content, it was driven by thought leadership, it wasn’t about selling product. It was about discussing the issues that affect the cybersecurity industry and practitioners.” 

Support VatorNews by Donating

Read more from our "Meet the VC" series

More episodes

Related Companies, Investors, and Entrepreneurs


Bob Ackerman

Joined Vator on


Michael Janke

Joined Vator on

I am a 6-time CEO/Founder, co-founder of cyber startup foundry, DataTribe, author of 2 books and former Navy SEAL