幸运武林开奖直播|福彩幸运武林风开奖走势图
訂閱

多平臺閱讀

微信訂閱

雜志

申請紙刊贈閱

訂閱每日電郵

移動應用

商業

這家私募巨頭攜巨資進入網絡安全領域

Rey Mashayekhi 2019年04月23日

私募最近開始在網絡安全領域發力并非什么秘密,而且理由充分。

文森特·萊特里在2017年于科羅拉多州阿斯彭舉辦的《財富》頭腦風暴科技大會上發言。圖片來源:Stuart Isett/Fortune

私募最近開始在網絡安全領域發力并非什么秘密,而且理由充分。研究機構Gartner預計,隨著網絡攻擊和數字詐騙變得越發常見,今年全世界為保護敏感數據和信息而投入的資金將達到空前的1240億美元。

這意味著打算提供網絡安全解決方案的公司也將比以往更多,而且這些公司都需要發展資金。KKR等私募巨頭已經進入該領域。2016年,KKR的Next Generation Technology Growth Fund(NGT基金)完成融資,共籌集資金7.11億美元,計劃投入處于成長階段的科技、傳媒和通信公司。

迄今為止,實際情況證明網絡安全行業是該基金投資方法不可或缺的一部分,它的目標還包括企業軟件、金融科技和消費互聯網企業。這只基金已經通過Cylance等端點安全軟件公司取得回報。今年早些時候,黑莓斥資14億美元收購了Cylance。同時,該基金還領投了英國人工智能企業Darktrace,后者于去年9月完成了最新一輪融資,估值16.5億美元。

最近的消息是,《財富》雜志今年3月報道KKR同意參股佛羅里達初創公司KnowBe4,投資5000萬美元,對KnowBe4的相應估值為8億美元。KnowBe4的領導層包括聲名狼藉的黑客凱文·米特尼克,其業務是向公司及員工提供網絡安全培訓,從而建立抵御釣魚式攻擊和數據入侵的“人肉防火墻”。

KKR的董事總經理文尼·萊特里一直在參與指導上述投資。他是該公司一支20人團隊的成員,其他成員則來自于硅谷、紐約和倫敦等地。據萊特里介紹,NGT基金目前投資了11家公司,“已經運用了約90%的資金”。雖然高估值背景下的2018年對該基金來說是“真正緩慢的一年”,KKR只進行了葡萄牙科技公司OutSystems這一筆投資,但實際情況證明今年這只基金更為活躍,除KnowBe4外,它還在2月投資了密歇根州軟件公司OneStream。

萊特里在曼哈頓中城的KKR辦公室接受了《財富》雜志的采訪,談到了KKR在網絡安全領域的投入,數據是否真的是新石油以及KKR三分之一的員工面對釣魚式攻擊時中了招。

《財富》:作為私募領域老牌巨頭,KKR推出成長基金的動力是什么?

文尼·萊特里:我覺得這項策略是亨利·克拉維斯和喬治·羅伯茨一直試圖在公司推廣的那些東西的產物。我們的決策是轉向我們所說的成長導向型并購。也就是說,追逐那些收入增長快而且仍然有機會擴大規模的公司,而不是對資金充裕、增長緩慢的傳統公司進行金融性收購,對后者要使用杠桿,同時通過控制成本來獲得回報。這些成長導向型收購背后的主旨是通過保持或提高收入增速并幫助[公司]擴張來取得回報。

我們看到有很多機會朝我們而來。這些機會真的很有意思,但只是對我們的并購基金來說太小了。目前我們的北美并購基金的規模是140億美元,讓這種規模的基金拿出5000萬美元或者1億美元來并不會有什么明顯效果。

而且你也看到了,這些公司不上市的時間變得長了很多。十幾年前加入KKR時,它們的不上市狀態平均會保持六年半左右;現在這個數字是大約11年。所以可以看出,價值創造從以往傳統上的公開市場轉移到了私募市場,而我們此前沒有投資這些公司的資金池,這就是NGT基金誕生的經過。

你怎么形容NGT基金打算投資的公司?

我們不會冒技術風險或商業模式風險;我們認為,在風投資金領域,人們都在嘗試提出一個想法,然后圍繞它來建立一家公司,但你不知道自己能否創造出一種技術,也不知道會不會有人付錢來買。這方面的風險回報可能非常高,但這不符合我們的偏好,也不符合我們的差異化思路。

我們覺得自己真正擅長的是[投資于]已經走過技術風險階段,而且產品和市場已經匹配的公司,一般我們會定義為收入達到或超過2500萬美元。我覺得就門檻而言,我們投資的公司的平均收入范圍是5000萬美元至6000萬美元,但它們增長迅速,而且我們認為這些通常是局域性或區域性的公司有機會成長為全球性企業。

網絡安全一直是NGT基金關注的主要投資領域之一。是什么促使你瞄準這個市場?

在網絡安全方面,你會聽到人們到處在說“數據就是新石油”什么的。對此,我們的看法是,資產和價值已經出現了從實體形態到數字形態的巨大轉變,而目前保護這些數字資產的一般都是密碼、網絡以及其他種類的方法。

犯罪活動不再是打劫銀行和藝術品博物館,而是竊取數據和信息。如果愿意,就會看到這種數字化犯罪,我們認為這真的很有意思。我們入駐了幾百家公司的董事會,而每個董事會都會討論網絡安全問題。10年前,沒有人聽說過首席網絡安全官或者首席信息安全官;現在,差不多每家公司都有了,防護需求只會逐步增大。

NGT基金為什么投資KnowBe4?這樣做怎么就和你們的策略一致呢?

盡管針對端點和網絡安全設置了重重保護,但90%的安全漏洞依然出現在員工或消費者層面,就是這個原因讓KnowBe4顯得這么有意思。

我覺得有件事情可以說一下,作為我們盡職調查的一部分,我們和首席安全官一起對部分KKR員工進行了釣魚式攻擊。我們覺得自己的公司里盡是非常誠信的聰明人,但盡管如此,超過三分之一的受測試員工還是點開了那封惡意電子郵件。我們在投資委員會會議上講了這件事情,這讓情況變得非常明了,那就是如果在我們這樣的公司,人們仍然需要接受那種培訓,那它就應該可以廣泛應用到市場中去。

而且這是一種連續的[培訓],因為這樣的攻擊會不停地變化。KnowBe4的有趣之處在于他們一直在對培訓進行更新,包括內容以及推出那些新東西,從而保持領先位置。

你曾說去年的高估值限制了你的能力。那么現在你對估值怎么看?整個環境究竟降溫了沒有?

總的來說,市場上的估值仍然相當高。如果看數據的話,它會告訴你進入風投期和成長期公司的資金都在增多,但投資的筆數變少了,所以單筆投資的金額在不斷上升。

作為客戶資金的管理者,我們必須真的保持自律。至于2018年,就投資而言它對我們來說真的是一個緩慢的年份;我們只做了一筆新投資,那是一家很棒的公司,叫OutSystems,總部設在葡萄牙里斯本。此外還有12項投資我們沒能成為最終的贏家,其中11項都是因為價格。我們回來跟團隊談了,也看了模型,但就是對我們報價的預算感到不放心。今年我們已經做了兩筆投資[KnowBe4和軟件公司OneStream],也就是說我們的成績已經是去年的兩倍。

你們的基金已經用了90%左右,接下來會做什么?

我覺得可以說這個策略非常成功。我們不打算停止這項工作。(財富中文網)

譯者:Charlie

審校:夏林

It’s no secret that private equity has been on a cybersecurity kick as of late—and for good reason. With online attacks and digital fraud only becoming more prevalent, global spending on technology to protect sensitive data and information is expected to reach an unprecedented $124 billion this year, according to research firm Gartner.

That means there are more companies than ever seeking to provide cybersecurity solutions, and those companies need capital to grow. Enter the likes of private equity giant KKR, which closed its $711 million Next Generation Technology (NGT) Growth Fund in 2016 with an eye toward investing in growth-stage companies in the realm of technology, media and telecommunications (TMT).

Thus far, the cybersecurity sector has proven an integral part of KKR’s investment approach to the fund, which also targets enterprise software, fintech, and consumer internet companies. The NGT Fund has delivered returns through the likes of endpoint security software firm Cylance, which was acquired by BlackBerry for $1.4 billion earlier this year, and is a lead investor in British artificial intelligence firm Darktrace, which closed its most recent funding round in September at a $1.65 billion valuation.

More recently, KKR agreed to take a minority stake in Florida-based startup KnowBe4 via a $50 million investment that valued the company at $800 million, as Fortune first reported in March. KnowBe4, which counts notorious hacker Kevin Mitnick among its leadership, offers cybersecurity training to companies and their employees that aims to build a “human firewall” against phishing attacks and data breaches.

KKR managing director Vini Letteri has helped guide these investments as part of a 20-person team spread across Silicon Valley, New York and London. According to Letteri, the NGT Fund, which today has 11 companies in its portfolio, is now “about 90 percent invested.” While 2018 was “a really slow year” for the fund amid a high-valuation environment—with KKR making only one new investment, in Portugal-based tech firm OutSystems—this year has already proven more active, with both the KnowBe4 deal and a February investment in Michigan-based software firm OneStream.

Letteri sat down with Fortune at KKR’s offices in Midtown Manhattan to discuss cybersecurity bets, whether data really is the new oil, and how one-third of the KKR team fell for a phishing hoax.

Fortune: What prompted KKR, an established giant in the private equity realm, to launch a growth fund?

Vini Letteri: I think the strategy is an outgrowth of something that Henry [Kravis] and George [Roberts] have been trying to drive at the firm. We made a strategic decision to shift towards what we would call growth-oriented buyouts. That is, going after companies that have high revenue growth but still have the opportunity to scale—versus financial buyouts of legacy, cash-rich, slow-growth companies, where you put leverage on them and make your return by containing costs. The thesis behind these growth-oriented buyouts was that you make your returns by helping maintain or accelerate revenue growth and helping [companies] expand.

We were seeing a number of opportunities come our way which we thought were really interesting, but were just too small for our buyout fund. Today, our North American buyout fund is $14 billion, and the idea of writing $50 or $100 million checks from a fund that size, it just wasn’t going to move the needle.

And you also have the phenomenon of these companies staying private a lot longer. When I started at the firm a dozen years ago, the average company stayed private around six-and-a-half years before they went public; today that number is around 11 years. So you’ve seen this shift in value creation from what traditionally used to happen in the public markets now happening in the private markets, and we didn’t have a pool of capital to invest in those companies—which is how the Next Generation Technology Fund came about.

How would you describe the profile of the companies that the fund looks to invest in?

We are not trying to take technical risk or business model risk; we think of that as the land of venture capital, where you’re trying to take an idea and build a company around it, but you’re not sure if you can build the technology or if somebody will pay for it. The risk-reward there can be tremendous, but that doesn’t match up with our appetite and where we think we can be differentiated.

Where we feel like we’re really good is [investing in] companies that have moved through that technical risk phase and have product-market fit, which we generally term as having revenues of $25 million or more. I think on entry, our companies on average have somewhere in the $50-to-$60 million of revenues range, but they’re growing fast and we see an opportunity to scale those typically local or regional businesses into global enterprises.

Cybersecurity has been one of the key investment areas that the NGT Fund has focused on. What’s prompted you to target that market?

On the cybersecurity side, you hear these phrases that people throw around, like “Data is the new oil,” or whatever. We think about it as, there’s been this big shift in assets and in value from physical assets to digital assets, and the things that generally protect those digital assets today are passwords and networks and other types of things.

Criminal activity is no longer breaking into banks and art museums; it’s stealing data and information, and you see this digitization of crime, if you will, which we think is really interesting. On every board that we sit on, which is hundreds of boards, cybersecurity is a topic of conversation. A decade ago, nobody had heard of a chief cybersecurity officer or a chief information security officer; now, pretty much every company has them, and the need for protection is just going to increase over time.

What drew the fund to invest in KnowBe4, and how does it fit within your strategy?

Despite all of the protections that you put in place for endpoint and network security, 90% of security flaws still happen at the worker or consumer level, which is why KnowBe4 was so interesting.

I think I can share this; as part of our diligence, we worked with our CSO [chief security officer] to actually launch a phishing attack on a subset of KKR employees. We think this place is full of high-integrity, intelligent people—and even then, over a third of the employees that we sent it out to went ahead and clicked on the malicious email. We brought that up in the investment committee meeting, and it became so obvious that if, in a place like this, people still need to go through that sort of training, then it’s got to be broadly applicable out in the marketplace.

And it’s continuous [training], because these types of attacks change all the time. The interesting thing about KnowBe4 is they’re constantly updating the training, the content and developing new sorts of things to stay in front of that.

You’ve said that high valuations hindered your ability to make deals last year. What’s your current take on valuations? Has the environment cooled at all?

In general, valuations continue to be pretty high within the market. If you look at the data, it would tell you that there’s been more money that’s gone into both venture- and growth-stage companies, but there’s been a lower number of deals, so the dollars-per-deal have gone up.

In our role as stewards of our stakeholders’ capital, we have to stay really disciplined. If you look at 2018, it was a really slow year for us from a new investment standpoint; we made one new investment, a great company called OutSystems based out of Lisbon, Portugal. We issued 13 term sheets—we had one that was accepted, which was OutSystems, and then of the 12 where we weren’t the ultimate winner there, 11 of those was because of price. We went back, talked to our team, looked through models, and we just couldn’t get comfortable budging from our offer. We’ve made two investments already this year [KnowBe4 and software firm OneStream], so we’ve already doubled what we did last year.

With your fund now around 90% deployed, what’s next?

I think it’s fair to say the strategy has been very successful. We have no plans on stopping what we’re doing.

我來點評

  最新文章

最新文章:

500強情報中心

財富專欄

幸运武林开奖直播