Cyber Outlook: An Interview with UpGuard Co-CEO Alan Sharp-Paul

It’s widely acknowledged that the cybersecurity market is in flux, making it an exciting, but also risky, market for investors. Technology Investing News reached out to cyber expert and co-CEO of UpGuard Alan Sharp-Paul to hear his perspective on the sector. Over the course of our interview, Sharp-Paul touches upon everything from his company’s innovative technology, cybersecurity’s impact on other markets and – most importantly – his best advice for investors in this space.

What is UpGuard?

UpGuard is a unique company in the cybersecurity space. Sharp-Paul tells me that “UpGuard’s proprietary technology tests all facets of an organization’s IT infrastructure and calculates their potential risk for future intrusions.” Furthermore, “UpGuard is the company behind CSTAR, the world’s only comprehensive and actionable cybersecurity preparedness score for enterprises. The score allows businesses to understand the risk of breaches and unplanned outages due to misconfigurations and software vulnerabilities. It also offers insurance carriers a new standard by which to effectively assess client risk and compliance profiles.”
These products speak to a central need on today’s cybersecurity market. Essentially, “businesses looking for a holistic view of their risk of cyber breach have to date been forced to use tools that either make an internal or external evaluation of their resilience.” Through CSTAR, UpGuard offers the first platform that provides an easy to understand score that measures an organization’s compliance, integrity and security from both the inside and out. All told, “the UpGuard platform enables customers to trace changes in the CSTAR down to the smallest building blocks of information technology. Using the full report to to remediate the potential risks, companies lower their overall risk level and create a safer environment for customer data.”

And, although “there are currently no plans for an IPO” – the company is instead focused on expanding the platform, forging industry relationships and educating people about the importance of cybersecurity, in addition to adding content such as security policies from CIS (Center for Internet Security) and NERC (Energy sector compliance) – Sharp-Paul has his finger on the pulse of what’s hot in the larger public market as well.

Analytics and cybersecurity

The overlap between cybersecurity and big data was a meaningful point of connection for the co-CEO. He explained that “the risk of companies’ networks being compromised becomes greater each day as businesses invest more heavily in the digital transformation necessary to stay competitive. The attack surface they present today is an order of magnitude greater than it was even a few years ago. They’re dealing with more data, and they have less control over it than ever before.”
Therefore, “analytics, and big data analytics in particular, are playing an increasingly important role. As the markets mature it will become core. In many cases today though the requirement is far more fundamental. A lot of businesses lack even basic visibility into the configuration and security of the systems they manage.”

Short and long term outlook

So what does this all mean for the market as a whole? “In the short term,” says Sharp-Paul, “there will likely be a shakeout in the security analytics space, as companies whose focus was purely data, and not actionable data, will fall by the wayside.” Furthermore, “the IoT [internet of things] space, whilst arguably languishing in its ‘trough of disillusionment’ phase will rise again, and with it the importance of getting security right, something that was egregiously lacking in many cases to date.”
In the longer term, “the most important trend we see is the convergence of the IT security and cyber insurance markets.” Sharp-Paul believes that “cyber insurance today is a broken market, with businesses not understanding their requirements, and insurers not fully grasping the risks. If it is to mature it will need to work hand in hand with security vendors to both understand and mitigate that risk. The rewards of getting this right will be huge.”
Investor takeaway
All in all, investors should “maintain a broad perspective on the industry. Right now people are very focused on endpoint security and encryption, but there are a lot of tangential industries coming into play, like cyber insurance.” Regionally, “the role of emerging markets is also an opportunity for investors in the cybersecurity realm. China, Israel, and Brazil are all huge rising players.”
To learn out more about cybersecurity investing, follow us twitter at @INN_Technology.

Securities Disclosure: I, Morag McGreevey, hold no direct investment interest in any company mentioned in this article.