Does European Cybersecurity Suffer from a Lack of Investments? (Interview of David Dana, EIF)

1. What is the role of the European Investment Fund in the ICT and cybersecurity sector?

The EIF was set up some 25 years ago with the objective of supporting innovation and job generation in the EU, primarily through providing access to finance for small and medium-sized enterprises. Very early on, we decided to do this through intermediated finance—through investments in venture capital funds. The EIF has been the main contributor to the European venture capital ecosystem, allowing thousands of start-ups to find financial resources, even in times of economic slowdown when banks and financial institutions were reluctant to finance technology companies.
In cybersecurity specifically, the EIF has a policy-driven role. That’s because the European Commission identified it as a key sector, so the EIF is very keen in supporting investments in the sector, as long as they are combined with a strong commercial proposition.
So far, this has translated into investments in two venture capital funds focusing exclusively on cybersecurity.

2. Shall we expect a change in your policy, in particular considering the focus on cybersecurity of the European State of the Union speech in September 2018?

As the investment arm of the EU, the EIF is a key player when it comes to supporting the emergence of a new sector. Our investment thesis is the same for all sectors, however, in that we must combine policy goals and financial returns.

3. The Czech-based cybersecurity company Avast raised $200 million on the London Stock Exchange and reached a $3.23 billion valuation, which makes it one of Europe’s largest tech initial public offerings in 2018. Do you see this as evidence that European cybersecurity is successfully meeting global competition?

Europe is and has always been a leading area for technology development. In a dynamic and continuously evolving environment, competition is global.
All sectors and geographies are disrupted and threatened by entities all over the world.
Avast’s initial public offering confirms that Europe has some big successes, and we believe there are many more to come.

4. Is your portfolio focused on cyber?

The EIF’s portfolio is mainly made up of ICT funds. We do not have many that specialise in a single theme. We currently do not have a strong cyber focus, but we see it as a sector with a lot of potential that we are willing to support when the right investment opportunities arise. This is something we have observed in the Fintech sector over the last 4 to 5 years. Fintech is now a key area in the European tech ecosystem.
Our objective is to foster the innovation ecosystem, while achieving policy objectives at the same time.

5. Venture investment doubled globally between 2016 and 2017 to reach $7.6 billion. Also, we have seen in 2018 a European venture capital fund backing a €10 million fundraising just to support the US expansion of a European cybersecurity company. Is the attractiveness of the US market a threat or a sign of weakness of European cybersecurity investment?

We see the US market rather more as an opportunity than a threat, especially when it comes to the commercial expansion of European cybersecurity companies.
The US market is huge. European companies that have a clear competitive advantage can generate tens of millions of dollars in revenues relatively quickly. We have several examples of that kind of growth to prove this.
Further, a large number of established top-tier investors in the US have already made investments in cybersecurity projects over the last 20 years. They now have experience supporting such companies.
Where we see a weakness in Europe is that the exit market is still mainly driven by US players, whether they are financial investors or corporates. Thus, to be seen as a possible target for acquisition, a local presence is a must.

6. What are the three best things that you would like to see happening in Europe on the cybersecurity sector, as a result of your actions?

This sector is still in its early stages in Europe. What we need most are private investors allocating resources to the sector to help us in providing specialised managers with sufficient capital, thus supporting their investments with the required financial means.
Hopefully, this should result in financial successes that would allow the European cybersecurity market to be self-sustaining.
Therefore, the three best things we would like to see are (i) private investors, (ii) financial successes, which would in turn promote (iii) the long-term sustainability of this strategic sector.

David Dana is head of VC Investment (ICT) at the European Investment Fund.