2023 Year in Review: NightDragon Portfolio CEO Perspectives on Market Trends and Future Predictions

2023 was a monumental year in the cybersecurity, safety, security and privacy (CSSP) industry, with rising risk alongside new opportunity. We saw rising national security, geopolitical and cyber attacks juxtaposed against strong industry growth, including the first billion dollar cybersecurity company valuation, one of the biggest acquisitions in cybersecurity history, and the emerging AI market reaching nearly $200 billion dollars.

As part of our end-of-year content series, we asked the CEOs of NightDragon’s portfolio to share both insights from 2023 and projections for 2024. NightDragon’s portfolio includes leading companies in the CSSP space. Between them, their CEOs have collective decades of experience in their sectors, as well as in building companies. 

Take a look at what they have to say about what trends they are watching: 

Frank Backes cover photo

Capella Space CEO, Frank Backes—2023 was a pivotal year for commercial synthetic aperture radar (SAR). Capella received growing feedback and recognition that its data outperforms other offerings in the market and is best placed to reliably capture our rapidly changing world. Global 24/7, all-weather SAR satellite imagery offers unparalleled insights into activity happening today – day or night and in all weather conditions – allowing more persistent and reliable monitoring of human activity and Earth processes. 

This past year Capella witnessed a huge drive toward developing powerful AI and machine-learning analytics for faster decision-making across a variety of applications, including environmental monitoring, post-storm damage assessment, vessel & aircraft detection, and more. The launch of our Analytics Partnership Program back in February has been foundational to this, putting our high-quality imagery into the hands of a wider range of data scientists and decision makers. The results have exceeded our highest expectations. 

The global increase in demand for SAR driven by expanded awareness of applications that SAR can inform, supports the need for more capacity. To meet the global demand, Capella Space recently announced our 2024 launch schedule lined up to augment our existing constellation with third-generation technology to ensure increased data capacity and security for our customers. These new satellites will help demonstrate a wide range of new capabilities, from enhanced image quality and reduced latency, through to enhanced tasking and delivery workflows, new product offerings, and an even greater number of analytics partners ready to support government and commercial customers across the world.

vArmour CEO, Matt Gyde—As the cloud migration wave has stabilized throughout 2023, the industry spotlight has shifted to reinforcing day 2 operations and fortifying the resilience of business-critical applications. This shift signifies a heightened focus on operational resilience – a critical need in today’s dynamic landscape of cyber threats, data privacy concerns, and rapid technological changes. Organizations must now steer their efforts towards establishing robust ICT risk management frameworks, continuous risk assessment, and business context-aware solutions for informed decision-making.

Simultaneously, prevailing market conditions have prompted a broader reevaluation of investment strategies within the industry. Tightened budgets have necessitated a pragmatic refocus, directing resources towards initiatives more closely aligned with core objectives. Despite this restrictive environment, the industry is experiencing an upsurge in innovative approaches, urging the exploration of novel methods like AI to enhance operational efficiencies and drive growth amidst evolving market dynamics.

Amidst these shifts, compliance and regulation are resurfacing as pivotal concerns shaping the industry landscape in 2024. The upcoming enactment of the Digital Operational Resilience Act (DORA) within the European Union serves as a pressing example, highlighting the increasing role of government-imposed resilience requirements for critical infrastructure. As regulatory demands increase across industries and continents, enterprises will need to turn to automation to navigate the stringent operational resilience requirements set forth by regulations like DORA, enabling streamlined processes and ensuring compliance without compromising operational agility.

ThriveDX Co-CEO, Founder, and Executive Chairman, Dan Vigdor—Cybersecurity is and will always be tied to protecting our way of life. At ThriveDX, we’ll continue to do just that –  bring quality cybersecurity training to the under-resourced communities to enable the masses to enter the highly needed, highly lucrative and sustainable jobs that protect government, enterprise and our way of life. Solving the cybersecurity workforce shortage and skills gap plays a crucial role in protecting organizations, individuals, and governments from a wide range of cyber threats and attacks.

Security is truly everyone’s problem; virtually every aspect of personal and professional data is at risk. Many critical infrastructure sectors, such as energy, healthcare, and transportation, rely on interconnected digital systems. A cyberattack on these systems can have devastating consequences like reputation damage, privacy concerns, and in some cases fines and legal repercussions.

The buzzword for 2023 was artificial intelligence and as we move into the new year, this will continue to reshape every industry, including cybersecurity. AI will be utilized to strengthen cyber defenses and we also anticipate there will be widespread AI-based software adoption. Most importantly, there will be a mass rollout of AI training and techniques that individuals, organizations and government entities should all adopt to become the most resilient. Our commitment is to ensure that this is achieved with the entities we collaborate with and beyond.  

Onapsis CEO, Mariano Nunez—In 2023, we continued to see increased threat activity targeting ERP applications like those from SAP and Oracle. Because these applications are the core and lifeblood of most large enterprises, we will continue to see both rapid growth in this application security category and threat actors targeting them for financial gain.

Since inception, Onapsis has discovered over 1,000 zero-day vulnerabilities in ERP applications and counting. Combine this with recent data showing that time to exploit for vulnerabilities continues to decrease and there is a perfect storm of complexity for enterprises. We will continue to see utilities and manufacturing companies targeted due to their pivotal role in infrastructure and economic impact, respectively.

Finally, as organizations move to the cloud, security is (and should be) the number one consideration for digital transformation projects. Moving to the cloud expands an organization’s ERP attack surface and therefore, building in security to these projects and implementations is key to ensure proper protection of these critical applications.

This blog is the first in our series of year-end content. Keep an eye out for our upcoming articles from our advisor council and the NightDragon team.