SAN FRANCISCO — As cyberattacks proliferated this year, Sanjay Beri, the chief executive of Netskope, a cloud security start-up, got a phone call. Then an email. Then more messages.
All were from venture capitalists who wanted to invest in his company. Given the ransomware attacks and nation-state hacks that were making headlines, they told him, companies that made security products had a bigger market and mission than before.
“We weren’t looking for capital,” said Mr. Beri, who founded Netskope in 2012, but the cyberattacks “definitely increased their interest.”
After bids from seven investors, Netskope raised $300 million this month at a valuation of $7.5 billion, up from a $2.8 billion valuation last year. It was one of the year’s largest cybersecurity funding rounds, but not the maximum that Netskope could have attained.
“We could have raised $1 billion in capital,” Mr. Beri said.
Recent cyberattacks around the world have taken down operations at gasoline pipelines, hospitals and grocery chains and potentially compromised some intelligence agencies. But they have been a bonanza for one group: cybersecurity start-ups.
Investors have poured more than $12.2 billion into start-ups that sell products and services such as cloud security, identify verification and privacy protection so far this year. That exceeds the $10.4 billion that cybersecurity companies raised in all of 2020 and is more than double the $4.8 billion raised in 2016, according to the research firm PitchBook, which tracks funding. Since 2019, the rise in cybersecurity funding has outpaced the increase in overall venture funding.
The surge follows a slew of high-profile ransomware attacks, including against Colonial Pipeline, the software maker Kaseya and the meat processor JBS. When President Biden met with President Vladimir V. Putin of Russia last month, cyberattacks perpetrated by Russians were high on the diplomatic agenda. This month, the Biden administration and its allies also formally accused China of conducting hacks.
The breaches have fueled concerns among companies and governments, leading to increased spending on security products. Worldwide spending on information security and related services is expected to reach $150 billion this year, up 12 percent from a year ago, according to the research company Gartner.
“Before we got to this point, we as security teams were having to go and fight for every penny we could get, and now it’s the exact opposite,” said John Turner, an information security manager at LendingTree, the online lending marketplace. Executives, he said, are asking: “Are we protected? What do you need?”
All of this is set to drive business for cybersecurity companies, creating a potential windfall that has excited investors. The average valuation of cybersecurity companies raising funds this year has more than doubled to $524.1 million from $221.8 million in 2020, according to PitchBook.
“In close to two decades as a V.C., I’ve never seen valuations so escalated,” said Asheem Chandna, a venture capitalist at Greylock Partners, who has invested in security companies such as Palo Alto Networks.
The money is flooding into start-ups that are tackling hackers in new ways. Traditionally, security systems at companies relied on the idea of securing a perimeter. That meant companies installed firewalls and other software to protect access to their corporate network.
But over the past several years, a shift to cloud computing has rendered the perimeter and the reliance on corporate networks obsolete. Employees now get access to applications over the internet, rather than through a data center operated by their employer. That has opened the door to start-ups that focus on cloud-based security and identity verification.