The phase is ready for consolidation in the ZTNA market

You may have heard of the hype about zero trust cybersecurity, a new architecture that assumes everyone and everything is bad. Businesses are increasingly looking for more sophisticated ways to secure networks and data, as attack vectors include the use of the cloud and the internet.

ZTNA has received increased interest in recent years, with significant venture capital (VC) investments and investments by larger companies building their portfolios. Expect it to be an area of ​​continued focus for networking and cybersecurity companies going forward, which will drive mergers and acquisitions, especially as the correction in technology markets has pushed private company prices down.

What is Zero Trust?

If you haven’t heard of it, zero trust is a hot buzzword in cybersecurity circles. It is more of a philosophy than a specific technology, but it has important implications for emerging cybersecurity technologies, especially in the area of ​​networking, where applications of the approach are often referred to as ZTNA (Zero Trust Network Access).

As networks and applications are becoming more and more complex, it is more important to verify and authenticate users and applications across multiple dimensions. We now have cloud networks, Wi-Fi, Internet of Things (IoT) devices, remote users, and hybrid work. ZTNA technology can be used to track and automate the authentication of devices and people as they use all of these networks and applications, or in many cases travel across clouds or the internet.

NIST believes that a zero-trust strategy is “primarily focused on protecting data and services, but can and should be expanded to include all corporate assets (devices, infrastructure, components, applications, virtual and cloud components) and individuals ( end users, applications and other non-human entities that request information from resources ”.

Many ZTNA systems and cybersecurity tools work in a similar way: collect as much data as possible from different sources, then process or analyze that data in a policy engine that can determine if user access is legitimate or a threat. These sources can include:

• User credentials

• Network devices (routers, switches)

• Devices and endpoints

• Log files

• Application workloads: for example, virtual machines (VMs) or containers

• Cloud data or applications

• API sources such as Single Sign On (SSO), Security Information and Event Management (SIEM), Identity Managers, Threat Information Database

So what’s the next step for ZTNA?

My company Futuriom recently delved into the ZTNA technology market, identifying key trends and market leaders. This included a review of all public and private companies involved. As mentioned, ZTNA is a VC investment hotspot these days, with over 30 active startups. Some startups in this area have recently received large rounds, for example Perimeter 81 recently raised a $ 100 million C round in June.

ZTNA is likely to be a fertile area of ​​acquisition, with 20 major public cybersecurity companies adding ZTNA products and solutions. There have already been some deals in this area, most notably Juniper Networks’ acquisition of WiteSand earlier this year.

Some of the conclusions our team of analysts made after examining this market:

  • The current addressable market for ZTNA products and services exceeds $ 10 billion. This number will be driven by the fact that ZTNA products are being used to replace outdated approaches in the multi-billion dollar virtual private network (VPN) market, but the benefit is much higher.
  • While recent VC funding for ZTNA remains robust, it is likely to slow down. Valuations were too high in the startup market and the VC market is shrinking. With interest rates soaring and tech markets down, 2021 valuations above 20x sales are no longer sustainable.
  • Consolidation is coming to the ZTNA supplier market. With a slowdown in VC and over 20 strong ZTNA startups on the market, larger companies will make acquisitions to fill ZTNA portfolios. The decline in startup valuations will be opportunistic for public companies that have the cash and capital to play.

Many corporations have positioned themselves as ZTNA leaders, although they may need more technology to fill parts of their portfolios. Some of the public companies to watch out for in developing this market include Akamai, Appgate, Cisco, Cloudflare, Fortinet, Jamf, Juniper Networks, Okta, Palo Alto Networks, VMware, and Zscaler.

Citrix, which recently went private, is also worth keeping an eye on, along with another private equity firm, Barracuda.

On the startup side, look for companies that raise the most funds to take it to the next level or look for deals to get out. Some of the key startups to watch include Axis Security, Banyan Security, Cato Networks, Cyolo, Elisity, Infiot, Illumio, NetFoundry, Netskope, Perimeter 81, Teleport, Versa Networks, Wandera, Waverly Labs, Zentera Systems.

Some of these companies are even nearing maturity for a potential initial public offering (IPO). Companies I would identify in the development phase to begin considering an IPO include Cato Networks, Netskope, and Versa Networks. All of which makes ZTNA an exciting cybersecurity niche market to keep an eye on in the coming year.


Leave a Reply

%d bloggers like this: