European Entrepreneurs must go abroad on day 1.
An Open Letter To My Fellow Cyber Entrepreneurs over Europe about our Booming Ecosystem, Missed market opportunities, Timid International Ambitions and a European Entrepreneurs Mindset Shift.
Hello Cyber Builders 🖖
The European cybersecurity startup ecosystem has grown a lot in 15 years. From a few startups and companies in 2010 (“Laurent, you do cyber-what?”) to a material domain for our societies, everyone understands how important cybersecurity is. Fighting against criminality, nation-state espionage, deep fakes, and misinformation is crucial to defending our democracy. I enjoy seeing this movement.
Still, European founders are not focusing on the right topics and must double down on what matters. So, I wrote them an Open Letter to share my thoughts and hopefully ignite a debate. I used some stats from the French ecosystem, but the situation is similar to my conversation with VC in the UK, Netherlands, Germany, or Spain.
I am calling for a change. A shift. European Entrepreneurs must go abroad on day 1.
Please comment below or on social media (LinkedIn) to share if you approve or disapprove. Let’s debate!
Dear Entrepreneurs….
As Louis XIV once said, “It is incomparably easier to be what one is than to imitate what one is not.” While our beloved French king had a point regarding strategic decisions, the 21st century demands a global vision and an understanding of worldwide technological ecosystems. Looking in the mirror does not help when you are an entrepreneur.
The release of the Wavestone and BPI radar provides us with a valuable opportunity to review our ecosystem: its strengths, dynamism, successes, weaknesses, and structural issues.
A Thriving French Cyber Ecosystem
The French cybersecurity startup ecosystem is growing! There have never been as many cybersecurity tech companies in France as now. The study counts 212 companies, with 50 new ones in 2023 alone. The sector is booming, with new companies launching and fresh entrepreneurs bringing energy and ideas.
Entrepreneurship is a mindset: a desire to change things, to take personal risks to succeed, and to transform the market.
Startups are emerging in three areas: securing AI, protecting data, and strengthening SMB security. These strategic domains will require significant investment in the coming years. Fortunately, you, the entrepreneurs, are embracing these challenges and seeking innovative solutions. You raised €229 million in 2023. Bravo!
Missed market opportunities
However, let’s take an objective look at our ecosystem, compare ourselves on an international scale, aim globally, understand our strengths and weaknesses, identify our gaps, and act to become stronger.
Its culture, universities, training programs, major clients, and European and French regulations influence our European and French ecosystem. It seizes opportunities such as detection—xDR (EDR, Next-Gen SIEM)—with companies like Sekoia, Harfang Lab, or Thetris, creating high-quality offerings. New startups, such as Mindflow and Filigran, are investigating this field.
In more deep-tech areas, we are developing solutions with high-security levels, such as those based on cryptography or data security (Crypto Next, Astran, Mithril).
Yet, collectively, we are overly focused on certain topics while neglecting others. For instance, we overlook sectors like cloud security. While French companies spend billions hosting their infrastructure in the cloud, no cloud cybersecurity startups exist in France and Europe. Meanwhile, companies like Wiz, founded in 2020, are exploding elsewhere. Wiz is the fastest-growing company in history, generating $350 million in revenue and raising $900 million in just four years.
French cybersecurity startups have missed some fast growing market such as Cloud Security or SASE.
Similarly, the application and software security market is booming in the US, while in Europe, it remains timid. Europe has innovated with the most comprehensive regulation on the subject—the Cyber Resiliency Act—yet struggles to see champions emerge in this domain. What a pity.
Timid International Ambitions
One last figure: in 2023, Israel had 468 cyber companies with a total raised amount of $1.9 billion, as much as Europe. Israel has 9.5 million inhabitants, while Europe has 447 million.
We, cybersecurity entrepreneurs, must focus on security issues where the market is mature and develop solutions that align with user needs and expectations. Our technological knowledge must align with the market. We need to put much more emphasis on sales and marketing. We know this because we’ve been repeating it for years.
Comparing ourselves also highlights our painful lack of international ambition. Our companies sell little internationally, even though cybersecurity is a global market. Criminals operate beyond borders, but our ecosystem remains local.
We spend too much time in France, selling to our close network, while we should overcome our fears, improve our English, and seek to internationalize, starting with Europe and then the United States.
European Entrepreneurs Mindset Shift Is Needed
Let me repeat myself here: I am calling for a change. A shift. European Entrepreneurs must go abroad on day 1.
Cross borders in the first year of startup creation. Spread your ideas on the Internet. Create online communities. Speak English. Participate in themed events in Berlin, Munich, London, and Amsterdam.
In cybersecurity, sales cycles are long, around 6 to 9 months. Clients take the time to evaluate the relevance of solutions and want to trust their future provider. Building this trust takes time (see Ross's post for in-depth details). By going international quickly, we make this image and network. We meet professional associations, integrators, and service companies. We appear as experts in our field. Ultimately, we sell our solution.
This approach takes time and requires the total involvement of entrepreneurs. It demands a change in mindset, focusing more on the market, the end-user, and internationalization.
Are we ready to take on this challenge?
Laurent 💚