September 7, 2022

History doesn’t always repeat itself…

Sometimes it just rhymes. (Here we go again.) 

By Roger Thornton, General Partner

From the great stagflation of the 1970s and the dotcom bust of the early aughts to the 2008 global financial crisis, economic cycles are as dependable as death and taxes.

As we now find ourselves “doom scrolling” through tumultuous new market declines after nearly 13 years of consecutive economic growth, we’d all best learn from the past, ask the right questions, and make the right moves going forward. As a founding partner of Ballistic, that’s precisely where my mind has been since we began.

But, while it’s tempting to look to the 2001 dotcom bust or the 2008 global financial crisis for historical guidance, let’s first make sure we are looking at the right history.

History repeating – or just rhyming?

Thankfully, any comparison to the 2008 global financial crisis is easy to dismiss. Why? Well, for starters, the entire global capital system was teetering on the verge of collapse. Nobody knew the depth of the contagion or the best path to make the system solvent again. It was a black swan event and hopefully the only time in our lives that panic was the rational response. There are no indicators in today’s situation that even remotely suggest the same.

So, what about the dotcom bubble? This comparison is a little more tempting. Technology has been at the center of the blast zone this time, just like it was in 2001. The so-called FAANG companies have led the declines accounting for more than $3 trillion dollars worth of lost market cap earlier this year. In 2001, weren’t the markets dominated by large tech companies that fell from their lofty perches just like now?

Well, the simple answer is “no.” 

In 2001, what we’d today call tech companies had just a tiny fraction of the overall equity market capitalization that they have today. Netflix was sending DVDs through the mail, Apple had just released its first iPod, and Tesla wasn’t even a dream yet. Most of the carnage in the equity markets occurred when new, overpriced, and worthless internet companies fell from insanely high valuations down to zero. Much of the rest came from the declines of those who sold computers, networking, and fancy office chairs to those Internet companies.

Today’s tech markets have enormous value.

Here’s a story to remind you of the VC-fueled orgy of spending that defined the dotcom bubble. The story begins with a major web development company – one that did not survive. This firm charged outrageous fees to build websites for freshly minted startups who couldn’t be bothered to build their own product and for clueless Fortune 500 clients who were terrified of missing out.

There were a lot of growing pains in this young company as they hired hundreds of new employees each month into multiple development centers around the globe. Instead of slowing down to scale at a rate they could actually handle, their answer was to buy a jet and send a strike team of elite dotcom talent to circle the globe to impart their collective wisdom on each of their offices (they were each about 3-4 years out of college).

I am not sure how well that worked, but I had the good fortune to run into that team at a popular supper club in San Francisco, and I can assure you that they were extremely capable tequila drinkers with an unlimited expense tab. They were fun to hang out with—until the music stopped and the party ended. 

There are many lessons to learn from the dotcom crash, but I assure you that our current woes do not require them. Yes, most of the pain is in the technology sector and yes, the declines have been steep and fast, but most of the recent damage has been done to historically high valuations of outstanding companies, not to worthless dotcoms that would never see a penny in profits. Unlike in 2001, most of these are still terrific businesses with enormous cash flows and EBITDA.

If it’s not the dotcom bust, then what is it?

Before the pandemic, economies around the world were running hot, employment was strong in most of the developed world, and things were relatively good. The pandemic caused shock and fear, but in the end, it mostly just shifted spending from “going places” and “having fun” over to “staying home” and “buying stuff (with paychecks or stimulus checks).” The spike in demand disrupted supply chains, causing shortages and price spikes, and damaged a lot of mom-and-pop service businesses.

Today, stimulative policies remain in place around the globe, the war in Ukraine is further disrupting supply of key commodities, and we’ve ended up with some nasty inflation. I’m not sure about you, but I have not seen this exact movie before. It rhymes a little bit with the 1970s, perhaps, but this is really something else.

Here’s what is for sure, though: a lot of the money in equity markets over the past decade never wanted to be there in the first place. Conservative money managers and a legion of baby boomer investors were driven there by anemic returns in safer harbors like bonds. As interest rates now rapidly rise off historic lows, those investors can finally shift money back where it wanted to be in the first place.

Take a few trillion dollars out of the equity markets, raise inflation expectations and core interest rates, and valuations come down. Crazy valuations come down a lot. The speed of these changes is scary, and it may be a bit overdone, but it is really quite rational.

What does all this mean for cybersecurity?

Acceleration to unicorn status in a couple of rounds with minimal sales traction is now off the table, (thank goodness). Founders building enduring companies will now reap the rewards instead of those simply adding a feature or product to the landscape. High-flying startups with little revenue, limited ability to generate cash, and ultra-high financing had better make good use of their cash or accept the cursed “down round.”  

It has been a generation since something like this happened. In this way, it does rhyme with the dotcom bust. Some of the promising new players we see out there today are not going to be around in a year or two. Later stage startups that are slow to revenues or profits are going to have trouble retaining talent with their options underwater.

As valuations reset, cybersecurity buyers will become more discerning and venture investors like Ballistic are going to scrutinize deals more vigorously. Rounds are likely to be more modest than what we have seen in recent years. But founders who are intent on building great companies that solve big problems will always be afforded the opportunity to do so.

It isn’t all doom and gloom.

This is actually a great time to launch a new company – or a venture fund, for that matter. If you set off to grow an enduring company today, you will have fewer distractions and a number of key advantages. The cost of commercial space is cooling down, for instance, even with inflation. And thanks to the end of the false wind in their predecessors’ sails, ambitious young startups will now have a chance to scoop up some of the great talent jumping ship.

Meanwhile, don’t forget about the bad guys. The steady waves of cybercrime that drove the growth of cybersecurity throughout the upcycle aren’t going to go away. On the contrary, they will likely get worse, as criminals take advantage of any hesitancy in their marks.

And finally, keep in mind that there is more than $20 billion in cyber venture capital to be deployed, and money in the bank hasn’t been this big a liability since 1981. That history matters, too.

Here’s my advice for my peers across this industry.

If you are a later stage cybersecurity venture, now is the time to work out where your true value proposition lies, and to organize (or reorganize) your entire operation around it. Get your sales numbers up, fast. If you are not generating cash, your growth margins better be truly phenomenal. When you next go to raise money, that is what investors will be looking for. You can’t get by on wind from the market anymore.

If you are an early-stage cyber startup, you are in a great position. Go grab some of that talent, sharpen your milestones, and go for it! But beware – this downturn will be a different experience for the weaker players than it will be for the cream of the crop. Make sure that you are the latter.

If you are a cyber buyer, be careful. You can’t afford to stop investing in cyber, but you might need to start considering the longer-term impact of the technologies you choose. Ask yourself: Will this company be around for act two? Can they afford to keep developing and providing support? What is Plan B if my current vendors begin to struggle?

Yes, here we go again, indeed. And yet, this time will not be quite like all the other times before, except in one manner—this, too, shall pass. Things are going to be tough for a while. But when they do finally turn around, as they always do, the cyber players who were able to build for the long-term are going to come out far ahead of the pack.

As for the rest? Well, I guess they may just be . . . history.