What investors are really looking for: Insights from RSAC 2025

At RSA Conference 2025, Ballistic GP Barmak Meftah led a powerhouse panel diving into the state of venture capital and private equity in cybersecurity – from the earliest seed checks to billion-dollar exits. The panel featured venture capitalists Chenxi Wang of Rain Capital, Jason Risch of Greylock, and Greg Clark of Crosspoint Capital, each bringing perspective from different stages of cyber investing.

What makes a cyber company fundable today?
For early-stage investors like Chenxi at Rain, it starts with technical founders solving hard problems in emerging spaces like securing AI agents, data security, and even hardware protection. At the Series A and growth stage, Jason of Greylock emphasized the importance of the founding team, product architecture, and early customer traction. “We fall in love with the founders,” he said, and they also look at the first hires the founders make.

Greg at Crosspoint reminded the audience that even PE firms must stay plugged into early-stage innovation. “If you don’t understand early, you’re making a big mistake,” he said, pointing to how small acquisitions can roll into a larger go-to-market (GTM) strategy.

Market timing and scaling
All panelists agreed: market timing matters. “If you’re too early, you’ll burn capital educating the market. If you’re too late, you face a lot of competition,” Barmak noted. Jason added, “Velocity from $0–1M matters less than $1–100M.”

AI, GTM, and the talent gap
Unsurprisingly, AI was the hot topic. Investors want to see both security for AI and with AI. “You need a strong AI story if you’re raising right now,” Jason advised. But the AI wave is also reshaping the talent equation. Chenxi noted CISOs expect their teams to shrink over time with AI, not grow.

The outlook on exits
While the IPO window remains tight, panelists were optimistic about a resurgence in M&A. “M&A is coming back like a raging bull,” Greg predicted, especially for mid-market cyber companies that can demonstrate strong cash flow.

Final advice to founders
Whether bootstrapped or venture-backed, the advice was clear: know your GTM model, focus on building meaningful tech, and understand where you are in the market cycle. “There’s never going to be a lack of problems to solve in cybersecurity,” Greg concluded – and investors will be ready to back those who can solve them.

Got an idea for the next great cyber startup? Reach out to us!