Temasek ramping up focus on cybersecurity assets
Long seen as the world’s standout technology investor among sovereign wealth funds, Temasek also appears to be blazing a trail in cybersecurity.
Riding the global wave of heightened cyber resilience it has built a cybersecurity platform: one that provides security solutions for its portfolio companies and serves as a due diligence factor to evaluate future investments in the space.
In an intricately connected digital world where existing security systems are constantly challenged, it started looking at cybersecurity five years ago and it has become more active in the past two years, Yeoh Keat Chuan, managing director of Temasek’s enterprise development group, told AsianInvestor.
“It's very much in line with the trends we are looking at, whether it's a more connected world and smarter systems,” Yeoh said in an interview, “but, secondly, it's just the growth in digitalisation that really requires a secure environment.”
The cybersecurity sector globally attracted an estimated $5.3 billion of venture capital funding in 2018 and has spawned a steady stream of mergers and acquisitions over the past three years. In addition to that, four security firms went public last year on major global stock exchanges, raising a record $1.4 billion in total.
So it's no surprise that avid tech investors such as Temasek are also increasingly getting involved in the burgeoning industry. In September last year, the sovereign fund set up Ensign InfoSecurity (Ensign), a joint venture formed with telecommunications company Starhub, to provide cybersecurity solutions.
Most recently, the fund agreed to purchase D’Crypt from Starhub for up to $133.6 million and to place the cryptographic tech firm within the Ensign family.
The potential spending on information security products and services worldwide is enormous. Specialist services firm Varonis estimates that company cybersecurity budgets rose by 141% between 2010 and 2018 and that worldwide spending on information security could total $124 billion in 2019 as companies shell out more money to ensure compliance with privacy laws.
In Asia, Southeast Asia is a particular focus. With Asean countries reportedly used as “launchpads for attacks”, regulators are trying to catch up by plugging cybersecurity and data loopholes. The Monetary Authority of Singapore, for example, issued new rules on August 6 to urge financial institutions to bulk up on cyber resilience.
Allocating to cybersecurity assets serves to generate more than just investment returns for Temasek’s portfolio.
“As an asset owner, we wanted to make sure that our portfolio companies have access to the high-quality cybersecurity solutions that they need,” Yeoh said.
Having cybersecurity solutions and intelligence readily at hand also allows the sovereign fund to asses such risks in their due diligence processes for future investments.
“As we look at new investment opportunities, we think that cybersecurity is a risk factor that should be evaluated and taken into consideration,” he added.
To see to these needs, the Singaporean fund has taken stakes in cybersecurity companies in the US and Israel, as part of its plan to build what Yeoh dubbed a “cybersecurity platform”.
“The capability cannot just come from Singapore because it is not sufficient,” Yeoh said, noting how more sophisticated cybercriminals wielding advanced tools were ready to take advantage of companies that acted too slowly.
In the Asia-Pacific region, according to a report by cybersecurity firm FireEye, the median number of days for breaches to go undetected last year was 204. This is almost three times higher than that of Americas, which had a median dwell time of 71 days in 2018.
“In parallel with Ensign, we set about investing in companies globally to be able to draw on their capabilities,” he said.
Temasek has so far invested in two Israeli security firms – Sygnia and Claroty – as well as another one in the US called BlueVoyant. In addition, Temasek’s Ensign has formed a joint venture in Singapore with the US firm IronNet.
Another key element to the cybersecurity-centric part of Temasek’s portfolio is its commitment to venture capital funds dedicated to, simply, cybersecurity. The funds, unsurprisingly, are of Israeli and US origin too.
“The [venture capital] funds give us insights into what are the latest technology trends, what are promising products companies, [and] whether we should be combining and integrating them into our cybersecurity platform,” Yeoh said.
Yeoh said the sovereign fund also considered reaching out to promising growth companies from the cybersecurity funds that it invested in, such as Team8.
“We had invested in Team8’s fund about five years ago, and the two companies that are on the platform, Sygnia, and Claroty, came from Team8,” he said.
But when pressed with questions on whether Temasek will up their investments in the cybersecurity space going forward, Yeoh kept his cards close to his chest.
“We continue to scan the horizon in terms of new investment opportunities and those that have a good fit with our platform,” he said.
He added that the focus for Temasek right now is for the platform to “go to market”.
“Ensign today is about 500 people and the priority is ensuring successful partnerships with the companies like IronNet, like Sygnia, like Claroty,” he said, “and then engaging with the Temasek portfolio companies as well as customers in the region.”
Article updated to clarify Temasek's role as an institutional investor.