Option3 is a is a specialist cybersecurity private equity firm based in New York and Reston, Virginia that combines experience from the classified world of U.S. national security with decades in investing, capital markets, and M&A. Since 2015, Option3 has invested in a variety of innovative companies across the cyber ecosystem, through two investment portfolios.
TechEchelon recently interviewed Option3’s newest partner, Mike Moen, on the firm’s current work in the area of zero trust and what to expect in the months ahead.
Q: What is zero trust and why is it important today?
The Zero Trust model is increasingly important in today's cybersecurity landscape, especially for entities involved in national security and defense. This model shifts the focus from traditional security standards, which operated on implicit trust within a network perimeter, to a more rigorous, "never trust, always verify" approach. Statista predicts that by 2027 the Zero Trust marketplace will grow to 60 billion dollars.
Given the sophistication of modern cyber threats, the relevance of Zero Trust cannot be overstated. Cyber-attacks are no longer just external threats; they often involve internal networks, making the old model of a secure perimeter obsolete. The Zero Trust model assumes that a breach is either inevitable or has already occurred, which is a realistic approach for high-stakes environments like defense, critical infrastructures, and research and development organizations whose IP and data are highly priced by nation-state cyber attackers.
In these sectors, the consequences of a security breach are significant. Therefore, implementing Zero Trust principles—such as strict identity verification and continuous validation for every individual and device attempting to access network resources—becomes vital. Access is granted on a one-to-one basis -one identity to one resource and under what circumstances can it be accessed such as time of day or physical location. An entity will normally have access to multiple resources, but this access is granted explicitly to each entity for each resource. This approach effectively minimizes the attack surface, restricts lateral movement within networks, and provides a secure defense against both external and internal threats.
The transition to Zero Trust is a strategic necessity. Current cybersecurity defenses are failing too often due to holes in the security architecture and the shortage of manpower to analyze all the potential alerts from the existing security system. Zero trust can help automate significant parts of security. For example, a security alert that someone is accessing resources to which they are not authorized will be automatically blocked by Zero Trust.
Q: What is Option3’s role in delivering zero trust solutions?
Option3 has been tracking the development of Zero Trust technologies since 2017. Our first key area of involvement is in identifying and supporting the development of cutting-edge cybersecurity technologies that form the backbone of Zero Trust architecture. We have invested in multiple companies that have unique Zero Trust capabilities and are in the process of integrating these technologies into a product called Military Grade Zero Trust™. This product will provide the best Zero trust security for defense, critical infrastructure, and research organizations as well as other businesses. In addition, our product will be “Dellferized” and cannot be compromised by hackers so the foundation of an organization’s security will always be protecting their computer networks.
In addition to technology investment, our deep understanding of the national security landscape equips us to tailor Zero Trust solutions specifically for defense and intelligence communities. This involves not only providing the technology but also integrating it seamlessly into existing systems and processes, ensuring that these solutions address the unique challenges and high-security requirements of these sectors.
Furthermore, our role encompasses advising and guiding organizations through the strategic implementation of Zero Trust frameworks. This involves conducting thorough assessments of existing security postures, identifying areas of vulnerability, and formulating strategies for a comprehensive transition to Zero Trust architecture. Our approach is holistic, ensuring that the adoption of Zero Trust principles aligns with each organization's specific operational needs and security objectives.
Our role at Option3 in advancing Zero Trust solutions is critical. It spans technological innovation, strategic implementation, and advisory, all tailored to meet the high-security demands and specificities of organizations operating in sensitive and critical domains. Our involvement is critical in enhancing the overall security posture of these organizations to effectively combat evolving cyber threats.
Q: How robust is the current zero trust market considering broader market uncertainties?
The current Zero Trust market is showing remarkable resilience amid broader market uncertainties, a trend that is expected to strengthen, especially in light of recent governmental guidelines. The resilience of the Zero Trust market can be attributed to its recent Executive Order by President Biden, mandating the adoption of Zero Trust architectures government-wide, which is a testament to the model’s robustness and its perceived importance at the highest levels of government. This directive not only underscores the government's commitment to bolstering national cybersecurity but also serves as a strong endorsement of Zero Trust as a key defensive strategy against cyber threats. Such a high-profile endorsement naturally boosts the market, driving demand for Zero Trust solutions across various sectors. The Biden administration has budgeted $12 billion in this fiscal year for Zero Trust solutions across the federal government. Future market insights predict the zero trust security market is expected to reach US$ 118.7 Billion by 2032, growing at a CAGR of 15.1% from 2022 to 2032.
This demand is further elevated by the evolving nature of cyber threats, which are becoming more sophisticated and pervasive. As traditional security perimeters become less relevant in the face of advanced threats and the increasing adoption of cloud services, remote work, and mobile access, Zero Trust principles are being recognized as more than just a trend—they are seen as essential for ensuring cybersecurity.
The Zero Trust market is not only strong in the face of current market uncertainties but is also poised for growth, driven by governmental mandates and the increasing necessity to adapt to evolving cyber threats. The market's resilience is a clear indicator of the critical role Zero Trust plays in the modern cybersecurity landscape.
Q: Is Option3 working on any initiatives to advance dual-use cybersecurity capabilities – that is, for national defense and innovation in the private sector?
Option3's initiatives are strategically tailored to advance dual-use cybersecurity capabilities Our Military Grade Zero Trust™ product can be used by all components of the federal government including defense, all critical infrastructures as well as businesses. Within these organizations are both Information Technology (IT) business systems, and Operational technology networks running water works, factories, power plants, gas pipelines, communication networks, and the Internet of Things (IoT). Our capabilities address the needs of both national defense and the private sector's drive for innovation. In today's digital landscape, where the demands of national security and commercial cybersecurity increasingly overlap, our approach is crucial.