×

Cybersecurity industry has failed the market: CEO

Even as data hacks and cybercrime escalate, inflicting damage on governmental entities and corporations, cybersecurity companies shouldn't be ramping up their ammo.

"This is not a different type of attacker," said Tanium co-founder and CEO Orion Hindawi. "It's the same type of stuff we've been seeing for 20 years, just more of it."

Tanium, a California-based security start-up, is valued at $3.5 billion and counts Visa, Target and Amazon among its customers. Hindawi, who co-founded the company in 2007 with his father, said their success has come from avoiding the pitfalls of focusing on threats from other nations and large-scale security breaches.

"Our industry has really failed our market," he told CNBC. "We have, as an industry, been distracting people and have them focus on advanced threat and nation-states."

Hindawi said the cybersecurity industry needs to take a back-to-the-basics approach.

The recent spate of cyberattacks in the headlines don't reflect the nature of most hacks.

The White House publicly blamed Russia on Friday for political hacking attacks "intended to interfere with the U.S. election process." In June, one year after the U.S. Office of Personnel Management confirmed it had been the victim of a hack that exposed the records of millions of Americans, Russian hackers allegedly penetrated the Arizona and Illinois election systems.

The private world isn't safe, either. A breach of 500 million user accounts from Yahoo represents the largest data hack from a single site in history. The attack put Yahoo in a growing club of global businesses breached by criminals. Other high-profile targets have included Sony, Target and Home Depot.

But most of the attacks hitting Tanium customers are "prosaic," Hindawi said. And the costs of dealing with cyberattacks is high and rising.

Cybercrime will cost the global economy $445 billion in 2016 — more than the market cap of ExxonMobil ($360 billion), Facebook ($368 billion) and Amazon ($397 billion), according to an estimate from the World Economic Forum's 2016 Global Risks Report.

The best way to fight this cyberwar is to get back to basics, like knowing how many computers a company has and gaining control over them in seconds.

"That will have a meaningful, positive impact on the likelihood [companies] will be breached," Hindawi said.

Tanium is planning to go public within 18 months, Hindawi said.

The company could benefit from the recent spike in unprecedented levels of spending on cybersecurity solutions. Spending in both public and private sectors is expected to increase from $75.4 billion in 2015 to $170 billion in 2020, according to research firm Cybersecurity Ventures.

But a ripe market doesn't necessarily guarantee long-term success.

Security companies have recently suffered on the public markets. Secureworks raised less than expected in its initial public offering in April and has since fallen about 10 percent. Even shares of Rapid7 and FireEye, which popped 70 percent to 80 percent at their debut, are now trading well below their IPO prices.

— By Aneri Pattani, special to CNBC.com