More than 1.8 million people around the world have been killed by the novel coronavirus in the past 12 months since the first domestic death from the novel coronavirus was reported in Wuhan on January 9, 2020. The global economy has been hit hard, and social distancing policies in various countries have caused tens of millions of employees to turn to remote work. So far, this pandemic, which is rare in human history, is still raging.
For the global cybersecurity industry, 2020 is a purgatory-level challenge, not only to deal with security breaches and cyberattacks that have hit a record high in number, but also to escort “Dunkirk-style” large-scale remote work and cyberattacks at any time. Cloud migration. At the end of the year, the SolarWinds supply chain attack scored a full severity rating for 2020. This is the most serious cyber attack in the past decade, and a global cyberspace security cold war is brewing.
In 2020, there are many popular keywords for network security: security capability, security cloud, security left shift, security endogenous, security intelligence… In the network security environment that is increasingly combat-oriented, highly dynamic and high-intensity confrontation, network security vendors And companies are rethinking positioning, tactics and strategies.
Enterprise users and capital markets have begun to collectively reflect and re-evaluate the value and priority of cybersecurity. A number of CIO surveys around the world show that in the second half of 2020, cybersecurity has become the top priority of most enterprise IT budgets. Correspondingly, in 2020, China’s network security market will first “epidemic” and then rise, opening low and moving high. After the impact of the epidemic in the first and second quarters, the performance of most companies rebounded in the third and fourth quarters. The network security capital market is even more popular against the trend. Not only has the market value of the A-share network security sector hit a new high in the middle of the year, but the scale of venture capital financing has also continuously refreshed records.
In the face of the “advanced persistent threat” with the strongest “resident”, “lateral movement” and “iterative” capabilities in human history – the new coronavirus, zero trust (micro-isolation), rapid detection, analysis and response have been proven to be The most effective way to contain the new coronavirus epidemic.
Going back to 2020, when the “epidemic” first spreads and is reborn from the ashes, Security Bull analysts in this report will review and interpret the key variables and key variables of China’s cybersecurity industry from the five dimensions of industry, enterprises, users, capital, and policies for readers. trend.
2. Key findings of the cybersecurity industry
Finding 1: The total domestic network security market size in 2019 was 58 billion yuan, an increase of 32% year-on-year, and the growth rate of the industrial market size was much higher than the international average. With the development of new infrastructure and the regulation of a series of policies, China’s cybersecurity market will maintain a rapid growth trend in the next 3 to 5 years.
Finding 2: The fragmentation feature of the cybersecurity industry has existed for a long time, but based on the statistics of 2019, it is found that the overall market share of comprehensive enterprises continues to rise, and the trend of concentration in the cybersecurity field has begun to emerge.
Finding 3: The average profit margin of the entire network security industry is about 7.83%. Traditional security fields such as application security, security management and services, and business security have relatively high profit levels. Industrial control system security, cloud security, IoT security, and other emerging security technology fields It is still in the stage of market cultivation and R&D investment, and the overall profit margin is relatively low.
Finding 4: In recent years, the output efficiency of manufacturers in most sub-sectors of network security has been improving, especially in cloud security, business security, emerging security, IoT security and other fields. Efficient development. In 2019, the average per capita output of the cybersecurity industry was 638,200 yuan.
Finding 5: As data becomes an important asset for enterprise development, data security issues such as big data security, data leakage prevention, and privacy protection have become the protection and construction directions that Party A’s users focus on in this survey. Among the 72 security segments surveyed by Security Bull Top 100 CISOs, big data security, data leakage prevention, web security, APP security, advanced threat protection and privacy enhancement are the security segments that CISOs pay the most attention to.
Finding 6: The field of cybersecurity has received the most attention from the capital market. As cybersecurity has become an important part of the national security strategy, the valuation advantage of security companies has been further enhanced. Since the reform of the registration system, benefiting from the double benefits of industry policies and capital market policies, IPOs of cybersecurity companies have entered a period of intense outbreaks. Three hotspots in domestic financing transactions: identity and access control, security operations, and data security; three hotspots in overseas mergers and acquisitions: cloud security, security operations, and application security.
3. Core Insights – Industry
The Top 100 Security Bulls and Panorama collect industry information, which basically covers the network security industry enterprises, and calculates the annual security industry market size in the form of calculating the total enterprise income plus the estimated income of not included enterprises (cross-industry comprehensive manufacturers only calculate the security business income) . It is calculated that the total domestic network security market size in 2019 is 58 billion yuan, an increase of 32% over the previous year. In 2020, the market growth will be small due to the impact of the epidemic, but it is still a relatively fast growth compared to other industries, with an estimated growth scale of 8%. , and also calculate the network security market situation from 2017 to 2020 as shown in the figure below.
It can be seen that, except for the slowdown in market growth in 2020 due to the impact of the epidemic, China’s cybersecurity market has maintained a growth rate of more than 30% in recent years. Due to the influence of domestic policies, markets and other factors, the growth of the industry is much higher than the international average. With the development of new infrastructure and the regulation of a series of policies, China’s network security market will maintain a relatively large growth trend in the next 3 to 5 years.
According to Security Bull’s classification of products and services in the field of network security, security vendors are divided into 13 sub-fields according to the products/services they provide, namely: cloud security, application security, business security, emerging security, IoT security, data security, industrial control System/OT security, network and border security, identity and access control, endpoint security, security management and services, security operations, comprehensive, etc. By calculating the income levels of manufacturers in various fields in the past three years, the industry market situation is judged as shown in the figure below (some non-integrated manufacturers have multiple business fields, and the statistical amounts overlap in a small part):
It can be clearly seen from the above figure that the overall scale of all fields has increased significantly. Due to factors such as brand effect and scale effect, the overall income level of comprehensive manufacturers is much higher than that of others. In 2019, the revenue of comprehensive manufacturers in the network security market accounted for 39.64% of the total market. Due to the location of the industry chain, comprehensive manufacturers will also purchase products from various fields, and then provide comprehensive solutions to Party A.
According to the statistics of Safe Bull, the market share of each segment in 2019 is as follows:
In addition, by collecting the market share data of various fields in the past three years for comparison (see the figure below), it is found that the market share of comprehensive enterprises is increasing every year, while the market share of most sub-sectors is declining. However, the total market volume in various fields still maintains a relatively high growth state, and its revenue growth has not been affected by the decrease in market share. It can be seen from this that the network security market is in an increasingly concentrated industrial pattern. Comprehensive manufacturers occupy the direct Party A market by virtue of their own advantages. Improve its market position.
4. Core Insights – Enterprise Chapter
The distribution of the following manufacturers is based on the top 100 companies and panorama companies collected by Security Bull, and basically covers all fields of the security industry (a very small number of companies are not included, which does not have an important impact on the overall ratio). The situation is as follows:
Anniu collects various business data of enterprises in the security industry, and through multi-dimensional comparative analysis, the following business indicators are obtained: Anniu counts the income of enterprises in various fields in 2019, and makes a step-by-step statistics on enterprise income. According to the income range, it is divided into 5 stages, consisting of This statistics the concentration of revenue in various fields and the competition pattern of the entire market.
Comprehensive enterprises still occupy the majority of the market, and large-scale manufacturers occupy most of the market space. However, such as network border and security, cloud security, etc., still present a relatively loose competition pattern. There is no large-scale focused manufacturer.
According to statistics, the average profit margin of the entire network security industry is about 7.83%, of which the fields that exceed the industry average are:
Among the companies in the high-margin field, the product self-research rate is relatively high, and their field is relatively mature, which can generate stable income. In the fields of security operations, endpoint security, network and border security, IoT security, emerging security, cloud security, industrial control system/OT security, etc., where the profit margin has not reached the average value, in one case, due to the relatively small proportion of self-developed products, As a result, the gross profit is low. In another case, because the field is in its infancy and relatively immature in product research and development and the market, the overall income level is not high, resulting in a low profit level or even a temporary loss.
According to the statistics of Security Bull, in 2019, there were about 100,000 network security practitioners of manufacturers, and the average number of enterprises in various fields was:
Comprehensive enterprises are generally large-scale manufacturers, and their scale is usually large. Due to the participation of large and medium-sized manufacturers in business security and emerging security fields, the average staff size is also relatively large. However, manufacturers in some fields are generally small in scale due to factors such as their development stage and product nature.
In 2019, the average per capita output of the security industry was 638,200 yuan. Combined with the income of various companies in the past three years, the per capita output in each field was calculated. It can be seen that:
Although each manufacturer has different per capita output due to different business models, it can be seen that the output efficiency in most fields has been improving in recent years. Cloud security, business security, emerging security, Internet of Things security and other fields have increased significantly. Industry enterprises are also tending to develop more efficiently.
5. Core Insights – User Articles
We conducted a one-on-one survey of up to 105 IT and security technology decision makers (CIO/CSO) from more than 10 industries including government, finance, telecom operators, energy, Internet, manufacturing, medical care, education, etc. /CISO/CTO) in order to obtain more accurate and market-compliant data.
Divided by position of respondents, the proportion of respondents is as follows:
Respondents are widely collected for Party A, and the industry distribution is as follows (due to the large dispersion of the industry, only the industries that account for more than 1% of the total are included here):
After in-depth research on Party A’s enterprises, when customers choose suppliers, the key factors to consider include:
Company level: Since there are certain barriers to entry in the security industry, whether they have relevant qualifications also represents whether the relevant ability levels of the company and project personnel can pass the unified certification standards, which has become the entry threshold for the industry.
Product level: The product is the core of the enterprise, whether the technology of its own product is advanced, and its competitive advantage in similar products are important concerns for customers. At the same time, the degree of product customization and after-sales service will also bring a better experience to customers, which is more important in enhancing customer stickiness and satisfaction.
Success stories: Although many emerging companies have technological leadership and product characteristics in their specialized fields, many customers of Party A lack the ability to judge in-depth new technologies and models, and still hope that suppliers have mature cases for reference, including whether There are service cases of important customers, and whether the service has been recognized by them, etc., so as to strengthen the judgment basis for purchasing.
Security Bull concentrates Party A’s demands on 12 areas of security vendors, and has 72 categories under it. Party A makes selections according to their own needs and concerns. Among them, the total number of votes for hot spots in the field is as follows:
Based on its 72 subdivisions, Anniu surveyed Party A’s entire customer base and sorted them according to five priority levels. The top 20 subdivisions are as follows:
According to the statistics of the hotspots of Party A’s customers, big data security is the most concerned by Party A, such as data leakage prevention DLP and privacy enhancement. Although the overall attention ranking is slightly lower, the situation of being selected as the first choice is not compared with the overall attention. The security of big data with a large lead is low.
6. Core Insights – Capital
1. Financing events
1.1 Overview of domestic financing events in 2019 and 2020 (as of 2020.11.30)
Figure 1: Overview of domestic financing events in 2019-2020 (as of 2020.11.30)
1.1.1 Description of overall financing scale and financing amount (by month)
According to the collection and arrangement of public data, as of the end of 2019, there were 123 financing transactions in China’s cybersecurity market, with a total of 6.05 billion yuan in accumulated and public financing transactions.
Figure 2: Statistics of domestic cybersecurity financing in 2019 by month
According to the collection and collation of public data, as of November 2020, there were 106 financing transactions in China’s cybersecurity market, with a total of about 800 million yuan in accumulated and public financing transactions.
Figure 3: Statistics of domestic cybersecurity financing in 2020 by month
1.1.1 Explanation of the financing scale and financing volume (monthly/quarterly) of each segment
According to the collection of public data, we divide the financing projects into 12 categories of industries for statistical sorting.
In 2019, according to the number of transactions: by the end of 2019, the top three transactions in China’s cybersecurity market were data security, ranking first with 27 transactions; industrial control security ranking second with 20 transactions, and IoT security 19 The pen came in third.
Statistics by transaction amount in 2019: As of the end of 2019, the top three transactions in China’s cybersecurity market were 1.84 billion yuan for identity and access control, 1.40 billion yuan for security operations and 1.01 billion yuan for data security.
Figure 4: Statistics of domestic cybersecurity financing by primary industry in 2019
In 2020, according to the number of transactions: As of November 2020, the top three transactions in China’s cybersecurity market were identity and access control, ranking first with 19 transactions; Emerging Security ranked second with 12 financings Transactions; data security and industrial control system/OT security ranked third with 11 financing transactions.
Statistics by transaction amount in 2020: As of November 2020, the top three transactions in the overseas cybersecurity market were 2.68 billion yuan for identity and access control, 1.21 billion yuan for security operations, and about 800 million yuan for data security.
Figure 5: Statistics of domestic cybersecurity financing by primary industry in 2020
1.2 Overview of overseas financing events in 2019 and 2020 (as of November 30, 2020)
Figure 6: Overview of overseas financing events in 2019-2020 (as of 2020.11.30)
1.2.1 Description of overall financing scale and financing amount (by month)
According to the collection and collation of public data, there were 84 financing transactions in the overseas cybersecurity market in 2019, and the cumulative amount of financing transactions that occurred and was disclosed was US$4.83 billion.
Figure 7: Statistics of overseas cybersecurity financing in 2019 by month
According to the collection and collation of public data, as of November 2020, a total of 161 financing transactions have occurred in the overseas cybersecurity market, with a total of 6.39 billion US dollars in accumulated and public financing transactions.
Figure 8: Statistics of overseas cybersecurity financing in 2020 by month
1.2.2 Explanation of the financing scale and financing amount (by month) of each sub-sector
According to the collection of public data, we divide the financing projects into 12 categories of industries for statistical sorting.
Statistics by number of transactions: In 2019, the top three transactions in the overseas cybersecurity market were, the security management and service industry ranked first with 14 transactions; cloud security ranked second with 12 financings; Identity access and control and data security tied for third place with 11 funding rounds each.
Statistics by transaction amount: In 2019, the top three transactions in the overseas cybersecurity market were data security of US$1.02 billion, security management and services of US$870 million, and endpoint security of US$820 million.
Figure 9: Statistics of overseas cybersecurity financing by primary industry in 2019
Statistics by number of transactions: As of November 2020, the top three transactions in the overseas cybersecurity market were the security management and service industry with 28 transactions; security operations and identity and access control tied for second place. 24 financing transactions occurred.
Statistics by transaction amount: As of November 2020, the top three transactions in the overseas cybersecurity market were USD 1.25 billion in cloud security, USD 950 million in security management and services, and USD 800 million in endpoint security.
Figure 10: Statistics of overseas cybersecurity financing by primary industry in 2020
For details of the following parts, please refer to the “2020 Cybersecurity Industry Core Insights Report”.
1.3 Comparison of domestic and overseas financing events
1.3.1 Explanation by comparison of overall financing scale and financing amount
1.3.2 Comparison and explanation of financing scale and financing amount in each sub-sector
2. IPO event
2.1 Overview of domestic IPO events in 2019 and 2020 (as of 2020.11.30)
2.2 Overview of overseas IPO events in 2019 and 2020 (as of 2020.11.30)
3. Listed company performance
3.1 Performance of relevant domestic listed companies
3.1.1 Description of the overall performance of listed companies in 2019 and 2020 (as of 2020.11.30)
3.1.2 Interpretation of Regulatory Policies
3.2 Performance of overseas listed companies
3.2.1 Description of the overall performance of listed companies in 2019 and 2020 (as of 2020.11.30)
3.2.2 Comparison with the overall performance of relevant domestic listed companies
4. M&A events
4.1 Overall description of domestic related M&A events in 2019 and 2020 (as of 2020.11.30)
4.2 Overall description of overseas M&A events in 2019 and 2020 (as of 2020.11.30)
7. Core Insights – Policies
With the implementation of the “Cybersecurity Law” and the continuous innovation of the industry, the state has successively introduced industrial policies related to cybersecurity, which has also brought a positive impact on the development of the cybersecurity industry.
From the important policies related to the cybersecurity industry from 2019 to 2020, it can be seen that the state has always maintained a supportive attitude towards the cybersecurity industry, regulating relevant standards from multiple dimensions in the form of policies and laws and regulations. Compared with the entire security industry, it can not only stimulate the rapid growth of the industry in the short term, but also promote the healthy and sustainable development of the network security industry.
8. Top 100 Chinese Cyber Security Enterprises
Security Bull looks at security from the four dimensions of operation, users (Party A), industry, and social contribution, emphasizing the “trinity” of the network security market ecology and strategy, technological innovation and delivery, customer value and satisfaction, and compiles Chinese network security enterprises. Top 100.
(The relevant industry data in this report comes from the actual survey of enterprise users and security vendors by Safe Bull, and the capital data comes from the support of Navigation Capital.)