By Sean Drake, Venture Investor Reporter for Cyber Defense Magazine

As one of the top Venture Investor Reporters for CDM, I get to cover all the hot and interesting cybersecurity investments in America.  Over the past nearly 10 years, it has been both challenging and rewarding to lead Stony Lonesome Group (SLG) in its mission of making early-stage venture capital investments. Among the verticals where SLG has made successful investments in the cybersecurity sector.  Based on our experience, my purpose is to share with other potential investors some of the criteria and processes SLG uses to select our cybersecurity investments.

At the outset, it’s appropriate to mention that SLG has a unique approach to selecting and implementing investment vehicles.  Also, this article is about making investments in cybersecurity companies.  As a result of this focus, this article is limited to the cybersecurity sector and does not delve into broader considerations like due diligence, intellectual property protections, and the art of financial business evaluations.

As an organization founded by service academy graduates, and oriented toward veteran entrepreneurs, SLG is fortunate to be able to integrate many of the most important values of dedicated military service.  To be clear, that is a starting point, building a strong foundation.  We might refer to such attributes as a dedication to the mission, the ability to face risk head-on, and relentlessness in driving to build a great business as necessary, but not sufficient, in our investment philosophy.

Of course, each potential investor will have specific criteria and needs in evaluating such investment opportunities, but there are some general characteristics and rules SLG has developed, and which we believe are broadly applicable.  For this purpose, we’ll address the fundamental criteria and evaluation process, and encourage readers to customize to meet their own needs.

Cybersecurity as a profession and as a field of business endeavor is both unique and ubiquitous.  Certainly, the vast growth in cyber vulnerabilities has been a result of the multiplier effect of applications and points of vulnerability.  For example, the Internet of Things (IoT) reflects an exponential growth in the number of inter-connected devices, which in turn present many more opportunities for access by unauthorized parties.

Similarly, burgeoning internet commerce applications with overwhelming daily numbers of financial transactions have multiplied the pool of sensitive data collected, held, transmitted, and processed globally every single day.

Like other small businesses, or those starting small with the intention of growing large, one of the traits is the ease of entry – almost anyone with a marketable idea for a product or a service and the resources to develop it can launch a cybersecurity business.

Also, as with other small businesses, cybersecurity is subject to the ease of exit – that is, there comes a point at which the start-up must grow or die.  Many of them do not have access to sufficient capital to grow, resulting in many cases in early failure.

These start-ups tend to be financed initially by current resources of the principals, then extending to friends and family, until they require outside financing.  As might be expected, arm’s length investments come with more scrutiny and conditions than those from friends and family.

With that background perspective, SLG utilizes a variety of criteria to evaluate investment candidates.  Among them are the following:

  • Professional experience of the principals in cybersecurity activities
  • Distinguishing characteristics of the service or product in solving specific cybersecurity challenges
  • Unique value proposition of the service or product, with a cogent response to the question “What cybersecurity problem does it solve?”
  • Presence or absence (or likelihood of unknown) competitors, usually in the dynamic cybersecurity marketplace
  • Protection of intellectual property, usually through the use of NDAs and copyrights
  • Opportunity for a return in excess of the magnitude of the risk of investing in the company
  • Other advantages and disadvantages of the prospect company

SLG is fortunate to have both internal and partner resources to evaluate specific verticals within the cybersecurity marketplace.  Our venture partners are often prepared to provide consulting services or board service to support the endeavors of companies in which we invest.  We are also capable of working with other potential investors to take a position as an investing partner in exchange for our ability to evaluate the prospect company.

SLG invites prospective investors and companies seeking mezzanine financing to review the detailed information posted at our web site and to inquire directly about how SLG can assist them in implementing their plans for success.

About the Author

Sean Drake is a regular contributor to Cyber Defense Magazine as our exclusive Venture Investor Reporter.  He is also the Founder and Managing Partner of Stony Lonesome Group.  He is a graduate of the United States Military Academy and holds a Master’s degree from the University of Colorado.  He served as a Captain in the U.S. Army as a Platoon Leader and Executive Officer, with several specialized functions, including Ranger Tab, Airborne, Expert Infantry Badge, and Master Fitness Trainer.  To learn more, visit us at and