Internet Explorer is not supported by our website. For a more secure experience, please use Chrome, Safari, Firefox, or Edge.
Infrastructure Software
Lior Mallul, Scott Tobin  |  August 17, 2022
Don’t Throw It on the CISO – Security Is a Big Problem for Go-To-Market Executives As Well

Corporate chief information-security officers, or CISOs, have long been the primary buyers of security solutions for enterprises. All told, these executives have been spending significant amounts of money–$172 billion on information-security and risk-management tools and services this year, as estimated by Gartner— to protect their business’s “attack surfaces” (generally networks and corporate software applications) from intruders.

But in the meantime, other parts of big organizations, such as sales-and-marketing departments, haven’t received the same type of cybersecurity attention—despite increasing threats to their systems that have 1) exposed them to potential bad actors, and also 2) increasingly interfered with their ability to leverage crucial internal data to track potential customers and increase their companies’ revenue. It’s an emerging threat area and one we think new cybersecurity startups would be smart to target.

The need for more solutions geared toward non-CISO executives inside companies is clear: More than 40% of all web traffic is believed to be driven by “fake actors”—bots, fake accounts, malicious site visitors, fraudsters, click farms, automation tools, and proxy users, among others. The threat to go-to-market (GTM) organizations posed by these fraudsters is increasing large, as teams run by CMOs, CROs, corporate data-chiefs and others routinely collect and leverage critical user data through online channels affected by these nefarious agents. These channels include web forms, paid marketing campaigns, tag managers, analytical tools, and various other sources, and they are all part of the “fake actors” attack surface.

For different purposes including BI, analytics, and target-audience compilation, all the data (valid and invalid) collected is then fed into teams’ CRMs/marketing funnels/BI systems, etc.

When such a high proportion of traffic entering these channels is invalid, it’s no longer clear for GTM teams whether a marketing lead is valid or not. So they can no longer draw conclusions from that data, and this erodes the GTM teams’ ability to make accurate strategic decisions. Moreover, forecasting, budget planning, A/B testing, optimization, and measurement are all compromised. Fake actors can also create problems that drive up customer-acquisition costs and cost-per-acquisition or action, decrease contract value, and lengthen deal cycles.

Additionally, inaccurate data fed into the company’s core data repositories could introduce an issue with data drift; a machine-learning model’s accuracy only holds up if the data fed into it during production is sufficiently similar to the data on which it was trained, so it’s important for GTM teams using ML to ensure they get rid of any invalid data.

Finally, fake actors can significantly affect a company’s performance in the public markets. In February 2022, 4.5 million PayPal accounts were found to be fake, created by bots to take advantage of the free cash “welcome incentive” for new PayPal accounts. The discovery contributed to one of the company’s largest stock plummets. And of course, Elon Musk is famously trying to get out of his offer to buy Twitter for $44 billion because he’s argued the site is rife with fake accounts.

All in all, the lack of GTM security solutions leads to a significant waste of marketing dollars, a particularly serious problem in today’s volatile market environment, in which most organizations are striving to be more efficient and restrain costs. In the US alone, $62 million out of $407 million in advertising spending was wasted due to digital ad fraud, which made up 15% of the total spend. Impreva’s Bad Bot Report, is estimating to bot problem to be getting worse, as bad bot traffic maintains its upwards trend, amounting to 27.7% of all website traffic in 2021.

From an e-commerce perspective, it is estimated that 470 million so-called online shoppers are actually bots and fake users, according to GTM security-suite provider CHEQ*. Global e-commerce accounts for 22% of total sales, up from 15% in 2019. Given the post-Covid rise in e-commerce and digital offerings more broadly, at the expense of brick-and-mortar, the fake web problem is becoming even more acute. Case-in-point: Online retailers lose $5.7 billion annually to bots abandoning carts.

Our portfolio company CHEQ*, which makes an integrated GTM security suite, isn’t the only company attacking this issue. HUMAN Security, which just merged with competitor PerimeterX; Netacea; Cloudflare; and DoubleVerify are also active in the space. We have been impressed with CHEQ’s specific ability to help customers battle web scraping, account takeovers, lead-gen fraud, user hijacking, carding attacks, chargeback fraud, click fraud, new account fraud and other issues, and the company just today strengthened its position in the market by announcing the acquisition of security startup Ensighten. The landscape is only getting more hostile, and more CMOs and CROs will need to get smart about security to keep their businesses running efficiently.

Battery Ventures provides investment advisory services solely to privately offered funds. Battery Ventures neither solicits nor makes its services available to the public or other advisory clients. For more information about Battery Ventures’ potential financing capabilities for prospective portfolio companies, please refer to our website.

*Denotes a past or present Battery portfolio company. For a full list of all Battery investments, please click here. No assumptions should be made that any investments identified above were or will be profitable. It should not be assumed that recommendations in the future will be profitable or equal the performance of the companies identified above.

Content obtained from third-party sources, although believed to be reliable, has not been independently verified as to its accuracy or completeness and cannot be guaranteed. Battery Ventures has no obligation to update, modify or amend the content of this post nor notify its readers in the event that any information, opinion, projection, forecast or estimate included, changes or subsequently becomes inaccurate.

Back To Blog
Related ARTICLES