The R&D Tax Credit Aspects of Cyber Security Start-Ups

By , , and

        The ongoing mass migration of IT services to the cloud along with an unprecedented growth in the number of connected devices have considerably increased the exposure to cyber risks. A 2016 study by the Ponemon Institute revealed that a typical enterprise faces a 26 percent chance of experiencing a data breach involving at least 10,000 lost or stolen records within the next couple of years - an incident that costs, on average, $4 million.  At a global scale, cybercrime is expected to cost the world $6 trillion annually by 2021, due to theft and destruction of data, stolen money, lost productivity, disruption of business, reputational harm, among other potential damages.  

        The ever-expanding spectrum of cyber threats calls for the urgent development of new and improved cyber security solutions. A growing number of start ups throughout the country are responding to this call and leading the way in cyber security innovation. The present article will give an overview of such start ups and explain how they can take advantage of the Research and Development (R&D) Tax Credit legislation, which was recently amended by Congress in a favorable way for taxpayers.  

The Research & Development Tax Credit

        Enacted in 1981, the federal Research and Development (R&D) Tax Credit allows a credit of up to 13 percent of eligible spending for new and improved products and processes. Qualified research must meet the following four criteria:

                  • New or improved products, processes, or software
                  • Technological in nature
                  • Elimination of uncertainty
                  • Process of experimentation

        Eligible costs include employee wages, cost of supplies, cost of testing, contract research expenses, and costs associated with developing a patent. On December 18, 2015 President Obama signed the bill making the R&D Tax Credit permanent.  Beginning in 2016, the R&D credit can be used to offset Alternative Minimum Tax and start up businesses can utilize the credit against $250,000 per year in payroll taxes.

Start-Up R&D Tax Credit

        The new federal tax law is extremely beneficial for start ups.  For the first time ever, a qualifying start up can use the credit against $250,000 per year in payroll taxes beginning January 1, 2016.  Essentially, with the new start up provision, companies can claim the credit even if they do not pay income tax and regardless of their profitability.

Tax Credit Example

        A company owes $300,000 in payroll taxes and they qualify for $100,000 in R&D Tax Credits. The R&D credit can now be applied to payroll taxes. Therefore, the amount of the payroll tax that has to be paid is reduced to $200,000. The most amount of money that can be deducted annually from the payroll R&D Tax Credit is $250,000. Therefore, if the company qualifies for $300,000 in R&D credits, the company would now only owe $50,000 in payroll taxes.

Illustration of the Tax Credit Opportunities

        Crunchbase lists over 1,200 cyber security companies globally, a great portion of which are located in the U.S. and can benefit from R&D tax credits. Figure 1 below illustrates the start-up tax savings available to U.S. cyber security start-ups at various company counts and technical employee levels (up to 1,200 cyber security start-ups).

Figure 1:

Cyber Security Segments

        The cyber security landscape is constantly evolving. The idea of lone hackers and isolated attacks has been replaced by large, organized groups and advanced persistent threats capable of doing significant harm. The list of potential targets is no longer restricted to computers, networks, and mobile devices, but includes an ever-growing number of connected devices and systems, from cars and power grids to baby monitors and pacemakers. In a nutshell, attackers are continually finding new and more pervasive tactics to overcome existing defenses.

        The only way to keep pace with the dramatic rise of cybercrime is through innovation. In fact, the increasing diversification within the cyber security market is a direct response to an also diverse set of sophisticated threats. New York-based CB Insights identifies eleven categories within the cyber security start up market, as presented in the chart below.

Network & Endpoint Security Network security is a general term that describes physical and software preventative measures against all sorts of unauthorized access, misuse, malfunction, modification, destruction, or improper disclosure of networking infrastructure. Endpoint security is a more specific term that refers to the threats that arise from remotely connecting users’ endpoint devices, such as laptops, smartphones, and tablets, to a corporate network.
Internet of Things (IoT) & Industrial Internet of Things (IIoT) Security The IoT is built upon an unprecedented number of digitally connected devices and their ability to automatically transfer data over a network. This relatively new field is an attractive target for cybercriminals, as the growth of connected devices is accompanied by a multiplication of potential attack vectors. User safety and privacy are areas of major concern.
Threat Intelligence Cyber threat intelligence provides in-depth, refined information about potential and ongoing attacks to an organization. By shedding light on existing threats and vulnerabilities these solutions provide support for improved security strategies.
Mobile Security The exponential increase in mobile devices and applications has accentuated the vulnerabilities associated with wireless computing. Mobile security solutions aim to protect portable devices and the networks they are connected to against a growing number of threats, which include device loss, application security, data loss and theft, and malware attacks.
Behavioral Detection Behavioral anomaly detection solutions provide continuous monitoring of unusual events and trends in an organization’s network. Contrary to systems that use a signature-based approach, these solutions focus on the executable actions of potentially malicious software and are thus particularly effective against polymorphic threats.
Cloud Security As cloud computing become increasingly ubiquitous, so do the threats related to cloud security. The very nature of the cloud, which is a shared and remote resource, poses a myriad of concerns pertaining identity management, privacy, and access control. Cloud security solutions aim to address potentially vulnerable areas of private, public, and hybrid clouds.
Deception Security Deception technology focuses on attackers that have already entered the network. It uses decoys and misdirections that mimic genuine IT assets as a means to prevent the attacker from reaching its target.
Continuous Network Visibility By providing constant monitoring of network activity, continuous network visibility solutions enable real-time responses to cyber attacks.
Risk Remediation Risk remediation offers a comprehensive view of existing vulnerabilities in technologies, people, and processes. Based on this information, a new security approach is designed in order to provide countermeasures that reduce cyber-asset’s susceptibility.
Website Security Websites are exposed to various security risks and so are the networks to which web servers are connected. By their very nature, websites constitute a window between an organization’s network and the world. Website security solutions limit the kind of exchange that takes place through this window and thereby limits the exposure to cyber threats. Examples include pinpointing malicious traffic, such as bots.
Quantum Encryption Quantum cryptography uses the science underlying quantum mechanics to provide secure communication. Contrary to conventional cryptography, which relies on mathematics, quantum encryption uses physics as its foundation. By leveraging the intrinsic quantum properties of photons, this kind of encryption offers complete security that cannot be compromised without the knowledge of the sender or the receiver of the messages.

The Cyber Security Market

        The global cyber security market has undergone a vertiginous growth. Over the thirteen-year period between 2004 and 2015, it grew from $3.5 billion to $75 billion. The 2016 Cyber Security Market Report, by Cyber security Ventures, forecasts that $1 trillion will be spent on cyber security between 2017 and 2021, leading to a 12-15 percent year-over-year market growth. 

        The report highlights the beginning of an upward trend in government and corporate cyber security budgets. Examples include J.P. Morgan Chase & Co., which doubled annual spending from $250 million to $500 million; Bank of America, which pledged to an unlimited cyber security budget; and the U.S. government, which announced a 35 percent increase in cyber security spending, from $14 billion in 2016 to $17 billion in 2017. Founder and Editor-In-Chief of Cyber security Ventures Steve Morgan states that “Incremental increases in cyber security spending are not enough. We expect businesses of all sizes and types, and governments globally, to double down on cyber protection.”

        Big companies are becoming increasingly active in the cyber security market, particularly through strategic acquisitions. IBM and Cisco, for instance, have $2 billion and $1.75 billion cyber security businesses respectively. However, some of the most promising and groundbreaking initiatives in cyber security come from the start up scene. The following paragraphs present an overview of innovative cyber security startups around the country.

I.    California:

        Appthority: Founded in 2011, this San Francisco-based start up helps companies identify and manage the risks associated with mobile applications on employees’ devices. Paul Stich, CEO of Appthority underscores that “mobile security has not kept up with mobile adoption and app consumption” and, for this reason, employee mobile apps represent one of the most significant blind spots in corporate cyber security. To fill this gap, Appthority offers scalable, automated, and customizable mobile threat prevention solutions designed to extend the enterprise security perimeter to include its employees. The company secured $7 million in Series B financing in July 2016 from Trident Capital Cyber security. With 106 percent year-over-year growth for the first semester of 2016, Appthority has an expanding customer base in the governmental, financial services, and manufacturing sectors, including various Global Forbes 100.  

        Cymmetria, Inc.: Located in Palo Alto and Tel Aviv, Cymmetria is at the forefront of deception-based cyber security. Targeting advanced attacks, the company’s MazeRunner works as a platform for creating deception stories. It uses decoy virtual machines and so-called “digital breadcrumbs” to build realistic environments specially designed for hunting attackers. In July 2016, Cymmetria discovered a targeted attack that has infected an estimated 2,500 high-value targets around the globe. The “Patchwork” was the first targeted threat to be captured using a commercial deception product.  

        Exabeam: Headquartered in San Mateo, Exabeam provides security intelligence solutions based on user and entity behavior analytics. Leveraging various sources of data, the company’s Advanced Data Science solution quickly detects attacks, prioritizes incidents, and guides responses. On September 27, 2016, the startup unveiled the Exabeam 3.0 with new elastic architecture specially designed for detecting and responding to non-human insider threats. The innovative solution aims to give greater visibility into automated machine accounts, including applications, workstations, and servers, which remain a major blind spot in cyber security. Even though these machines with credentials have access to sensitive information, they are almost never monitored, due to the amount of traffic they generate.  

        HackerOne: Founded in 2012, HackerOne is at the forefront of cyber security information sharing. The San Francisco-based company is the creator of the world’s leading bug bounty and vulnerability platform. It consists of a community of trustworthy hackers that help spot clients’ most critical software vulnerabilities before criminals can exploit them. Each participant is ranked and builds a reputation as they work in the platform. As of June 2015, HackerOne had uncovered more than 10,000 vulnerabilities and paid hackers over $3 million. Customers include General Motors, Adobe, Uber, the U.S. Pentagon, Salesforce, Twitter, Yahoo!, Dropbox, Square, LinkedIn, Snapchat, and Airbnb.

II.    D.C. / Virginia / Maryland:

        ZeroFOX: Social media is the world’s fastest growing cyber security threat vector. In fact, network compromise via social media outpaces all other web-based attacks, beating email by a factor of 10x. Founded in 2013, ZeroFOX aims to tackle this problem by offering protection against the dynamic risks of social media and digital channels. The Baltimore, Maryland-based company has developed a cloud-based, Software as a Service platform that processes millions of posts and accounts across the social landscape (including Facebook, LinkedIn, Twitter, Instragram, etc.). It combines data science and machine learning to expose social media threats, explore attacker tactics, techniques and procedures (TTPs), and help drive technological innovations and best practices to remediate threats.

        IronNet: Founded in 2014 by retired four-star general and former NSA Director Keith Alexander, this Fulton, Maryland-based startup raised $32.5 million in funding in October 2015.  IronNet’s proprietary technology includes real-time visibility and situational awareness; sophisticated behavior models that identify anomalous activity; advanced analytics to support early detection of malicious activity and provide actionable intelligence; as well as automated and manual options for mitigating both external and internal cyber threats.

        ThreatQuotient: Located in Reston, Virginia, ThreatQuotient has created an open and extensible threat intelligence platform that accelerates the transformation of threat data into actionable threat intelligence, enabling analysts and defenders to be more effective and efficient. The innovative ThreatQ platform centrally manages and correlates unlimited external sources with all internal analytics solutions for contextual, operationalized intelligence in a single pane of glass.

        Distil Networks: Headquartered in Arlington, Virginia, Distil developed a platform for bot detection and mitigation. It offers Software-as-a-Service solutions focused on stopping automated attacks without impacting legitimate users.  Distil protects against web scraping, brute force attacks, competitive data mining, online fraud, account hijacking, unauthorized vulnerability scans, spam, man-in-the-middle attacks, digital ad fraud, and downtime. The company raised $21 million in a Series C round in August 2.

III.    Georgia:

        Bastille: Headquartered in Atlanta, Bastille is a pioneer in IoT security. Using proprietary software and sensor technology, it has developed a groundbreaking ambient detection solution that scans the air space and gives security personnel visibility into the location and movement of each and every IoT device on a premise. Bastille’s security systems offers detection of radio frequency attacks, which promise to become increasingly common in the age of overarching connectivity.

        Pindrop: Founded in 2011, this Atlanta-based startup specializes in voice anti-fraud. The company’s patented Phoneprinting technology identifies, locates, and authenticates phone devices just from the call audio, thereby detecting fraudulent calls and verifying legitimate callers. A pioneer in securing audio-enabled technology, Pindrop has attracted significant investments, including a January 2016, $75 million Series C funding round led by Google Capital.

IV.    Massachusetts:

        Cybereason: With headquarters in Boston and Tel Aviv, Cybereason provides automated solutions for endpoint protection. Founded in 2012, the startup recently raised $59 million in a funding round led by Softbank Corp, a subsidiary of Japanese conglomerate Softbank Group. Cybereason’s platform facilitates the work of security analysts by automatically generating reports that are based on extensive network data and cross-checks. It leverages big data, behavioral analytics, and machine learning to uncover suspicious activities and address complex cyber attacks designed to evade traditional defenses.

        Barkly: Founded in 2013, this Boston-based endpoint security startup has created a disruptive cyber security technology that can be installed without the need for IT or security expertise.  Instead of relying on signature-matching, Barkly’s solution identifies the unique way malicious codes behave and stops new types of attacks and malware before they take place. Focusing on medium-sized companies, Barkly’s goal is to provide an easy-to-use and affordable way to stop cyber attacks in real-time. Even though attacks on big corporations gain the most attention, Barkly estimates that smaller firms are experiencing such attacks equally as often, if not more often and more severely. The company points out that there are 98,000 midsize businesses in the U.S. that can benefit from their cyber security system.

        BitSight Technologies: Founded in 2011, this Cambridge-based startup has created a Security Rating Platform that aims to transform how companies manage security risks. The innovative platform gives access to objective, verifiable, and actionable data on third party security issues and behaviors. By doing so, it helps clients underwrite cyber insurance policies, benchmark performance, and assess aggregate risk. On September 15, 2016, BitSight closed $40 million in series C funding that will be use for geographical expansion.

V.    New York

        Cynet: With locations in New York and Israel, Cynet specializes in threat detection and incident response. The Cynet360 is an all-in-one solution that provides 24/7 detection, remediation, and forensics, including identification, extraction, analysis, and interpretation of data via static analysis, context aware sandboxing, deep file scans, and the deployment of decoys for users, files, and servers. Cynet was chosen as one of Ten Innovative Network Security Startups by Network Computing and was named a Top Ten Endpoint Security Solutions of 2015 by CSO Outlook. In February 2016, Cynet raised $7 million from Lazarus Management Company.

        Fireglass: Headquartered in New York City, Fireglass has created a Threat Isolation Platform that promises to revolutionize enterprise network security. By remotely executing all potentially malicious content and sending only a safe visual stream to the user, the innovative platform eliminates attack surfaces and creates a secure execution environment between users and the web. Easily deployable on-premises or offered as a cloud service, Fireglass allows organizations to isolate web content and increase functionality while lowering security costs.

        SecurityScorecard: This New York City-based startup offers a grading service designed to help companies identify, understand, and manage cyber security risks. Founded in 2013, it has created a patented solution that automatically monitors all key risk factors on a continuous, real-time basis, allowing users to keep track of the security levels of every organization they work or share data with. In June 2016, SecurityScorecard raised $20 million in Series B funding from Google Ventures. The company currently tracks and grades 100,000 companies.  

VI.     Texas:

        StackPath: This Dallas-based startup was founded in 2015 by Lance Crosby - the founder and CEO of SoftLayer, which was acquired by IBM in 2013 for $2 billion. Its vision is to create a massive web services platform that unifies enterprise cyber security efforts and solves the fragmentation problem generated by too many individual, appliance-based, bolt-on security solutions. In the words of Crosby, “it’s time to give businesses internet services that have security built in, not bolted on—so they can be reliable guardians of their most precious assets.” In July 2016, StackPath raised $180 million in funding and acquired four companies, expanding its client base to over 30,000 customers.  

Looking Ahead: The Need to Differentiate

        Despite the diversity of the companies presented in this article, our examples are a mere glimpse into one of the most dynamic and innovative markets of our days. Venture capital investments in cyber security startups increased by approximately 40 percent per year between 2011 and 2015, when it reached an all-time high of around $3.5 billion. Experts underscore, however, the sheer volume of new companies should make it increasingly difficult for cyber security startups to raise seed-stage capital. In this context, differentiation is paramount. In the words of Mahendra Ramsinghani, founder of cyber security seed fund Secure Octane, “The security bazaar is noisier and messier than ever. Every company sounds exactly like the eight others, and lines get blurred. Those that thrive will do so on differentiation.” R&D Tax Credits are available to help innovative cyber security companies rise above the noise and thrive.

Article Citation List



Charles R Goulding Attorney/CPA, is the President of R&D Tax Savers.

Andressa Bonafé is a Tax Analyst with R&D Tax Savers.

Lauren Chin is a Tax Analyst at R&D Tax Savers.

Similar Articles
The R&D Tax Credit Aspects of Blockchain for Supply Chains
The R&D Tax Credit Aspects of Physical Security Technology
The R&D Tax Credit Aspects of Driverless Cars
The R&D Tax Credit Aspects of SaaS Start-Ups
The R&D Tax Credit Aspects of Emotion-Recognition Technology
The R&D Tax Credit Aspects of AI in the Insurance Industry
The R&D Tax Credit Aspects of Emerging AV Trends
Enhanced R&D Tax Credits for Specialized Co-Shared Spaces
Ethereum's Impact on Digital Contracting Creates R&D Tax Credit Opportunities
The R&D Tax Credit Aspects of Geofencing
The R&D Tax Credit Aspects of Distribution Center Automation
The R&D Tax Credit Aspects of Law Firm Artificial Intelligence
The R&D Tax Credit Aspects of Avionics
The R&D Tax Credit Aspects of Telemedicine
Federal Government Provides Faster Approvals and Tax Credits for Consumer FinTech Products
The R&D Tax Credit Aspects of Voice-Activated Software
The R&D Tax Credit Aspects of Artificially Intelligent Hedge Funds
The R&D Tax Credit Aspects of LiDAR
The R&D Tax Credit Aspects of Educational Technology (EdTech)
The R&D Tax Credit Aspects of Construction Industry IoT
R&D Tax Credits Provide New Opportunities for Artificial Intelligence Start-ups
The R&D Tax Credit Aspects of NYC Start-Ups
The R&D Tax Credit Aspects of Virtual Reality Technology
The R&D Tax Credit Aspects of Water Analytics
The R&D Tax Aspects of Artificial Intelligence Robo-Advisors
The R&D Tax Credit Aspects of Natural Language Processing (NLP) Innovation
The R&D Tax Credit Aspects of Video Compression Technology
The R&D Tax Credit Aspects of Automated Coding
The R&D Tax Credit Aspects of Payment Technology
The R&D Tax Credit Aspects of Restaurant Technology
R&D Tax Credits and the Second Wave of Cloud Adoption
The R&D Tax Aspects of Data Storage Startups
The R&D Tax Credit Aspects of Cyber Security
The R&D Tax Credit Aspects of Mobile Applications
R&D Tax Credits for the Modern Insurance Industry
The R&D Tax Credit Aspects of the Internet of DNA
The R&D Tax Credit Aspects of Modern Dental Labs
The R&D Tax Credit Aspects of IoT Communication
The R&D Tax Credit Aspects of Bitcoin and Blockchain Technology
The R&D Tax Aspects of Near Field Communication
The R&D Tax Aspects of the New FDA Mobile Apps Requirements
Tapping the Power of Big Data and R&D Tax Credits for Utility Companies
The R&D Tax Credit Aspects of the Medical Software Industry
The R&D Tax Aspects of Computer Enabled Human Identification
The R&D Tax Credit Aspects of New York City's Engineering Education and Googlization
The R&D Tax Credit Aspects of Software Modeling Analytics
The R&D Tax Aspects of Cameras of the 21st Century
The R&D Tax Credit Aspects of Network Security
R&D Tax Aspects of DNA Identification
R&D Tax Credit Aspects of Cyber Security and Homeland Protection
Financial Product Trading Platform Artificial Intelligence R&D Tax Credits
The Internet of Things Creates R&D Tax Credit Opportunity
The R&D Tax Credit Aspects of Mobile Banking Applications
The R&D Tax Credit Aspects of In-Image Advertising
R&D Tax Credits for Hybrid Call Centers - Airline, Hotel, and Car Rental Industries
The R&D Tax Aspects of Advertising Science
The R&D Tax Aspects of Data Science
R&D Tax Aspects of Radio Frequency Identification
The R&D Tax Aspects of Advanced Driver Assist Systems
The R&D Tax Aspects of the Internet of Residential Things
The R&D Tax Aspects of Web Television
R&D Tax Credit Aspects of Medical Robotics
R&D Tax Credit Aspects of Industrial Robotics
R&D Tax Credit Aspects of Service Robotics
Yes Alice, Patents and R&D Tax Credits Remain Available for the Internet of Things!
How Salesmen Can Use R&D Tax Credits to Sell Today's Software Products Engagements
The R&D Tax Aspects of Cloud Computing
The R&D Tax Credit Aspects of Hybrid Call Centers for Health Insurers
The R&D Tax Aspects of Robot Software
The R&D Tax Aspects of Machine-to-Machine (M2M) Innovation
The R&D Tax Aspects of Financial Technology Services
Beacons Create R&D Tax Credit Opportunity
The R&D Tax Credit Aspects of Retail Technology
The R&D Tax Credit Aspects of Improving Virtual Reality Technology
Now Every Business is a Software Business
Gig City Startups and R&D Tax Credits
The R&D Tax Credit Opportunities for Mobile Devices
The R&D Tax Credit Aspects of Wearable Technology
The R&D Tax Aspects of Big Data
R&D Tax Credit Fundamentals
Los Angeles Tech Boom Creates Large R&D Tax Incentive Opportunities
The R&D Tax Aspects of Software Development