Structural pressures in the emerging security asset class

€500B+

Annual regulatory-driven demand across EU, DACH and US

3–5 years

Enterprise security platform replacement cycles.

70%+

Security platform revenue under multi-year contracts

$2T+

Projected global security market opportunity by 2035

What we do

Investing in security as an economic asset class

Security has moved beyond cost-center status. Institutional capital increasingly treats cybersecurity, defense technology and critical infrastructure protection as infrastructure-like platforms with durable demand.

Our approach focuses on identifying platform leaders early in the market consolidation cycle.

We:

identify security platforms serving mission-critical or mandated use cases
prioritize companies with deep integration across multiple security layers
evaluate regulatory positioning, certification pipelines and compliance architecture
assess service revenue attachment and long-term contract quality
align capital structure with 18–36 month procurement and certification cycles
evaluate governance sophistication required for institutional capital participation

The objective is not short-term technology exposure.
The objective is durable platform leadership in a structurally expanding security market.

Structural outcome

Platform market leadership

Fragmented vendor markets consolidate into a small number of dominant platforms.

Durable revenue visibility

Long-term contracts and switching costs create predictable cash flows.

Regulatory moat formation

Certification, compliance and standards leadership create structural barriers.

Infrastructure-like returns

Security platforms combine technology growth with infrastructure stability.

SStructural Demand Drivers (2025-2035)

1. Regulatory Floors = Non-Discretionary Demand

Governments mandate baseline capabilities:

Critical infrastructure protection (EU NIS2, US CISA)
Data sovereignty laws (GDPR residency, Schrems II)
Supply chain security standards (SBOM mandates, Executive Order 14028)

Result: €500B+ annual floor demand across EU/DACH/US. Compliance creates natural consolidation.

2. Institutional Replacement Cycles

Fortune 1000 refresh every 3-5 years:

Endpoint detection & response (EDR) → platform consolidation
Identity & access management (IAM) → zero trust architectures
Network security → SASE convergence
SIEM → AI-driven orchestration

Switching costs lock in 90%+ renewal rates post-implementation.

3. National Capability Building

Phase 4 security spending (per macro framework):

Germany: €100B Bündnis Sicherheit (cyber + defense tech) EU: €200B
Digital Europe Programme (sovereign cloud)

US: $1T+ NDAA pipeline (10-year defense tech)
KSA: $50B NEOM security ecosystem

Multi-year budget lines replace annual discretion.

Asset Class Characteristics vs. Tech/Infrastructure

Metric	Security Platforms	SaaS Growth	Infrastructure Debt
Revenue Predictability	70% multi-year contracts	20% multi-year	95% contracted
Gross Margin @ Scale	45-60%	75-80%	60-70%
Customer Concentration	Medium (mission-critical)	Low	High
Procurement Cycle	18-36 months	3-6 months	6-12 months
Platform Lifetime	10-20 years	5-7 years	20-30 years
Regulatory Moat	High	Low	Medium
IRR (7-year hold)	20-28%	25-35%	8-12%

Security = Infrastructure return profile + tech growth optionality.

Market Structure Evolution: Fragmentation → Platform Dominance

2025-2028: 50+ vendors per category Customer confusion → “best-of-suite” preference 2028-2032: 3-5 platforms per jurisdiction Regulatory certification → natural oligopoly 2032+: Platform ecosystems with 90% market share

Capital wins identifying platform candidates during fragmentation phase.

Screen for:

Integration depth (5+ security layers)
Service attachment >30% revenue
Certification pipeline >18 months
Standards leadership position

Phase 4 Investment Framework (Current)

Screen 1: Structural Demand Confirmation

Eliminate: Consumer antivirus, compliance consulting
Target: 70%+ revenue from mandated/mission-critical use cases

Screen 2: Platform Characteristics

Multi-product revenue streams
Service attachment rates >30%
Standards leadership (NIST, ISO27001, C5)
Ecosystem partnerships (AWS, Azure, Siemens)

Screen 2: Platform Characteristics

Balance sheet supports 24-36 month ramp
Debt capacity emerges post-scale ($50m+ EBITDA)
Service revenue funds R&D independence
M&A optionality preserved

Base Case Returns (70% probability):

Revenue CAGR: 15-20% (5 years)
Margin expansion: 500-1000bps
Exit multiple: 18-25x
Net IRR: 20-28% (7-year hold)

Governance Requirements for Security Asset Class

Institutional capital demands board sophistication beyond tech growth:

Board Composition (Minimum):
30% regulatory experience (NIS2, C5, IT-Sicherheitsgesetz)
Technical fluency (zero trust, cloud security)
Capital markets discipline (procurement cycles)
Geopolitical perspective (industrial policy flows)

Mandatory Capabilities:

Dedicated Risk/Cyber Committee (external chair)
Quarterly regulatory horizon scanning
Annual certification pipeline review
Geopolitical scenario planning (sanctions, supply chain)

CEO/CIO reports direct to board.
Incident reporting: 24 hours maximum.

Portfolio Construction (Institutional Scale)

Core Portfolio (8-12 positions):

60% Platform leaders | 40% Strategic enablers
No single position >15%

Vertical Allocation:

30% Cybersecurity platforms
25% Infrastructure protection
20% Industrial control systems (OT)
15% Data sovereignty/sovereign cloud
10% Defense-adjacent autonomy

Geographic Balance:

50% EU/DACH/US (Tier 1 certification markets)
30% Growth jurisdictions (KSA, UAE)
20% Frontier capabilities

Exit Pathways (Structurally Aligned)

Exit Type	Probability	Timeline	Multiple Range
Strategic M&A	60%	Years 6-8	20-30x
Infra Specialist	25%	Years 7-10	18-25x
IPO (Deep Markets)	15%	Years 8-10	25-35x

Industrial policy creates natural acquirers: Defense primes, telcos, sovereign funds.

Why Now? 2026 Positioning

Phase 3→4 transition creates asymmetric opportunity:

Fragmentation phase (50+ vendors → 3-5 platforms)
Regulatory moats forming (NIS2 enforcement 2026+)
Institutional capital entering (pension funds, insurers recognise asset class)
Industrial policy tailwinds (€400B+ EU programs)

Security = infrastructure economics + tech optionality + geopolitical alignment.

Capital wins through:

Early platform identification (before consolidation)
Regulatory fluency (certification acceleration)
Governance sophistication (attracting co-investors)
Geopolitical positioning (industrial policy flows)

Partner Characteristics (What We Seek)

Management teams exhibiting:

Regulatory fluency (not just technical excellence)
Platform mindset (beyond point solutions)
Service revenue ramps ahead of scale
Standards leadership ambition
Geopolitical awareness (industrial policy alignment)

Capital patient through:

18-36 month certification cycles
Multi-year customer acquisition
Service organisation buildout

Security spending follows infrastructure capital flows.

2026-2035: €2T+ addressable market.
Governance separates winners from tactical players.

Capital follows structure. Security is the emerging structure.

Dr. Raphael Nagel (LL.M.) focuses supervisory mandates and co-investments on platform leaders navigating this Phase 3→4 transition.

Security is only one dimension of the evolving infrastructure economy. Additional insights on governance, technology platforms, and strategic capital can be found here: OECD Corporate Governance Principles

Wie gesehen

Fokus

Unbemannte Luft-, See- und Bodensysteme, autonome Plattformen, KI-gestützte Sensorik und Bildintelligenz sowie sichere cyber-physische Systemarchitekturen.