Start your day with intelligence. Get The OODA Daily Pulse.
As the OODA Network and the Black Hat community continue at Black Hat 2025 in Vegas, we tailored this OODA Loop Original Analysis for startup leadership teams and investors attending the conference. It seems that market and regulatory conditions are now optimized for the innovation ecosystem to take the accelerated lead in addressing urgent problems, providing myriad competing solutions, for the market to then sort out the winners and losers.
We believe community, experiential learning, and in-person networking matter even more in the age of AI.
The language of the innovation economy is familiar to both founders and investors (i.e. value proposition design, business model generation, Blank’s “Four Steps to the Epiphany” and the lean startup customer development model, total addressable market (TAM – as well as SAM and SOM), new markets, adjacent markets, and existing markets).
We use this common language here.
The convergence of cybersecurity and blockchain isn’t just a technical inevitability: it’s a massive entrepreneurial wedge. The winners of this wave will not be those who merely “secure” crypto systems, but those who reimagine trust, compliance, and defense as foundational primitives in a new economic architecture. For startups, this fusion unlocks new markets, adjacent opportunities, and urgent problem-solution fits worth building around.
For the full conference program, see: Black Hat USA 2025
Investors who understand this convergence can target new growth markets, avoid blind spots, and influence the next generation of digital infrastructure platforms.
For the full conference program, see: Black Hat USA 2025
At the 2025 Black Hat Conference, the cybersecurity and blockchain tracks revealed a shared challenge space:
This convergence is being fueled by:
The cybersecurity-crypto overlap is creating new dual-use markets that blend financial infrastructure, regulatory tech, and cyber risk analytics.
New Markets to Watch:
Startup Playbooks Should Focus On:
Investment Thesis Adjustments:
Category | Recommendation |
---|---|
Thesis Development | Update your fintech and cybersecurity theses to include digital asset protection as a core infrastructure category, not a niche. |
Deal Sourcing | Build sourcing pipelines in blockchain audit firms, security DAOs, tokenization startups, and crypto infrastructure providers. |
Due Diligence | Assess startup claims around chain-agnostic tooling, regulatory preparedness (MiCA, FATF, SEC), and defensibility (proprietary threat intel or cryptographic IP). |
Partnerships | Encourage co-investments and GTM (go-to-market) partnerships between cybersecurity players and blockchain-native startups, particularly in the custody, DeFi, and compliance stack. |
Exit Scenarios | Monitor acquisition appetites from cloud security platforms, crypto-native financial institutions, and compliance/RegTech consolidators looking to expand horizontally. |
At OODA, we track and engage with companies that are shaping the future. This curated list highlights firms we believe are poised to disrupt their industries and drive meaningful innovation across global markets. Some of these companies are ones we have invested in. Others we advise. Many are on our radar because of their transformative potential and alignment with the technologies and mission sets we follow closely. One thing they all have in common, each company included here demonstrates characteristics we value: breakthrough thinking, high execution potential, and relevance to the national security, economic competitiveness, and technological resilience of open societies.
We organize these firms across strategic categories of innovation: Artificial Intelligence, Cybersecurity, Defense Tech, Energy, Space, Robotics, and Biotechnology.
The U.S. Defense Industrial Base (DIB) is undergoing rapid transformation driven by innovation, policy shifts, and emerging technologies. This compilation highlights key analyses and resources to help national security technology startups navigate this evolving landscape.
National Security Innovation Engines: Where Deep Tech Startups Can Engage for Maximum Impact
The national security mission could use some help. The nation has a huge need for advanced technologies that can improve defense and intelligence capabilities. The good news is that American innovation is proceeding at breakneck speed along multiple fronts, including space systems, energy solutions, robotics, biotech, quantum tech, materials science, and advanced automation for manufacturing. The bad news is it can be hard to work with the federal government.
This post continues our special series focused on helping startups succeed in service to national security missions (see: Doing Business With the Federal Government: An Introductory Guide for the Startup CEO, Understanding the SBIR/STTR Process, and An Enterprise Software Licensing Strategy DOGE Would Love). In this report, we focus on the organizations the government has set up that are designed to help onboard advanced tech. Knowing these organizations should inform your action plans.
This list is broken into two sections: Innovation Accelerators and Advanced Research Powerhouses
Framework | Implications for Founders |
---|---|
Lean Startup / Four Steps to Epiphany | Identify early adopters in digital asset exchanges, DeFi protocols, or custodians struggling with compliance and security. Build MVPs that address verifiable pain (e.g., key management, transaction monitoring, quantum resilience). |
Value Proposition Design | Position cybersecurity as a value-added layer for blockchain infrastructure, not just defense, but trust enablement; Design for both developer users (dApps, wallets) and enterprise adopters, integrating tokens or smart contracts. |
Business Model Generation | Blend SaaS-based security tools (e.g., blockchain forensics, anomaly detection, key recovery) with B2B2C models in crypto wallets, exchanges, and infrastructure providers. Monetize as a security-layer API, compliance automation platform, or insurance-enabling risk quantifier. |
Market Types | Explore new markets (Web3-native SOCs, crypto compliance), adjacent markets (traditional fintech firms expanding into tokenization), and existing markets (cyber startups expanding into blockchain security tooling). |
*NOTE: The market figures in the “Example Figures & Targets” Column are just that: Example market figures (generated by an LLM, which did not include links to any source documents validating the numbers).
These are not official market estimates generated by official OODA Loop quantitative research efforts.
Also: TAMs (Total Addressable Markets) are an industry rite of passage for first-time founders: Beware exorbitant figures, ripe with “irrational exuberance”. These are sophisticated new markets and categories we have been discussing: exciting, but difficult to scope by their very nature.
Market Level | Definition | Example Figures & Targets |
---|---|---|
TAM (Total Addressable Market) | The entire blockchain security and digital asset protection market. | $50B+ by 2030 (includes DeFi, custody, enterprise blockchain, and compliance tooling) |
SAM (Serviceable Available Market) | Segments actively adopting cybersecurity for digital assets. | $8-12B: Crypto exchanges, custodians, token issuers, stablecoin operators |
SOM (Serviceable Obtainable Market) | Early adopters within reachable ecosystems. | $100M-$500M: Pilot-stage crypto banks, tokenization startups, and new custodial infrastructure providers in North America and EU. |
Zone | Startup Opportunity |
---|---|
DeFi Risk Management | Real-time smart contract monitoring for financial anomalies and governance exploits. |
Crypto Compliance Automation | AML/CFT integration for exchanges, custodians, and DeFi protocols using on-chain analytics. |
Decentralized Identity & Access Control | Zero-trust solutions tailored for blockchain-based systems. |
Custody Security | Secure MPC, HSMs, and post-quantum cryptography tailored to crypto custody infrastructure. |
Insurance & Risk Modeling | Underwriting tools that integrate blockchain behavior modeling and threat scoring. |
Layer-2 Protocol Security | Auditing and real-time exploit mitigation for rollups and optimistic bridges. |