Start your day with intelligence. Get The OODA Daily Pulse.
As the OODA Network and the Black Hat community continue at Black Hat 2025 in Vegas, we tailored this OODA Loop Original Analysis for startup leadership teams and investors attending the conference. It seems that market and regulatory conditions are now optimized for the innovation ecosystem to take the accelerated lead in addressing urgent problems, providing myriad competing solutions, for the market to then sort out the winners and losers.
We believe community, experiential learning, and in-person networking matter even more in the age of AI.
The language of the innovation economy is familiar to both founders and investors (i.e. value proposition design, business model generation, Blank’s “Four Steps to the Epiphany” and the lean startup customer development model, total addressable market (TAM – as well as SAM and SOM), new markets, adjacent markets, and existing markets). We use this common language here.
The convergence of cybersecurity and blockchain isn’t just a technical inevitability: it’s a massive entrepreneurial wedge. The winners of this wave will not be those who merely “secure” crypto systems, but those who reimagine trust, compliance, and defense as foundational primitives in a new economic architecture. For startups, this fusion unlocks new markets, adjacent opportunities, and urgent problem-solution fits worth building around.
For the full conference program, see: Black Hat USA 2025
Investors who understand this convergence can target new growth markets, avoid blind spots, and influence the next generation of digital infrastructure platforms.
For the full conference program, see: Black Hat USA 2025
At the 2025 Black Hat Conference, the cybersecurity and blockchain tracks revealed a shared challenge space:
This convergence is being fueled by:
The cybersecurity–crypto overlap is creating new dual-use markets that blend financial infrastructure, regulatory tech, and cyber risk analytics.
New Markets to Watch:
Startup Playbooks Should Focus On:
Investment Thesis Adjustments:
Category | Recommendation |
---|---|
Thesis Development | Update your fintech and cybersecurity theses to include digital asset protection as a core infrastructure category, not a niche. |
Deal Sourcing | Build sourcing pipelines in blockchain audit firms, security DAOs, tokenization startups, and crypto infrastructure providers. |
Due Diligence | Assess startup claims around chain-agnostic tooling, regulatory preparedness (MiCA, FATF, SEC), and defensibility (proprietary threat intel or cryptographic IP). |
Partnerships | Encourage co-investments and GTM (go-to-market) partnerships between cybersecurity players and blockchain-native startups, particularly in the custody, DeFi, and compliance stack. |
Exit Scenarios | Monitor acquisition appetites from cloud security platforms, crypto-native financial institutions, and compliance/RegTech consolidators looking to expand horizontally. |
Framework | Implications for Founders |
---|---|
Lean Startup / Four Steps to Epiphany | Identify early adopters in digital asset exchanges, DeFi protocols, or custodians struggling with compliance and security. Build MVPs that address verifiable pain (e.g., key management, transaction monitoring, quantum resilience). |
Value Proposition Design | Position cybersecurity as a value-added layer for blockchain infrastructure, not just defense, but trust enablement; Design for both developer users (dApps, wallets) and enterprise adopters, integrating tokens or smart contracts. |
Business Model Generation | Blend SaaS-based security tools (e.g., blockchain forensics, anomaly detection, key recovery) with B2B2C models in crypto wallets, exchanges, and infrastructure providers. Monetize as a security-layer API, compliance automation platform, or insurance-enabling risk quantifier. |
Market Types | Position cybersecurity as a value-added layer for blockchain infrastructure, not just defense but trust enablement, designed for both developer users (dApps, wallets) and enterprise adopters, integrating tokens or smart contracts. |
Market Level | Definition | Example Figures & Targets |
---|---|---|
TAM (Total Addressable Market) | $100M–$500M: Pilot-stage crypto banks, tokenization startups, and new custodial infrastructure providers in North America and the EU. | $50B+ by 2030 (includes DeFi, custody, enterprise blockchain, and compliance tooling) |
SAM (Serviceable Available Market) | Segments actively adopting cybersecurity for digital assets. | $8–12B: Crypto exchanges, custodians, token issuers, stablecoin operators |
SOM (Serviceable Obtainable Market) | Early adopters within reachable ecosystems. | $100M–$500M: Pilot-stage crypto banks, tokenization startups, and new custodial infrastructure providers in North America and EU. |
Zone | Startup Opportunity |
---|---|
DeFi Risk Management | Real-time smart contract monitoring for financial anomalies and governance exploits. |
Crypto Compliance Automation | AML/CFT integration for exchanges, custodians, and DeFi protocols using on-chain analytics. |
Decentralized Identity & Access Control | Zero-trust solutions tailored for blockchain-based systems. |
Custody Security | Secure MPC, HSMs, and post-quantum cryptography tailored to crypto custody infrastructure. |
Insurance & Risk Modeling | Underwriting tools that integrate blockchain behavior modeling and threat scoring. |
Layer-2 Protocol Security | Auditing and real-time exploit mitigation for rollups and optimistic bridges. |