Related Articles
Stay Up To Date
Something has gone wrong, check that all fields have been filled in correctly. If you have adblock, disable it.
The form was sent successfully
Artificial intelligence (AI) and cybersecurity are quickly becoming the two pillars of resilience in a fragmenting world. As adoption accelerates, companies and governments are being pushed to build offense and defense at the same time. The aim is to lead in AI while strengthening cyber capabilities to withstand a faster, more automated threat landscape.
Key Points
- Amid accelerating technological change and geopolitical uncertainty, resilience has emerged as a defining priority for corporate boardrooms and government policymakers.
- Modern resilience now requires offense and defense, with AI and cybersecurity at the center.
- Rapid disruption is shifting the advantage toward nimble startups and driving incumbents toward mergers and acquisitions to keep pace.
We stand at a pivotal moment in history. We are in the midst of what we believe to be the most consequential technological shift since the advent of the internet. Artificial intelligence (AI) is likely to profoundly shape the way we interact with the digital and physical worlds for decades to come. Businesses and governments are racing to lead this shift, fearing the consequences of being left behind.
At the same time, the world is becoming increasingly fragmented and major powers are competing more aggressively. In 2025, there were 59 active state-based conflicts, the most since the end of World War II. This underscores growing global instability.1
Amid this confluence of accelerating technological change and geopolitical uncertainty, resilience has emerged as a defining priority for corporate boardrooms and government policymakers alike. Each of these are trying to best position themselves to capture the upside of technological innovation, while simultaneously hardening and strengthening their defenses to weather an increasingly fragmented world order.
AI and Cybersecurity as Keys to Resilience
What does it mean to be resilient? The term often evokes images of persistence in the face of difficulty, an ability to outlast an adversary, or the maintenance of a strong defense. Historically, this view has been largely reactive, not proactive. Today, we regard such a perspective as incomplete.
In our view, modern resilience requires strong offense and defense. It requires taking proactive actions to establish a leadership position while also having the capabilities to respond effectively when confronted with conflict or competition. If we apply this definition to our current environment, we believe that AI and cybersecurity are two of the most important pillars in achieving resilience.
We have already witnessed what happens to those who fail to innovate in the AI era. They face potential extinction. One needs only look at the decline in market capitalization of companies that were the early casualties of AI-driven disruption. Providers of labor-intensive digital services, such as language translation and localization or call center outsourcing, face increased pressure to justify how they compete against a new wave of AI-native startups that are targeting their markets.
Similarly, SaaS-era incumbents, which built vertical software but lacked strong data moats, will need to consider how they can compete in the long term against foundational models trained on internet-scale data. These are likely just the first of many examples demonstrating the disruptive potential rapid technological change poses to companies that fail to adapt.
Yet as AI adoption accelerates, it places increased importance on the strength of cyber defenses. AI has already changed the cyber threat landscape. Prior to the AI-era, cyberattacks were human-designed, launched, and executed. Phishing attacks were less personalized, easier to spot, and infrequent. We have already seen glimpses of what the future holds when AI falls into the hands of adversaries, whether in the form of near autonomous AI-orchestrated cyberattacks or increasingly realistic deepfake attacks. In November 2025, for instance, Anthropic reported a threat actor was able to use AI to perform 80 percent to 90 percent of a cyber espionage campaign.2
In short, whether you are a business or a government, it is imperative to use AI to stay at the forefront of technological innovation. At the same time, cybersecurity has emerged as an even greater need to defend against a wave of novel threats.
Why Startups Have the Advantage
As technological disruption accelerates, investors are asking a key question: Where will the value accrue? We believe the answer is clear. This era of change favors startups over incumbents. We have seen how periods of rapid change benefit the small and the nimble, the risk takers, and the tinkerers. These attributes are generally more closely associated with the startup community than with the large, slow-moving incumbents.
As the technology gap between legacy incumbents and startups widens, more incumbents will likely realize that strategic mergers and acquisitions (M&A) are a more effective means of competition than in-house innovation. For example, in cybersecurity, we have already seen a wave of M&A over the past year as large cybersecurity platforms acquire AI security capabilities.3
Looking ahead, we are excited about the opportunity in the early-stage ecosystem. Not all will succeed. Many will fail. But we believe the firms that emerge as market leaders over the next few years will set the pace for the next generation of enduring, category-defining businesses.
A Strategic Investment Priority for Governments
We believe it is clear that resilience needs to be more than just a corporate priority. It demands nation-level attention. The consequences of falling behind in both AI or cybersecurity could have a lasting impact on a nation’s economy, geopolitical power, and societal wellbeing.
As a result, governments are becoming more active in supporting domestic innovation, through both direct fiscal as well as nonmonetary aid. Examples include:
- United States: The Stargate Project is an initiative in which the U.S. government provides nonmonetary support to accelerate the construction of domestic AI infrastructure.
- European Union: The InvestAI initiative, announced by European Commission President Ursula von der Leyen, aims to mobilize €200 billion of investment across Europe to accelerate AI development, infrastructure, and competitiveness.
- Japan: The government announced the AI and Semiconductor Industry Enhancement Framework, which aims to provide ¥10 trillion in public support via a combination of subsidies, commissioned projects, financial assistance, and legislative measures through fiscal 2030 to strengthen domestic chip and AI sectors.
The government can provide a helping hand to guide critical industries, but it cannot do it alone. Success ultimately requires a close collaboration between the private and public sectors. As the providers of early-stage capital for technology innovation, we expect venture capital firms to play a critical role in supporting governments in their aim to build long-term resilience.
Areas of Interest
From the perspective of early-stage venture, the investment landscape in AI and cybersecurity has never been more exciting. Rapid technological change fosters new ideas, opportunities, and capabilities that are advanced by a vibrant startup ecosystem.
Over the last several years, we have seen value continuously move across layers of the AI stack. It began with graphic processing units and chip providers, then shifted to foundational model providers. More recently, we have entered the application layer phase. We are excited about companies that are applying AI to address real-world use cases and problems, accompanied by strong data moats and subject matter expertise.
AI is likely to impact a broad swath of industries. But we are most excited about the opportunities early-stage startups present in the sectors outlined in Figure 1. We believe there is vast (but often siloed or messy) data that has yet to be fully utilized by AI, an abundance of inefficient or manual processes, and a fragmented landscape of legacy, slow-moving incumbents.
Figure 1
AREAS OF INTEREST WITHIN AI
The cybersecurity vendor landscape is diffuse, spread across large platform players, such as Microsoft, Palo Alto Networks, and CrowdStrike, as well as a growing list of startups focused on specific point product solutions. This diffusion happens because the average enterprise relies on 45 different cybersecurity tools to defend its digital environment.4
Within this labyrinth of cyber products, we are most excited about opportunities emerging at the intersection of AI and cybersecurity. Figure 2 shows a range of applications, from novel solutions that defend a new attack surface introduced by AI models to tools that automate the tedious, labor-intensive work involved in triaging and investigating cybersecurity incidents. Ultimately, as AI-driven attacks become more common, they will demand a new cybersecurity platform for defenders centered on speed, automation, and scale.
Figure 2
AREAS OF INTEREST WITHIN CYBERSECURITY
Why D.C. Matters?
Silicon Valley remains the epicenter of startup innovation. However, Washington, D.C., has emerged as a place that can no longer be ignored when it comes to innovation and technology. D.C.’s importance extends well beyond policy and regulation to increased recognition of the federal government’s efforts to modernize its own technology stack and adopt cutting-edge software. As one of the largest buyers of software in the United States, the U.S. government is a critical customer for AI and cybersecurity companies alike.
Successfully navigating this complex web, whether across Senate and House office buildings or within the halls of the Pentagon, is not for the faint of heart. But it can confer a meaningful competitive advantage for the companies that do. Proximity to policymakers, regulators, and some of the world’s most sophisticated technology buyers creates a set of advantages that are difficult to replicate elsewhere. For companies that can pair cutting-edge innovation with the operational realities of government adoption, Washington, D.C., offers not just access, but a durable and defensible strategic advantage.
1 Global Peace Index 2025.
3 Recent deals include Palo Alto Networks’ acquisition of Protect AI; SentinelOne’s acquisition of Prompt Security; Check Point Software Technologies’ acquisition of Lakera; and CrowdStrike’s acquisition of Pangea.
5 “Securing the AI Ecosystem” source for #1 asset: https://www.gartner.com/en/newsroom/press-releases/2025-03-03-gartner-identifiesthe-top-cybersecurity-trends-for-2025
Disclosures:
As of January 23, 2026, Microsoft and Palo Alto Networks were holdings in Sands Capital strategies.
Any other holdings outside of the portfolio that were mentioned are for illustrative purposes only.
The views expressed are the opinion of Sands Capital and are not intended as a forecast, a guarantee of future results, investment recommendations or an offer to buy or sell any securities. The views expressed were current as of the date indicated and are subject to change.
This material may contain forward-looking statements, which are subject to uncertainty and contingencies outside of Sands Capital’s control. Readers should not place undue reliance upon these forward-looking statements. There is no guarantee that Sands Capital will meet its stated goals. Past performance is not indicative of future results.
All investments are subject to market risk, including the possible loss of principal. Recent tariff announcements may add to this risk, creating additional economic uncertainty and potentially affecting the value of certain investments. Tariffs can impact various sectors differently, leading to changes in market dynamics and investment performance. You should consider these factors when making investment decisions. International investments can be riskier than U.S. investments due to the adverse effects of currency exchange rates, differences in market structure and liquidity, as well as specific country, regional and economic developments.
The specific securities identified and described do not represent all of the securities purchased, sold, or recommended for advisory clients. There is no assurance that any securities discussed will remain in the portfolio or that securities sold have not been repurchased. You should not assume that any investment is or will be profitable.