Skip to content
Home » Ideas » Drone Cybersecurity

Drone Cybersecurity

    Domain: Drones/cyber aerospace  

    Status Reached: PoC

    When: 2017 for six months

    Team Skill set: Aerospace engineer and cyber 

    Thesis/ Idea

    In 2017 there was a lot of hype around drones and cyber security of autonomous systems, including Amazon’s use of drones and a Goldman Sachs report that put the market at $100B, as well as other big companies like Google and Uber starting their own drone projects. 

    Our thesis was built on our experience in the field, and the theory that soon the skies would be full of drones (mostly making deliveries) and that security would be a critical requirement for approval for flight in urban areas where hacking could be very dangerous and cause significant damage.

    There was a strong cyber component and I looked for a partner in that realm, which was hard to find since the job market was strong and drones still weren’t established. Ultimately, I partnered with my brother who was in cyber, which also made for a good story (cyber aerospace brothers). 

    We bought drones with the common open source component and hacked them and did a PoC, which included a lot of crashing them. The business plan was to sell to OEMs, starting with small OEMs that provide services or sell the drones for DAAS (drone as a service) companies, in order to be integrated into the drone and then reach users as part of the control.

    YCombinator came to Israel and we got to the last stage, but they crushed the dream. They said that it was a valid problem, but the market wasn’t big enough with only one huge OEM.

    The opportunity ahead- $100 Billion e2016-2020

    Why the idea didn’t progress

    • The problem didn’t exist yet. In a meeting with investors they opened a curtain and said: I don’t see any drones that I need to be worried about.
    • While drone manufactures recognized the problem, they wouldn’t rate it as a top-5 problem  since the regulation isn’t enforced.
    • Similarly, even people who had drones weren’t looking for a cyber solution since there was little/no regulation to force them to do so and most of the flights were happening in areas where there was limited liability if they crashed. 
    • The most relevant domain was defense, which wasn’t appealing from the venture capital perspective .


    • We reached out to a lot of companies including OEMs , DAAS (drone as a service) and end users (companies like Shell Global) so the question was who will pay.
    • We got to market leaders in the small OEMs + DAAS domain like SkyX, Percepto, and Flytrex and there was a question if we should be working with the OEMs or the end users, which then means they have to integrate our solution.


    The competitive landscape:

    • DJI, a Chinese company that’s been in the market for a long time, but all of their info goes to servers in China, so there is a privacy challenge. 
    • Open source components which are also vulnerable: communication and autopilot.
    • Incidents and cases of drone vulnerabilities 


    • If you aren’t from the domain, it’s hard to reach people. 
    • Don’t fall in love with your idea. The question is if someone is willing to pay for it NOW. 
    • It’s hard to assess market size – even when you take Goldman Sachs’ $100B, it was hard to say how big of a piece cybersecurity was in that.
    • Hardware is tough and expensive. It’s much more expensive to reach a PoC (needed to buy drones).
    • Your story is important, since you’re selling an idea. Being able to tell the brother story helped us.  (Although it also caused concern for some investors).
    • If your product is dependent on regulation it can go both ways. Once regulation exists, you can make a lot of money (and vice versa). But there is also a concern in being dependent on regulators. 
    • OEMs won’t invest in a field that they can’t later sell.
    • The business model of the OEM had small margins at the time, which forced the OEMs to increase their price without customers willing to pay additional fees for security capabilities.