When Orion Hindawi began discussions with potential investors for what would be his company’s third round of funding in less than a year, he noticed something had changed. A year ago they cared about growth. Now they cared that his business was making money.
That shift in focus, says Hindawi, co-founder and chief technology officer of Tanium, the world’s highest valued security startup, came as a relief to him.
“I see rounds of funding in the security market and I scratch my head and wonder what they were investing in,” he says, fresh off accepting a $120 million investment in the IT systems management company he founded with his father, CEO David Hindawi, in 2007. Tanium announced the raise, which includes investors TPG Capital, T. Rowe Price, Institutional Venture Partners, and former backer Andreessen Horowitz, on Wednesday.
Fortune had previously reported on the latest round in August, but had undershot the valuation. It is $3.5 billion, according to a person familiar with the deal, not $2.5 billion.
“These are non-profits dressed up like businesses,” Hindawi adds, anticipating that many security startups will not survive an eventual market rout that will trigger failures, bankruptcies, and consolidation. “The cost of sale is so much higher than the revenue they will achieve, it’s almost mind-blowing to me.”
As hacks and breaches continue to rock the public and private sectors alike, venture capital firms have poured money into cybersecurity upstarts. Investments in the industry broke the $1 billion mark for the first time in a single quarter earlier this year, according to data from the research firm PrivCo. And last year, U.S. venture firms injected $1.77 billion into the space, thereby beating the previous dot-com-fueled record of $1.62 billion in 2000, according to the investment tracker Dow Jones VentureSource.
The beneficiaries of that increased investor interest have been many. The cybersecurity firm CrowdStrike raised $100 million in a round led by Google Capital earlier this year. The startup Illumio raised $100 million from a variety of investors. And last year, Tanium raised $142 million in two rounds of funding from the venture firm Andreessen Horowitz. All have benefited from the world’s present state of electronic unease.
Tanium’s technology allows IT departments to quickly scan their computer networks. It can search for bugs, patch vulnerabilities, and find and isolate attacks. The company counts the federal government, including the Department of Defense, and retailers such as Target
, among its customers.
Many companies are now turning to security startups to plug the holes in their computer networks as many security stalwarts have been struggling to keep apace in the new threat environment posed by cyberattackers. This is reflected in dipping share prices for companies like Symantec
, which dropped to $20 from around $26 in May, and Intel
, owner of the McAfee security brand, which fell to around $28 from nearly $35 in May. More recently public companies have not been immune either. FireEye
has plummeted to $37 from its high of $85 in February of last year and Palo Alto Networks
has slipped to about $163 from its high of $197 in July.
But if the latest round of funding raised by Tanium is any indication, the boom days of the cybersecurity venture capital market may be turning. This is the first time, Hindawi says, that investors questioned him from a profit and loss perspective.
Hindawi says his company will have no trouble staying afloat financially should market circumstances change. The firm apparently has more than $250 million in the bank, has been profitable since 2012, and has been growing revenue by 200% year over year. He’s confident, he says, that Tanium will be able to pay back its investors on the “unicorn” valuation they’ve granted it.
Why take the money then? Hindawi says he initially figured he would decline the current round of fund-raising. But then, upon receiving a “nice premium,” he reconsidered. The round offered Tanium a formidable war chest.
“We modeled this out,” Hindawi says. “Even in really nasty scenarios moving forward, this enables us to avoid raising money for the foreseeable future—or forever really—and focus instead on running the business.”
The latest raise is the third biggest single round of fundraising for any security startup, reports the Financial Times, citing PrivCo data. The other two highest raisers are anti-virus maker AVG Technologies, which nabbed $200 million in 2009, and mobile security startup Lookout, which took in $150 million last year.
“I struggle to see how I would burn through that,” Hindawi says of the new capital.
Sign up for Data Sheet, Fortune’s daily newsletter about the business of technology.
For more about multi-billion dollar startups, watch this Fortune video: