• Return on Security
  • Posts
  • 💰 Security, Funded #100 - Cashing in on Q2, BlackBerry Blitz, and Keeping it 💯

💰 Security, Funded #100 - Cashing in on Q2, BlackBerry Blitz, and Keeping it 💯

A review of cybersecurity funding and industry news from the week of June 26th, 2023.

Hey there,

Happy Monday! I hope you had a great weekend and welcome to the 100th issue of the Security, Funded newsletter! 🥳 

🏃‍♂️ The Rundown

A meta roundup of all the important things affecting cybersecurity and the microenvironment:

  • 🎯 Major cyber AI investments close Q2

  • 💡 BlackBerry’s cybersecurity sales surge

  • 🚀 Yet Another New Product Category (YANPC)

  • 🧩 Challenges in pentesting LLMs and AI systems

  • 🤔 AI privacy vs. personalized AI agent future conflict

  • 🎉 Large volume of deals mark cybersecurity's comeback

Heads up - Today’s issue is going to be a long one based on how many transactions there were last week and your email provider might cut it short. I suggest reading this issue online here if you can.

Yet Another New Product Category (YANPC) - this time with something I’m calling “AI Privacy Assurance.” You’ll see a few companies below falling into this new privacy-preserving and AI usage world, and I think this is a really important area for the world to be focusing on.

This effort, however, will be at direct odds with the personalized AI agent that does lots of work for you future that many people want to see come true.

Image with a link to the tweet because of Elon funny biz

I’ve loved keeping it 💯 with you all on this newsletter! Thank you for being here, and thank you for your kind words, support, feedback, and encouragement over these last two years. Here’s to the next 100!

Onward to this week's issue.


Get compliant in weeks not months

What makes Secureframe different?

  • Get audit-ready and achieve compliance in weeks, not months with built-in remediation guidance and 100+ integrations.

  • Stay compliant with the latest regulations and requirements including ISO 27001, GDPR, HIPAA, PCI, and other standards.

  • Automate responses to RFPs and security questionnaires with AI.

  • Secureframe’s NEW Comply AI can help you remediate failing controls, generate fixes for IaC, or provide tailored guidance for meeting technical compliance requirements.

  • Thousands of companies already use Secureframe to achieve and maintain continuous security and privacy compliance

🔮 Earnings Reports

A section for notable earnings reports from public cybersecurity companies, be they “pure play” or hybrid companies:

  • BlackBerry ($BB) - I wouldn’t normally cover BlackBerry, as they are more of a hybrid player (meaning their primary business is not just cybersecurity), but I decided to include them this week because of their earnings report.

    BlackBerry beat its earnings report off the back of increased cybersecurity sales, specifically to the US federal market. Every few years, BlackBerry seems to make some head scratching headway into the cybersecurity market, and this is one of those years.

    If you’re looking for a great read about the meteoric rise and fall of BlackBerry, check out Losing the Signal: The Untold Story Behind the Extraordinary Rise and Spectacular Fall of BlackBerry

🛞 Industry News Roundup

  • Canada to roll out CMMC equivalent for defense contracts (more)

  • The SEC hones in on SolarWinds' CISO and CFO (more)

  • Google announces $20 million investment for cyber clinics (more)

📅 YTD Funding

A rolling 12-week chart to compare funding each week between 2022 and 2023.

Remember last week when I said that I thought things were quiet so investors and founders could focus on generative AI applications for cybersecurity? And then this week, there was a big wave of cyber + AI investments to finish out Q2?

Even though cyber funding is down ~43% as compared to Q2 2022, I think we are just getting started with this new wave of AI-led cyber investments. Valuations are starting to go back up, growth rounds are starting to look like absolute units again, and marketing efforts are on overdrive. Oh man, we are so back 😤👊 

I’m not keeping score or anything, but many of the 2023 predictions I made late last year are continuing to come true. 👀

💰 Funding Summary

  • 19 companies raised $293.5M across 17 unique product categories

  • 3 companies were acquired or had a merger event across 3 unique product categories for $70.0M

🧩 Funding By Product Category

  • $15.0M for Identity and Access Management (IAM) across 1 deal

  • $100.0M for Data Security Posture Management (DSPM) across 1 deal

  • $34.0M for Artificial Intelligence (AI) Security across 2 deals

  • $30.0M for Threat Intelligence across 1 deal

  • $29.0M for Secure Remote Access across 1 deal

  • $25.0M for SaaS Security Posture Management (SSPM) across 1 deal

  • $25.0M for Network Security across 1 deal

  • $15.0M for Attack Surface Management (ASM) across 1 deal

  • $12.1M for Artificial Intelligence (AI) Privacy Assurance across 2 deals

  • $8.0M for No-Code Security across 1 deal

  • $4.4M for Software Supply Chain Security across 1 deal

  • $3.5M for Identity and Access Management (IAM) across 1 deal

  • $2.5M for Fraud and Financial Crime Protection across 1 deal

  • $2.1M for Cyber Insurance

  • $1.9M for Application Security

  • $1.1M for Managed Security Services Provider (MSSP)

  • An undisclosed amount for Trust & Safety

  • An undisclosed amount for Data Access Governance

🏢 Funding By Company

🌎 Funding By Country

  • $241.5M for United States across 12 deals 🇺🇸

  • $33.0M for Israel across 2 deals 🇮🇱

  • $11.0M for Czechia across 1 deal 🇨🇿

  • $4.4M for Spain across 1 deal 🇪🇸

  • $2.5M for United Kingdom across 1 deal 🇬🇧

  • $1.1M for France across 1 deal 🇫🇷

  • An undisclosed amount for Singapore across 1 deal 🇸🇬


Gomboc is a Top 4 finalist in the 2023 Black Hat Startup Spotlight Competition. Come watch our talk at the Startup City or visit our exhibit in the Business Hall! We’ll also be throwing a Whiskey Tasting Experience on August 9th!

Gomboc uses a deterministic AI engine that continuously pushes secure, context-aware IaC remediations straight to your CI/CD pipeline as pull requests. With Gomboc, your DevOps engineers can remediate cloud security issues just by hitting Approve.

🤝 Mergers & Acquisitions

  • Berbix, a United States-based identity verification platform, was acquired by Socure for $70.0M. (more)

  • BluBracket, a United States-based code security platform that checks for security and integrity issues, was acquired by HashiCorp for an undisclosed amount. (more)

  • Horangi, a Singapore-based cloud security platform, was acquired by Bitdefender for an undisclosed amount. (more)

📚 Great Reads

  • The Challenges with LLM Pentesting - Garrett Galloway’s take on the multi-faceted complexities around penetration testing Large Language Models (LLMs) and generative AI systems.

  • Cybersecurity Interview Questions Collections - Security interview questions for different security skills with possible explanations. This GitHub repo is for security professionals who want to make themselves ready for various security roles from different skill sets like appsec, DevSecOps, and cloud security.

  • Building Security Tools is the Wrong Approach - If we want mass adoption of security technology and to have a truly meaningful impact on the state of software security, we have to stop building security tools and start building developer tools that have security features.

🧪 Labs

Plz think before you share sensitive data 😥 

How was this week's newsletter?

Login or Subscribe to participate in polls.

✅ Here to Support

Whenever you’re ready, I’ve got a few ways I can help support you:

  1. Promote your business to a hard-to-reach audience of cybersecurity and investment professionals by sponsoring this newsletter.

  2. Schedule a 1:1 coaching call on newsletters, monetizing, cybersecurity trends, product strategy, or anything else.

Join the conversation

or to participate.