- Return on Security
- 💰 Security, Funded #110 - Cents, Sensibility, & Cyber: Your Mixed Earnings Bag 🛒
💰 Security, Funded #110 - Cents, Sensibility, & Cyber: Your Mixed Earnings Bag 🛒
A review of cybersecurity funding and industry news from the week of September 4th, 2023.
Happy Monday, and I hope you had a great weekend. This week, we’ve got:
🔮 Mixed bag in cyber earnings
☁️ LLM hype mirrors early cloud rush
⚙️ Prompt Engineering & AI Self-Study
💰 $444.5M raised, 7 companies acquired
🏃♂️ Post-Labor Day: Investors scrutinize AI pitches
Now that Labor Day is behind us and Burning Man is over, the deal flow engine is beginning to hum again. However, unlike pre-2022, VCs aren’t going to be making it rain ⛈️ 💰 like they used by just throwing around the term “AI” in your pitch deck. The second half of the year is going to bring more scrutiny around value-add vs. a commodity feature set. The shiny object syndrome is over for investors and customers.
Onward to this week's issue.
Vibe Check - MSSPs
Are you currently using an MSP or MSSP as a part of your security program?
Last week’s poll:
Vibe Check #4 - AI Security Tools
Are you starting to evaluate or purchase this new wave of tools focused on the security or privacy of AI or LLM usage? Bonus points if you tell me why!
I suspect many of these answers were driven by businesses reacting to the growth and popularity of LLMs. I liken this part of the hype cycle to the early days of cloud computing. Some businesses were “all in” to get to the cloud before they had a real business need. They just knew they “had to get there” and that the business cases and revenue would start to flow.
If you want to add commentary to your poll answer, leave an answer when you cast your vote or email me at [email protected]. All responses will be kept anonymous 🤫
🔮 Earnings Reports
A section for notable earnings reports from public cybersecurity companies, be they “pure play” or hybrid companies.
Darktrace ($DARK) - beat its earnings estimate on all fronts off of expanded growth with large clients in the US. Darktrace has been using AI and LLMs “before it was cool” and stated how their use of AI to “remove the analysts from the incident process” was able to play well with the 800 lbs. gorilla in the room that is Microsoft.
SecureWorks ($SCWX) - beat earnings expectations, but revenue was down from previous quarters. SecureWorks is in the process of a business model shift to focus on partner channel growth and regional expansion in the EU and MEA.
It might be a wait-and-see investment until SecureWorks fully reveals the outcomes of its transition and if it can see success in its channel business. Like others, SecureWorks is experiencing elongated buying cycles, signaling heightened fiscal scrutiny across the sector. The stock was down >9% since the earnings call.
Zscaler ($ZS)- beat its earnings estimate and raised its forward-looking guidance for the rest of the year. Raising the guidance is something that other cyber players are not doing, opting for a more conservative estimate (investors like the sound of this now but will make the stock pay if it doesn’t meet that newly raised guidance next quarter 👀 )
Zscaler also cited that part of their success this last quarter was from replacing network, endpoint, and email DLP and CASEB services. DLP, in general, has needed help for years in being more valuable than harmful to the business, and this traction could pay future dividends.
ZeroFox ($ZFOX - reported strong financials, exceeding their forecast based on large ARR deals. The company also turned cash flow positive a year ahead of schedule.
The growth in their managed response business indicates an industry-wide trend toward outsourcing certain cybersecurity functions.
Companies that are growing well are seeing macro pressures easing, while those who are not are still seeing macro struggles.
📅 YTD Funding
A rolling 12-week chart to compare funding and acquisitions each week between 2022 and 2023.
Funding is up >64% YoY this week as 2023 continues to rebound from the bottom of 2022.
Now that folks are back from an epic Burning Man and fully enlightened, the acquisition train is back up and moving again 🚂.
💰 Funding Summary
10 companies raised $444.5M across 9 unique product categories
7 companies were acquired or had a merger event for $265.0M across 6 unique product categories
🧩 Funding By Product Category
$260.0M for Threat & Vulnerability Management (TVM) across 1 deal
$67.8M for Fraud and Financial Crime Protection across 2 deals
$50.0M for Cloud Native Application Protection Platform (CNAPP) across 1 deal
$35.0M for Third-Party Risk Management across 1 deal
$15.1M for Network Detection and Response (NDR) across 1 deal
$6.9M for Data Privacy across 1 deal
$6.0M for API Security across 1 deal
$3.7M for Artificial Intelligence (AI) Security across 1 deal
An undisclosed amount for Application Security Testing (AST) across 1 deal
🏢 Funding By Company
🌎 Funding By Country
$317.0M for United States across 5 deals
$113.0M for Israel across 3 deals
$10.8M for Norway across 1 deal
$3.7M for United Kingdom across 1 deal
🤝 Mergers & Acquisitions
📚 Great Reads
Demystifying LLMs and Threats My Journey - Caleb Sima, former CISO of Robinhood, shares his journey of demystifying LLMs, threats, and all things AI.
*Start a Newsletter - If you’re thinking about starting a newsletter, I can't recommend Beehiiv highly enough.
Awesome GPT Prompt Engineering - A curated list of awesome resources, tools, and other shiny things for GPT prompt engineering.
The Resilience Potion & Security Chaos Engineering - Kelly Shortridge shares the Resilience Potion Recipe, a five-ingredient elixir we can brew to foster resilience in our systems and guide our security chaos engineering transformation.
*Sponsored content and/or affiliate link.
Really makes you think 🤔
Promote your business to a hard-to-reach audience of cybersecurity and investment professionals by sponsoring this newsletter.
How was this week's newsletter?