💰 Security, Funded #116 - Breaches, Budgets, and Bottom-lines: Cyber's Rollercoaster Ride!
A deep dive on cybersecurity funding and industry news from the week of October 16th, 2023.
Mike Privette
October 23rd, 2023
Hey there,
Happy Monday, and I hope you had a great weekend. In this week’s issue, we’ve got:
📈 Tapering off in funding volume
🛍️ Slowest week for acquisitions in 2023
🤔 High switching cost and Okta’s 12% haircut
💰️ 15 companies raised funding, 1 company acquired
I’m sure you already know about the latest Okta breach from last week, and as a result, their stock dropped nearly 12% after hours.
I don’t normally cover this side of our industry with so many other great resources covering it better than I could, but when there are stock implications, I think it makes sense to weigh in.
This series of breaches at Okta is especially troubling because a platform like Okta isn't just another cybersecurity tool; it’s an essential business function of modern corporations. A breach at a point of trust like this can have far-reaching implications that go beyond a conventional cybersecurity incident.
Given Okta’s upcoming November 30th earnings call and a recent poll in this newsletter showing that companies rarely switch vendors post-breach, it’s plausible that this dip is a short-term phenomenon. The real key here is the lack of viable market alternatives and the high switching costs, making Okta a likely candidate for recovery despite what it does or does not do.
The company’s future—both in terms of customer trust and share price—will hinge on how effectively it can pivot towards heightened security and transparency up to this next call. This upcoming earnings call could serve as the inflection point that either reinstates market and customer confidence or exacerbates existing concerns.
Onward to this week's issue.
🗣Sponsor
Build Detections in Minutes Across Your Security Data Lakes with Anvilogic
Reduce Legacy SIEM Costs Up to 80%
Looking to incrementally adopt a security data lake alongside or in place of your legacy SIEM? Need to implement detection-as-code with a low-code builder?
Anvilogic is your enterprise SOC team’s Detection Engineering and Hunting Platform to deploy and tune detections in a few clicks and hunt more efficiently across your data lakes.
Instead of requiring you to centralize all your data in one place, Anvilogic works as your security analytics layer on top of the data platforms you choose. Calculate Your Savings
Vibe Check - Are you giving Okta the boot?If you are an Okta customer today, are you looking to replace them given all of their breaches and the extremely sensitive position of trust they are in? |
Last week’s poll:
Vibe Check - CISOs
Where are you spending most of your cyber budget? Think about not just software costs but the people and services that support each.
Network / Cloud and Logging / SIEM led last week’s poll, with Access & IAM things coming in 3rd. I had personally expected Logging / SIEM to be the biggest bucket today. Still, many said they were buying more things through the Cloud Service Providers (CSPs), which could account for some of the upward trajectory in Network / Cloud spending. Any way you shake it, these big three areas dominate most cyber budgets today.
🔮 Earnings Reports
A section for notable earnings reports from public cybersecurity companies, be they “pure play” or hybrid companies.
No public earnings calls to report on from last week! 🫡
📅 YTD Funding
A rolling 12-week chart to compare funding and acquisitions each week between 2022 and 2023.
Funding volume and transactions have tapered off a bit over the last four weeks. This timeframe in 2022 was a bit of a mixed bag, with some huge transactions and uncommonly low weeks.
It was a very slow week for acquisitions last week and actually the lowest volume in all of 2023. It is also possible that some transactions are waiting to be announced at a later date for better PR timing, a game that is often played in our industry.
💰 Funding Summary
15 companies raised $252.8M across 12 unique product categories
1 company was acquired or had a merger event across 1 unique product category
🧩 Funding By Product Category
$80.0M for Passwordless Authentication across 1 deal
$56.5M for Anti-Bot across 3 deals
$55.0M for Fraud and Financial Crime Protection across 2 deals
$20.0M for Secure Collaboration and Messaging across 1 deal
$15.0M for Trust & Safety across 1 deal
$7.0M for Artificial Intelligence (AI) Privacy Assurance across 1 deal
$6.5M for Professional Services across 1 deal
$3.5M for Security and Compliance Automation across 1 deal
$3.0M for SaaS Security Posture Management (SSPM) across 1 deal
$3.0M for Identity Verification across 1 deal
$3.0M for Data Protection across 1 deal
$280.2K for Threat Intelligence across 1 deal
🏢 Funding By Company
SecureW2, a United States-based passwordless authentication platform, raised a $80.0M Private Equity Round from Insight Partners. (more)
Prove Identity (formerly Payfone), a United States-based identity verification and fraud detection platform, raised a $40.0M Venture Round from Capital One Ventures and MassMutual Ventures. (more)
Fingerprint, a United States-based bot detection and device identity platform, raised a $33.0M Series C from Nexus Venture Partners. (more)
Workstorm, a United States-based secure collaboration and messaging platform, raised a $20.0M Series A from Author Capital Partners. (more)
Darwinium, a United States-based bot-detection and abuse prevention platform, raised an $18.0M Series A from U.S. Venture Partners. (more)
Reality Defender, a United States-based AI deepfake media and content detection platform for media networks, raised a $15.0M Series A from DCVC. (more)
Spec, a United States-based fraud and financial crimes protection platform, raised a $15.0M Series A from SignalFire. (more)
Harmonic Security, a United States-based platform to discover and control the usage of GenAI platforms and sensitive data in training models, raised a $7.0M Seed from Ten Eleven Ventures. (more)
Two Six Technologies, a United States-based professional services firm focused on national security and cyber defense, raised a $6.5M Venture Round. (more)
Netacea, a United Kingdom-based anti-bot platform to protect websites and APIs from automated threats, raised a $5.5M Venture Round from Mercia Asset Management PLC. (more)
Compliance Risk, a United States-based security and compliance automation platform, raised a $3.5M Seed from Bellini Capital. (more)
Anonybit, a United States-based decentralized biometric identification platform, raised a $3.0M Seed from JAM FINTOP. (more)
CipherStash, an Australia-based sensitive data discovery, data searching, and data encryption platform, raised a $3.0M Seed from Skip Capital. (more)
Zygon, a France-based SaaS security posture management (SSPM) platform, raised a $3.0M Seed from Axeleo Capital. (more)
Crossword Cybersecurity, a United States-based cyber threat intelligence and research group, raised a $280.2K Convertible Note. (more)
🗣Sponsor
Say goodbye to countless spreadsheets and endless email threads when you automate compliance with Vanta.
Automate up to 90% of the work for SOC 2, ISO 27001, HIPAA, and more
Get audit-ready in weeks instead of months
Save over 300 hours of manual work and up to 85% of associated costs.
Easily monitor and secure the tools your business relies on with Vanta’s 200+ integrations
Join 5,000 fast-growing companies like Chili Piper, Quora, Autodesk, and Patch that leverage Vanta to manage risk and prove security in real-time. Vanta scales with your business, helping you successfully enter new markets, land bigger deals, and earn customer trust.
As a special offer, Security, Funded readers get $1,000 off. Claim your discount here.
🌎 Funding By Country
$241.3M for United States across 12 deals
$5.5M for United Kingdom across 1 deal
$3.0M for France across 1 deal
$3.0M for Australia across 1 deal
🤝 Mergers & Acquisitions
This week’s chart kinda makes me lol
Specialized Technical Services, a Jordan-based professional services firm focused on digital transformation and cybersecurity consulting, was acquired by ZainTech for an undisclosed amount. (more).
📚 Great Reads
How the End of Free Money Changes Sales Strategy in Cybersecurity - I got the opportunity to be on the Bare Knuckles & Brass Tacks podcast to share my thoughts about how the end of zero interest rates has fundamentally changed sales strategy for cybersecurity companies (also on Apple Podcasts).
Leading Cybersecurity with a Control vs. Resilience Strategy - Kelly Shortidge reviews two contrasting approaches to cybersecurity, the control strategy and the resilience strategy, and considers human limitations and behaviors of security programs.
*How to Create Your Trust Center Strategy - SafeBase is the only enterprise-ready Trust Center that reduces the security questionnaire burden and creates a review process that buyers love. Explore how LinkedIn, Asana, Jamf, and Synk create their Trust Center Strategy and position security programs as a strategic advantage.
How to Exit Nano - The ultimate guide on exiting Nano, just in case you ever find a system where the ultimate text editor (vim) isn't installed, and you have to use the inferior Nano.
*Sponsored content and/or affiliate link.
🧪 Labs
🎶 Hi, it’s me. I’m the [vulnerability], it’s me. 🎵
new vulnerability just dropped
its me
im vulnerable— ali (@endingwithali)
Oct 13, 2023
How was this week's newsletter? |