💰 Security, Funded #139 - Custard Tarts and Valuations

Insights for the week of April 8, 2024

Security, Funded is a weekly deep dive into cybersecurity funding and industry news captured and analyzed by Mike Privette. This week’s issue is presented together with Wiz and Anvilogic.

Hey there,

I hope you had a great weekend!

I was on holiday last week in Portugal for the first time, and it was great. The weather was incredible, and there was a lot to see and learn about. Thanks to everyone who shared their favorite places to visit, eat, and drink!

My breakfast every day but with 2 more espressos

Onward to this week's issue.

Submit a deal here: [email protected]


Google Cloud Security Foundations for Dummies Guide

Best Practices for Securing Google Cloud

Wiz created an in-depth eBook focused on GCP security fundamentals. This guide goes back to the basics and dives into how to secure everything you build and run on Google Cloud. 

 You’ll learn how to: 

  • Manage complexity in the cloud

  • Understand Shared Fate and Zero Trust principles 

  • Meet developers earlier in the development process 

  • Secure the supply chain

😎 Vibe Check

What area of security feels more important than ever right now?

Bonus points if you tell me why!

Login or Subscribe to participate in polls.

Last issue’s vibe check:
How much time are you spending educating your executive team on AI and Security?
🟨🟨🟨⬜️⬜️⬜️ 😬 Not really at all
🟩🟩🟩🟩🟩🟩 🙂 Small portion of my time
🟨🟨⬜️⬜️⬜️⬜️ 😫 Medium portion of my time
🟨⬜️⬜️⬜️⬜️⬜️ 😵‍💫 It's all I do now (2)

Surprising results from last week. Despite being the only topic in the news, most people who responded to this poll are only using a small portion of their time or not that much at all to educate their executive team on AI and Security. It could be that it’s already well covered elsewhere, or it could be that things are moving and changing so fast that people aren’t really trying to keep up with it.

My favorite comment from last week:

“I know there's lots of noise. I'm just trying to trap the worst of it.”

💰 Market Summary

  • 14 companies raised $573.6M across 13 unique product categories in 4 countries

  • 5 companies were acquired or had a merger event across 2 unique product categories

  • 86% of funding went to product-based cybersecurity companies

  • No notable public cyber companies had an earnings call

📸 YoY Snapshot

This is a rolling 12-week chart comparing funding and acquisitions each week in a year-over-year (YoY) view between 2023 and 2024.

Sometimes, it’s all about the announcement timing. While last week appeared to be down in the dumps, this week is riding sky-high. We are currently within reach of the upcoming RSA Conference in the US, so deal announcements are ratcheting up. 🚀 

It was a strong week for services-based businesses on the funding and M&A front. With all of the high-price-tag acquisitions happening, it has become common to refer to what the acquired company was previously valued at as a sort of success measuring stick. I think this association needs to be paused for a while.

While I think this can sometimes be a useful metric, if a company raised money in the last 4-5 years, those old valuations no longer represent today’s reality. Valuations of 2019-2022 (and earlier) were figments, mirages, and specters. The past was the past, and the future hit everyone square in the mouth in the second half of 2022. Forget what happened in the ZIRP era and focus on the future.

🤙 Earnings Reports

Here are notable earnings reports from public cybersecurity companies, be they “pure play” or hybrid companies. This section is Powered by Quartr.

See the public cyber company tracker, which shows all public cybersecurity companies worldwide, along with market data, funding raised, product categories, and more.

Earnings reports this week: No notable earnings calls.

🧩 Funding By Product Category

  • $300.0M for Data Security Posture Management (DSPM) across 1 deal

  • $150.0M for Data Protection across 1 deal

  • $28.0M for Security Analytics across 1 deal

  • $22.0M for Security Operations across 2 deals

  • $20.0M for Trust & Safety across 1 deal

  • $20.0M for Security and Compliance Automation across 1 deal

  • $15.3M for Professional Services across 1 deal

  • $8.0M for Data Access Governance across 1 deal

  • $4.0M for Managed Security Services Provider (MSSP) across 1 deal

  • $3.3M for Artificial Intelligence (AI) Governance across 1 deal

  • $3.0M for Data Privacy across 1 deal

  • An undisclosed amount for Operational Technology (OT) Security across 1 deal

  • An undisclosed amount for Connected and Autonomous Vehicle Security (CAVS) across 1 deal

🏢 Funding By Company

🌎 Funding By Country

  • $511.3M for the United States across 7 deals

  • $31.0M for Spain across 2 deals

  • $20.0M for India across 1 deal

  • $11.3M for Israel across 4 deals

🤝 Mergers & Acquisitions

  • Btech, a United States-based managed security services provider (MSSP), was acquired by Secur-Serv for an undisclosed amount. (more)

  • Connetical, an Italy-based professional services firm focused on IoT, ICS, and network security services, was acquired by Planetel for an undisclosed amount. (more)

  • Foghorn Consulting, a United States-based professional services firm focused on cloud migration and security, was acquired by nClouds for an undisclosed amount. (more)

  • Ipseity Security, a Canada-based professional services firm focused on cyber resiliency consulting, was acquired by CYDERES for an undisclosed amount. (more)

  • Siveb, a Finland-based professional services firm focused on cyber risk assessments, was acquired by Fogmaker for an undisclosed amount. (more)

📚 Great Reads

  • A Letter from the Future - A futuristic short story from Phil Venables that is something like a Neal Stephenson cyberpunk novel from a not-so-distant future where cyber and physical conflicts are intertwined.

  • *Defrosting Snowflake SIEM Cost Factors: How does Snowflake perform against the top 8 SIEM cost factors security teams should consider? Data lakes are dramatically more cost-effective and scalable than all-in-one SIEM alternatives. This post breaks it down.

  • The Joy and Pain of Coding with AI When You Suck at Coding - Daniel Jeffries shares the trials and tribulations he had when he set out to create a complex application as someone who is not a developer. It's a really interesting read for coders and non-coders alike.

  • Robots Dream of Root Shells—Ben Hawkes discusses the evolution of AI in cybersecurity, focusing on the DARPA competitions CGC and AIxCC, which aim to use AI to find and fix security vulnerabilities autonomously.

*A message from our sponsor.

🧪 Labs

The more you know 🌈 

How was this week's newsletter?

Login or Subscribe to participate in polls.

Data Methodology and Sources

  • All of the data is captured point-in-time from publicly available sources.

  • All financial figures are converted to U.S. dollars (USD) when collected.

  • Company country locations are pulled from publicly available sources.

  • Companies are categorized using our own system at Return on Security, and we write all of the company descriptions.

  • Sometimes, the details about deals, like who led the round, how much money was raised, or the deal stage, might get updated after the issue is first published.

  • If you spot any errors, let us know, and we’ll fix them.

About Return on Security

Return on Security is all about breaking down the cybersecurity industry for you with expert analysis, hard facts, and real-life stories. The goal? To keep security pros, entrepreneurs, and investors ahead in a fast-moving field. Read more about the “Why” here.

Feel free to borrow any data, charts, or advice you find here. Just make sure to give a shoutout to Return on Security when you do.

Thank you for reading. If you liked this analysis, please share it with your friends, colleagues, and anyone interested in the cybersecurity market.

Follow me on LinkedIn or Twitter to never miss Return on Security updates.

Join the conversation

or to participate.