- Return on Security
- Posts
- 💰 Security, Funded #158 - Real G's Move in Silence 🍝
💰 Security, Funded #158 - Real G's Move in Silence 🍝
Get cybersecurity market and intelligence insights, including key trends and industry analysis, for the week of August 19, 2024
Mike Privette
August 27, 2024 • Reading Time: 11 minutes
Security, Funded is a weekly deep dive into cybersecurity funding and industry news captured and analyzed by Mike Privette. This week’s issue is presented together with Nudge Security and ThreatLocker.
Hey there,
I hope you had a good weekend! This issue is coming at you on Tuesday this week because yesterday was a holiday in the UK. Next week, this newsletter will also come on Tuesday because of Labor Day in the US as everyone tries to capture those last fleeting summer days.
We’ve got another quiet week on the funding and M&A front as VC Summer™️ continues (and boy, is it quiet!), so this is a shorter issue and a newsletter first with the data. On the economic front, however, things looked pretty positive last week regarding the potential for the US Fed rate cuts. Everything in the public markets has been up and to the right.
Last week, I got this awesome package from Beehiiv, which included a hat, a custom black card (“Yeah, I’ve got a black card 😏”), and a handwritten note from the CEO.
Beehiiv came through
If you’re considering launching a newsletter, you should definitely check out Beehiiv. There’s simply no better place to launch and grow a newsletter.
Also, a shout-out to my friend Evgeniy Kharam for publishing his first book, Architecting Success: The Art of Soft Skills in Technical Sales: Connect to Sell More. 👏
🚨 There are a few spots left in 2024, and sponsorship slots are now open for the 2025 season!
Join me in reaching 10,600+ of the brightest cybersecurity leaders and decision-makers worldwide.
Just reply to this newsletter or email [email protected] to see how we can partner! 💪
Onward to this week's issue.
TOGETHER WITH
Achieve scalable SaaS security while reducing spend
Learn how cloud-first org Stravito scaled their SaaS security program with Nudge Security while cutting SaaS spend and supporting rapid company growth, achieving these results:
Immediate visibility of their entire SaaS footprint
Cost savings from unnecessary SaaS licenses
Streamlined user access reviews
Faster vendor security reviews
Complete employee offboarding
Table of Contents
😎 Vibe Check
When it comes to AI for Security or Security for AI, what kind of company are you more likely to go with?Bonus internet points if you tell me why! |
Last issue’s vibe check:
As we are now well into the second half of the year, what is your security program's top priority for the rest of the year?
🟩🟩🟩🟩🟩🟩 🤖 Figure out this "AI Security" thing (18)
🟨🟨🟨🟨🟨⬜️ 🆔 Identity all the way down (16)
🟨⬜️⬜️⬜️⬜️⬜️ ⛈️ Wrangling cloud security (4)
🟨🟨🟨🟨⬜️⬜️ 🗜️ Tool consolidation or right-sizing (14)
🟨⬜️⬜️⬜️⬜️⬜️ 🔮 Other (tell me!) (6)
58 Votes
Last week’s poll showed that three things are top of mind for security practitioners for the rest of this year: AI Security, Identity, and tool consolidation.
Some of the top comments from last week:
“Identity - Not the sexiest thing on the list, but it's more of an "eat your vegetables first" mentality.”
“AI Security - It's just a riddle, wrapped up in a mystery, inside an enigma!”
“AI Security - A lot about scaling down and automating to survive this great recession.”
“Tools - The tool sprawl is out of control for our large organization.”
💰 Market Summary
3 companies across 3 unique product categories raised funding in 2 countries
3 companies were acquired or had a merger event across 2 unique product categories
100% of funding went to product-based cybersecurity companies
1 public cyber company had an earnings report
📸 YoY Snapshot
This is a rolling 12-week chart comparing funding and acquisitions each week in a year-over-year (YoY) view between 2023 and 2024.
Talk about quiet! Last week marked the quietest week by transaction volume and dollar amount for all of 2024 in the cybersecurity industry. 🤯
Acquisitions continue to hum along, but at a lower average pace in 2024 than in 2023 and 2022. It’s been an interesting year so far, with more companies seeking a private exit (as opposed to going IPO) but fewer of them making it.
TOGETHER WITH
Remote Workforces are a Ticking Time Bomb!
How to Secure Remote Workforces
Hybrid and remote work expands your company's surface area of attack beyond corporate firewall boundaries. Employees’ personal computers introduce shadow IT, and home networks with default settings are easy targets, compounded by public Wi-Fi vulnerabilities.
You need to develop a strategy to stay secure while remote employees work across untrusted networks.
To learn more about how to secure your company's workforce, download the Remote Work: A Ticking Time Bomb eBook by ThreatLocker® today.
🤙 Earnings Reports
This section is Powered by Quartr, where I track all the latest earning reports.
I’m trying something new with this section this week. In my quest to bring you more data-driven insights, I wanted to share a new test format. I have a new table and shorter commentary on public earnings calls.
Here, I’ll take the top 10 public cyber companies by market cap and start tracking their change over time compared to the broader market. The goal is to give you more data and situational awareness about the cyber industry as a whole.
Cyber Market Movers
As of August 23rd market close
Earnings reports from last week:
Palo Alto Network (PANW) - It looks like Palo Alto’s earlier bet on “platformization” that got everyone all riled up is working after all. Revenue jumped ~13% last quarter, beating all estimates across the board.
Earning reports to watch this week:
SentinelOne (S)
CrowdStrike (CRWD)
Please reply and let me know what you think about this new take!
🧩 Funding By Product Category
This chart isn’t a mistake. All transactions this week had undisclosed amounts.
An undisclosed amount for Threat & Vulnerability Management (TVM) across 1 deal
An undisclosed amount for Cybersecurity Education & Training across 1 deal
An undisclosed amount for Artificial Intelligence (AI) Privacy Assurance across 1 deal
There is nothing wrong with your television set. Do not attempt to adjust the picture. We are controlling transmission.
🏢 Funding By Company
CUBIG, a South Korea-based platform using synthetic data to protect sensitive data usage in AI applications, raised an undisclosed Venture Round from CNT Tech-DB Dream Big Investment Association.
Cyberbit, a United States-based cybersecurity education and training platform, raised an undisclosed Private Equity Round from Charlesbank Capital Partners. (more)
Nucleus Security, a United States-based automated threat and vulnerability remediation platform, raised an undisclosed Venture Round from Dcode Capital. (more)
🌎 Funding By Country
This chart isn’t a mistake either
An undisclosed amount for the United States across 2 deals
An undisclosed amount for South Korea across 1 deal
🤝 Mergers & Acquisitions
3DOT Solutions, a United States-based professional services company focused on security operations and architecture services, was acquired by Nortal for an undisclosed amount. (more)
Control Gap, a Canada-based professional services company focused on offensive security assessments, was acquired by CyberGuard Compliance for an undisclosed amount. (more)
Vantyr, a United States-based SaaS governance platform focused on non-human identity connections, was acquired by Ark Infotech for an undisclosed amount. (more)
📚 Great Reads
The Security Industry is Immature, But You’re Not - Joe Duggan discusses the cybersecurity industry's immaturity, highlighting its unique challenges and hidden incentive structures and offering insights for builders and practitioners to drive progress.
Why Europe Should Embrace Open-Source AI - Mark Zuckerberg and Daniel Ek released a joint statement about how Europe should embrace open-source AI or risk falling behind due to incoherent and complex regulations.
The Great Cloud Security Debate: CSP vs. Third-Party Security Tools - Anton Chuvakin discusses the debate between using Cloud Service Provider (CSP) security tools and third-party security tools, highlighting arguments for both sides.
*A message from our sponsor
🧪 Labs
Everyone is trying to leave a legacy, make yours count 😤 👊
no one will remember:
- how busy you were
- how big your salary was
- how many hours you workedthey will remember:
- how many security questionnaires you sent
- how many SOC 2 reports you looked at
- how many pen tests you skimmed— Mike Privette (@mikepsecuritee)
12:24 PM • Aug 27, 2024
Data Methodology and Sources
All of the data is captured point-in-time from publicly available sources.
All financial figures are converted to U.S. dollars (USD) when collected.
Company country locations are pulled from publicly available sources.
Companies are categorized using our system at Return on Security, and we write all the company descriptions.
Sometimes, the details about deals, like who led the round, how much money was raised, or the deal stage, might get updated after the issue is first published.
Let us know if you spot any errors, and we’ll fix them.
About Return on Security
Return on Security is all about breaking down the cybersecurity industry for you with expert analysis, hard facts, and real-life stories. The goal? To keep security pros, entrepreneurs, and investors ahead in a fast-moving field. Read more about the “Why” here.
Feel free to borrow any data, charts, or advice you find here. Just make sure to give a shoutout to Return on Security when you do.
Reply