💰 Security, Funded #178 - The AI Truffle Shuffle

Get cybersecurity market and intelligence insights, including key trends and industry analysis, for the week of January 20, 2025.

Author

Mike Privette
January 27, 2025 • Reading Time: 13 minutes

Security, Funded provides a weekly analysis of economic activity in the cybersecurity market. This week’s issue is presented together with Nudge Security and Palo Alto Networks.

Hey there,

Hope you had a great weekend!

Well, that didn’t take long! The day he stepped into the White House, US President Trump threw out former President Biden's AI Security Executive Order (along with 77 other EOs!). It’s too early to tell what this will mean for the industry at large, but AI safety and governance professionals around the world are not fans of this outcome.

Also, a new AI model released by a hedge fund in China shakes the AI and security industry at large, with concerns around the advanced capabilities of the model and the troublesome privacy policy that came with it.

Last week had a ton of activity, so you might as well go ahead and hit that “Read Online” link at the top right so you can read the whole issue more easily. 🫡 

TOGETHER WITH

How GLAAD protects SaaS identities and sensitive data with Nudge Security

When the team at GLAAD deployed Nudge Security, they were blown away by the immediate visibility it provided into shadow SaaS.

With this visibility, they were able to achieve quick wins, including:

  • 50% less time required to discover and secure SaaS accounts

  • 90% reduction in offboarding time, with more complete results

  • 11 previously-unknown GenAI tools discovered

  • Continuous SaaS security monitoring and breach alerts

  • SaaS identity governance for a high-risk remote workforce

😎 Vibe Check

If your cybersecurity program were a video game, how would you “win”?

Login or Subscribe to participate in polls.

Last issue’s vibe check:
Who has the most influence over cybersecurity budget decisions in your organization?🟩🟩🟩🟩🟩🟩 Security Leadership (e.g., CISO, Head of X) (27)
🟨🟨🟨⬜️⬜️⬜️ The CEO / Board of Directors (16)
🟨⬜️⬜️⬜️⬜️⬜️ The CFO / Finance Team (9)
🟨⬜️⬜️⬜️⬜️⬜️ Security Practitioners (6)
58 Votes

Thank you to everyone who voted last week! Looking at these results, I realize they are upside down from what I expected. I expected security practitioners to have the most or equal sway as the security leadership team, that the CFO would finish second, and the CEO / BOD would be dead last. 🤔 

Some of the top comments from last week:

Security Leadership - “I take in a lot of guidance/advice/ideas from my practitioners and other business leaders (BoD, CFO, CIO, etc.) could heavily influence, too, but ultimately they leave us the autonomy to have budget, decisions, influence, etc. reside on me and my leaders.”

💰 Market Summary

  • 17 companies raised $77.9M across 17 unique product categories in 8 countries

  • 5 companies were acquired or had a merger event across 3 unique product categories

  • 97.5% of funding went to product-based cybersecurity companies

  • No public cyber companies had an earnings report

📸 YoY Snapshot

This is a rolling 12-week chart comparing funding and acquisitions each week in a year-over-year (YoY) view between the end of 2023 and the start of 2024 and 2025.

There was a ramp-up in volume on the funding side last week, but dollar figures are still relatively low. This is just a timing issue, as the bigger rounds are starting to roll in.

M&A continues to progress strongly, with more professional services and MSSP businesses being acquired.

☎️ Earnings Reports

Cyber Market Movers

As of markets close on January 24, 2025

Earnings reports from last week: None

Macro Context:

  • The S&P 500 hit its first record of 2025 last week, bolstered by a strong start to earnings season and President Trump’s support for business tax cuts.

  • The tech-heavy US indexes took some hits after hours on Friday when a Chinese AI model named DeepSeek V3 was released from a prominent hedge fund in China. The model’s launch temporarily shook investor confidence in NVIDIA and similar companies.

Earning reports to watch this coming week:

  • None

🧩 Funding By Product Category

Click to see full-size

  • $30.0M for Security Operations across 1 deal

  • $9.4M for Privileged Access Management (PAM) across 1 deal

  • $8.7M for Application Security Posture Management (ASPM) across 1 deal

  • $8.0M for Password Management across 1 deal

  • $7.0M for Security Analytics across 1 deal

  • $5.9M for Threat Intelligence across 1 deal

  • $4.0M for Data Security Posture Management (DSPM) across 1 deal

  • $2.0M for Passwordless Authentication across 1 deal

  • $1.9M for Professional Services across 1 deal

  • $1.0M for Fraud and Financial Crime Protection across 1 deal

  • An undisclosed amount for Software Supply Chain Security across 1 deal

  • An undisclosed amount for Secure File Sharing across 1 deal

  • An undisclosed amount for Quantum Security across 1 deal

  • An undisclosed amount for Network Security across 1 deal

  • An undisclosed amount for Managed Detection and Response (MDR) across 1 deal

  • An undisclosed amount for Attack Surface Management (ASM) across 1 deal

  • An undisclosed amount for Application Security Testing (AST) across 1 deal

🏢 Funding By Company

Products:

Services:

  • Kymatio, a Spain-based professional services firm focused on security awareness training and education, raised a $1.9M Seed from ABANCA and Decelera. (more)

🌎 Funding By Country

Click to see full-size

  • $30.0M for Israel across 1 deal

  • $26.1M for the United States across 9 deals

  • $8.0M for Luxembourg across 1 deal

  • $7.8M for Spain across 2 deals

  • $4.0M for Czech Republic across 1 deal

  • $2.0M for the United Kingdom across 1 deal

  • An undisclosed amount for Singapore across 1 deal

  • An undisclosed amount for China across 1 deal

🤝 Mergers & Acquisitions

Click to see full-size

Product

  • Dellfer, a United States-based IoT and automotive cybersecurity startup, was acquired by Enigma for an undisclosed amount. Dellfer had previously raised $8.0M in funding.(more)

Service

  • Cybeta, a United States-based professional services company focused on threat intelligence and dark web monitoring, was acquired by HPN Holdings, Inc. (also known as “Master Glazier's Karate International,” which cracks me up 🥋 ) for an undisclosed amount. Cybeta has not publicly disclosed any prior funding rounds. (more)

  • MorganFranklin Cyber, a United States-based professional services firm focused on security operations and program strategy, was acquired by M/C Partners for an undisclosed amount. MorganFranklin Cyber has not publicly disclosed any prior funding rounds. (more)

  • U.S. Computer Connection, a United States-based managed security services provider (MSSP), was acquired by Netsurit for an undisclosed amount. U.S. Computer Connection has not publicly disclosed any prior funding rounds. (more)

  • The cybersecurity consulting arm of WithSecure, a Finland-based professional services firm focused on cybersecurity risk management, was acquired by Neqst for an undisclosed amount. WithSecure has not publicly disclosed any prior funding rounds. (more)

📚 Great Reads

  • Read More Books - A palette cleanser and a reminder for the overconsuming digital person (like me).

  • *GigaOm Radar for Software Supply Chain Security - Your guide to navigating software supply chain risks. Dive into the evolving threat landscape, discover top vendor solutions, and learn expert strategies to protect your systems.

  • By Default, Capital will Matter More Than Ever After AGI - Labour-replacing AI will shift the relative importance of human vs. non-human factors of production, which reduces the incentives for society to care about humans while making existing powers more effective and entrenched.

*A message from our sponsor

🧪 Labs

They say if you love something, let it go…

Data Methodology and Sources

  • All of the data is captured point-in-time from publicly available sources.

  • All financial figures are converted to U.S. dollars (USD) when collected.

  • Company country locations are pulled from publicly available sources.

  • Companies are categorized using our system at Return on Security, and we write all the company descriptions.

  • Sometimes, the details about deals, like who led the round, how much money was raised, or the deal stage, might get updated after the issue is first published.

  • Let us know if you spot any errors, and we’ll fix them.

About Return on Security

Return on Security is all about breaking down the cybersecurity industry for you with expert analysis, hard facts, and real-life stories. The goal? To keep security pros, entrepreneurs, and investors ahead in a fast-moving field. Read more about the “Why” here.

Feel free to borrow any data, charts, or advice you find here. Just make sure to give a shoutout to Return on Security when you do.

Thank you for reading. If you liked this analysis, please share it with your friends, colleagues, and anyone interested in the cybersecurity market.

Follow me on LinkedIn or Twitter to never miss Return on Security updates.

Reply

or to participate.