💰 Security, Funded #185 - Panic at the Boardroom

Get cybersecurity market and intelligence insights, including key trends and industry analysis, for the week of March 10, 2025.

Author

Mike Privette
March 17, 2025 • Reading Time: 13 minutes

Security, Funded provides a weekly analysis of economic activity in the cybersecurity market. This week’s issue is presented together with Hyperproof and Nudge Security.

Hey there,

I hope you had a great weekend!

It’s not often that we see a lot of public drama in the cybersecurity industry on the financial side of the house, but last week was a bit different (I’ll let others rant about the “talent shortage” 🙄). The CEO of Cybereason quit after heated arguments with the company’s board of directors. I haven’t seen anything like this in our industry yet, but that’s just the start.

The former CEO also has an active lawsuit against the board, claiming the deliberate obstruction of the CEO and a plan to keep the company afloat with additional funding. The lawsuit alleges that the board was not meeting its fiduciary responsibilities, despite threats that the company may go bankrupt, and that it actively vetoed 13 (!!) financing options. The lawsuit claims this was done for certain investors to remain in control and not weaken the investor’s current positions in the company.

You might remember from issue 💰 Security, Funded #170 that Cybereason and Trustwave merged last year to create an EDR + MDR powerhouse. And wouldn’t you know it? Now that the CEO quit, Cybereason has just secured a huge funding round (below) to keep operations going.

You can’t make this stuff up, folks. Nothing more that customers love than chaos with a company in charge of running critical parts of their security programs. 👀 🍿 

TOGETHER WITH

ISO 42001: Create Your AI Governance Program

AI has changed the world we live in. What does this mean for infosec professionals? More complex risks, a growing need for enhanced AI governance, and new standards to comply with all come to mind — but where do you get started?

In this guide, Hyperproof will outline everything you need to know about the world’s first AI framework: ISO 42001. Whether you’re a startup or a large enterprise, this guide will equip you with the knowledge and resources to navigate the complex landscape of AI governance.

😎 Vibe Check

As a security leader, what’s the toughest decision you have to make?

Click on your answer below!

Login or Subscribe to participate in polls.

Last issue’s vibe check:
Whether you’re a security leader, product builder, or investor, if AI isn’t the game-changer for security yet, what is?
🟨🟨🟨🟨⬜️⬜️ 👥 Hiring & upskilling security talent (14)
🟨🟨🟨🟨⬜️⬜️ ⚙️ Better automation of existing tools (15)
⬜️⬜️⬜️⬜️⬜️⬜️ 🔎 Stronger threat intelligence & data integration (1)
🟩🟩🟩🟩🟩🟩 🛠️ More efficient security operations & processes (18)
⬜️⬜️⬜️⬜️⬜️⬜️ 🔮 Other (leave a comment) (2)
50 Votes

94% of people who voted last week are effectively looking for practicality over innovation right now. Efficiency and automation are still winning the war over hype, and it just shows what people in the industry have to wade their way through.

Last week’s poll also shows that the AI hype cycle in our industry isn’t eliminating the need for skilled people but reinforcing that security is still a people-driven function.

Some of the top comments from last week’s vibe check:

Hiring - “The best defense against smart, persistent, creative, well-trained, well-equipped attackers continues to be smart, persistent, creative, well-trained, well-equipped defenders. Who knew?”

Efficient Processes - “Efficiency = $$$, 'nuff said”

Other - “Readjusting how security leaders build teams. Focus on adding headcount that can be trained to secure what the business does (software, mfg, medical, etc.) - especially those things that take insider knowledge to properly secure. Then focus budget around outsourcing commoditized security work that anyone can do (MDR, endpoint, email, identity, etc.). If more companies did this, I think more security budgets would be approved and teams would have more to show for it.”

💰 Market Summary

Private Markets

  • 12 companies from 6 countries raised $502.4M across 11 unique product categories

  • 3 companies were acquired or had a merger event across 3 unique product categories

  • 99%of funding went to product-based cybersecurity companies

Public Markets

  • 2 public cyber companies had an earnings report

  • Public market moves last week (some rebounding, but still down bad)

As of markets close on March 17, 2025

📸 YoY Snapshot

This is a rolling 12-week chart comparing funding and acquisitions each week in a year-over-year (YoY) view between the end of 2023 and the start of 2024 and 2025.

Click to see a larger version

Funding popped off last week, and from some interesting sources to boot! With that week down, the quarter-to-date total for Q1 2025 cybersecurity funding is $3.1 billion, which is even with all of Q1 2024. There are still two weeks to go, and no signs of slowing down at this point.

Click to see a larger version

M&A activity is continuing at a steady clip. It hasn’t yet caught up with Q1 2024 totals, but it’s not too far off. C’mon folks, let’s show some urgency and close those deals this quarter! 😤 👊 

☎️ Earnings Reports

Earnings reports from last week: Rubrik, SentinelOne

Rubrik (RBRK)

Rubrik had a huge fourth quarter, with revenue climbing 47% (!!) to $258 million and subscription ARR growing 39% YoY to $1.1 billion. This growth was driven by a strong demand for resilience solutions and data security posture management (DSPM). Rubrik also saw significant tailwinds from the strategic partnership with Microsoft, especially with high-profile wins for protecting M365 environments and on the back of the latest DORA regulation driving demand.

Rubrik reported a best-in-class net revenue retention rate (NRR) of 120%, which shows that it has no problems upselling to its existing customers. After the earnings call, its stock jumped 25%.

SentinelOne (S)

SentinelOne delivered a strong fourth quarter, with revenue increasing 29% to $226 million and ARR growing 27% to $920 million. The quarter was driven by strong demand for its “AI SIEM” cloud security solution and strong MSSP demand.

SentinelOne is facing some headwinds, however. There was mention of uncertainty in federal spending, partly due to the rapidly changing workforce in the U.S. federal sector under the current administration and partly owing to its consistent comparison with its much larger rival, CrowdStrike (which also had a great quarter). At the time of writing this, SentinelOne’s market cap is less than 10% of CrowdStrike’s.

While SentinelOne gave strong forward guidance for the rest of the year, the investor community wasn’t having it.

get out of here GIF by ESPN

One of the best blocks ever

Its stock dropped after the earnings call, but it has dropped more than 25% in the last month alone.

Earning reports to watch this coming week: SecureWorks

🧩 Funding By Product Category

Click to see a larger version

  • $193.8M for Network Security across 1 deal

  • $120.0M for Endpoint Detection and Response (EDR) across 1 deal

  • $60.0M for Breach & Attack Simulation (BAS) across 1 deal

  • $49.1M for Anti-Bot across 1 deal

  • $36.0M for Digital Footprint Management across 1 deal

  • $33.0M for Security Operations across 2 deals

  • $5.0M for Artificial Intelligence (AI) Governance across 1 deal

  • $3.0M for Passwordless Authentication across 1 deal

  • $1.9M for Secure Networking across 1 deal

  • $600.0K for Deepfake Detection across 1 deal

  • An undisclosed amount for Confidential Computing across 1 deal

🏢 Funding By Company

Product Companies:

Service Companies:

  • Cloud Gateway, a United Kingdom-based secure networking-as-a-service platform, raised a $1.9M Venture Round. (more)

* You might remember from issue 💰 Security, Funded #152 that Sola launched with $28.0M in funding and a stealth description, so I just put in a shrug emoji as a placeholder ¯\_(ツ)_/¯. Thanks for finally showing up to the party.

🌎 Funding By Country

Click to see a larger version

  • $357.8M for the United States across 6 deals

  • $90.0M for Israel across 2 deals

  • $49.1M for Estonia across 1 deal

  • $3.0M for Australia across 1 deal

  • $1.9M for the United Kingdom across 1 deal

  • $600.0K for India across 1 deal

🤝 Mergers & Acquisitions

Click to see a larger version

Product Companies:

  • Currentware Inc., a Canada-based network data loss prevention platform, was acquired by Gulmohar Capital Partners for an undisclosed amount. Currentware Inc. has not publicly disclosed any funding events. (more)

  • Getvisibility, an Ireland-based data security posture management (DSPM) platform, was acquired by Forcepoint for an undisclosed amount. Getvisibility had previously raised $14.9M in funding. (more)

  • Mantra, a France-based security awareness and employee training platform, was acquired by Cyber Guru for an undisclosed amount. Mantra has not publicly disclosed any funding events. (more)

Service Companies:

  • None

📚 Great Reads

  • AI Security Resources - Chris Hughes shares a comprehensive collection of AI security resources, including interviews, frameworks, and publications, aimed at up-skilling in GenAI/LLMs and AI Security over the past two years.

  • * Why CASB is Failing Modern Security Teams - CASBs were designed for a bygone era when most work happened inside the corporate network. Today, the network edge extends to hundreds of SaaS apps used by the workforce and often adopted without IT oversight, requiring a new approach.

  • We’ve Been Fooled. There Is No Talent Shortage. - This podcast episode from the CISO Series posits that the cybersecurity talent shortage is largely artificial, influenced by economic factors rather than the actual scarcity of skilled professionals.

*A message from our sponsor

🧪 Labs

Can’t be too careful these days 😮‍💨 

How was this week's newsletter?

Click your answer below!

Login or Subscribe to participate in polls.

Data Methodology and Sources

  • All of the data is captured point-in-time from publicly available sources.

  • All financial figures are converted to U.S. dollars (USD) when collected.

  • Company country locations are pulled from publicly available sources.

  • Companies are categorized using our system at Return on Security, and we write all the company descriptions.

  • Sometimes, the details about deals, like who led the round, how much money was raised, or the deal stage, might get updated after the issue is first published.

  • Let us know if you spot any errors, and we’ll fix them.

About Return on Security

Return on Security is all about breaking down the cybersecurity industry for you with expert analysis, hard facts, and real-life stories. The goal? To keep security pros, entrepreneurs, and investors ahead in a fast-moving field. Read more about the “Why” here.

Feel free to borrow any data, charts, or advice you find here. Just make sure to give a shoutout to Return on Security when you do.

Thank you for reading. If you liked this analysis, please share it with your friends, colleagues, and anyone interested in the cybersecurity market.

Follow me on LinkedIn to never miss any updates!

Reply

or to participate.