💰 Security, Funded #188 - When Tariffs Hit the Fan

Hey there,

I hope you had a great weekend, and welcome to The Uncertainty Era.

How will a trade war, tariffs, and a global market selloff affect the cybersecurity industry? That’s the question I was thinking about all weekend after companies on the S&P 500 wiped out $5 trillion in stock market value.

Just because most things we deal with in this industry are based on 1s and 0s doesn’t mean we’re out of the woods. The world is entering a new macro phase, and cyber will soon feel the impact.

Remember how COVID-19 disrupted global supply chains, slowed hiring, jammed up procurement cycles, and prevented companies from forecasting and planning? Remember how any vendor selling hardware-based products saw a slowdown in ordering followed by over-ordering because companies could no longer plan as they used to?

We’re about to be right back there again, but this time, it’s self-inflicted, driven by policy, not a pandemic.

The cyber industry won’t be hit first, but its customers will be, and they are already getting hit hard. Don’t even get me started if this bleeds into the AI chip world! And if there is anything true in life, it’s that investors, businesses, and consumers alike hate uncertainty. Uncertainty at this scale changes forecasting, changes roadmaps, changes investment decisions, and changes headcount planning.

While not a global pandemic, this self-inflicted wound has global knock-on effects. Some of these effects can be reversed with policy, but not without a hangover period. Uncertainty is now ruling the day, and hope is an awful hedge.

🪦 RIP to The Expense Management Era (2023 - 2024). It’s time for The Uncertainty Era (2025 - ???). See the full timeline of cybersecurity market eras. I’ll continue to track this in real time, and reply back and let me know what you’re seeing on your end.

And in perfectly coincidental timing, I’m backing the UK’s first cybersecurity seed stage fund, led by Osney Capital. You can read more about it here.

Uncertainty is defining the macro landscape, but the strategic capital is still flowing.

😎 Vibe Check

Make sure to click on the options below to vote in this week’s poll, whether you’re a practitioner, founder, or investor!

Last issue’s vibe check:
What’s the first sign a security tool won’t deliver value?
🟨⬜️⬜️⬜️⬜️⬜️ ⏳ No early value shown (19)
🟨🟨🟨🟨⬜️⬜️ 🔌 Integration delays or issues (22)
🟩🟩🟩🟩🟩🟩 📝 Team sticks to manual work (30)
🟩🟩🟩🟩🟩🟩 🧍‍♂️ No clear owner after purchase (30)

101 Votes (newsletter + LinkedIn 🆕 )

We’ve got a two-way tie! Last week, I also launched the Vibe Check poll on LinkedIn to get a broader perspective on the commentary, and the results say a lot.

Continuing with manual work and having no clear owner of a security solution after it’s been purchased make a security tool dead on arrival. These aren’t product issues, this is internal friction. The real threat to adoption? The Change Management Final Boss.

Some of the top comments from last week’s vibe check:

Manual Work - “Change management failure is the biggest pitfall of any tool, security or otherwise.”

💰 Market Summary

📸 YoY Snapshot

Funding for Q1 2025 ended on a strong note, rising 32% to $4.1 billion, compared to $3.1 billion in Q1 2024.

M&A activity also finished Q1 2025 strongly, with 65 transactions compared to the 61 transactions in Q1 2024.

It will be interesting to watch how the funding and M&A markets change now that we’re in the Uncertainty Era. Deals are worked out behind the scenes for many months before going live, so based on the rate of deals we’ve seen this year so far, my guess is we’ll see a lot of deals slow down to wait out the turbulence.

_{Partner With Us}

☎️ Earnings Reports

🧩 Funding By Product Category

• $500.0M for Security Operations across 1 deal

• $159.0M for Quantum Security across 2 deals

• $101.1M for Data Protection across 2 deals

• $43.0M for Security Awareness across 1 deal

• $8.2M for Identity and Access Management (IAM) across 1 deal

• $6.5M for Cloud Security across 1 deal

• $3.3M for Content Moderation across 1 deal

• $1.5M for Identity Verification across 1 deal

• $1.5M for AI Model Security across 1 deal

• $786.4K for Operational Technology (OT) Security across 1 deal

• An undisclosed amount for Trust & Safety across 1 deal

• An undisclosed amount for Digital Footprint Management across 2 deals

🏢 Funding By Company

Product Companies:

• ReliaQuest, a United States-based security operations center (SOC)-as-a-Service company, raised a $500.0M Private Equity Round from EQT, FTV Capital, and Kohlberg Kravis Roberts. (more)

• SandboxAQ, a United States-based post-quantum cryptography (PQC) security platform, raised a $150.0M Series E from BNP Paribas, Google, Horizon Kinetics LLC, NVIDIA, and Ray Dalio. (more)

• Cyberhaven, a United States-based data leak detection and response platform, raised a $100.0M Series D from StepStone Group. (more)

• Adaptive Security, a United States-based security awareness training platform for AI-enabled social engineering and deepfake attacks, raised a $43.0M Seed from Andreessen Horowitz and the OpenAI Startup Fund (it’s first cyber investment!). (more)

• QuintessenceLabs, an Australia-based quantum encryption security company, raised a $9.0M Venture Round from National Reconstruction Fund Corporation. (more)

• authID, a United States-based identity and authentication as a service platform, raised an $8.2M post-IPO equity round. (more)

• Prowler, a United States-based open-source cloud security management platform, raised a $6.5M Seed from Decibel Partners. (more)

• Tremau, a France-based AI-powered content moderation and safety platform, raised a $3.3M Seed from Auriga Cyber ​​Ventures and Giesecke+Devrient Ventures. (more)

• Silence Laboratories, a Singapore-based Web3 identity authentication and verification platform leveraging multi-party computing (MPC), raised a $1.5M Venture Round.

• YRIKKA, a United States-based automated AI red teaming platform, raised a $1.5M Pre-Seed from Focal and Garuda Ventures. (more)

• Florbs, a Netherlands-based data protection platform for Google Drive, raised a $1.1M Seed from a group of organized angel investors. (more)

• PlugSecure, a Greece-based operational technology (OT) security platform for electric vehicle chargers, raised a $786.4K Pre-Seed from Apeiron Venture Capital. (more)

• IDX, a United States-based consumer data removal and data breach response platform, raised an undisclosed Private Equity Round and an undisclosed Debt Financing round from Stellus Capital Management. (more)

• Reality Defender, a United States-based AI deepfake media and content detection platform for media networks, raised an undisclosed Venture Round from Fusion Fund, Samsung NEXT, and BNY Mellon. (more)

Service Companies:

• None

🌎 Funding By Country

• $809.2M for the United States across 10 deals

• $9.0M for Australia across 1 deal

• $3.3M for France across 1 deal

• $1.5M for Singapore across 1 deal

• $1.1M for the Netherlands across 1 deal

• =$786.4K for Greece across 1 deal

🤝 Mergers & Acquisitions

Product Companies:

• Altospam, a France-based email security platform, was acquired by Hornetsecurity for an undisclosed amount. Altospam has not publicly disclosed any funding events. (more)

Service Companies:

• modePUSH, a United States-based professional services firm focused on digital forensics and incident response (DFIR), was acquired by MOXFIVE for an undisclosed amount. modePUSH has not publicly disclosed any funding events. (more)

• Prime Infoserv, an India-based professional services firm focused on governance, risk, and compliance (GRC) consulting, was acquired by Indus Net Technologies for an undisclosed amount. Prime Infoserv has not publicly disclosed any funding events. (more)

• SecInfra, a France-based professional services firm focused on incident response and SecOps support, was acquired by Bouygues Telecom for an undisclosed amount. SecInfra has not publicly disclosed any funding events. (more)

📚 Great Reads

🧪 Labs