• Return on Security
  • Posts
  • 💰 Security, Funded #71 - Good Luck, Major Thanks, and Threat Modeling IRL

💰 Security, Funded #71 - Good Luck, Major Thanks, and Threat Modeling IRL

You already know we are getting this bread as a family 🥖

Hey there,

I hope you had a great weekend and hope that everyone who celebrated Thanksgiving enjoyed lots of great food, company, and some time off! 🦃

In this week's issue:

  • Good Luck

  • Major Thanks

  • Threat Modeling IRL

Keeping it light on the intro this week since it was a quieter week on the investment front due to the Thanksgiving holiday in the US.

AWS re:Invent is coming this week and like always, expect to see a flurry of compute, storage, and security services and partnerships introduced. It will be interesting to see where AWS takes aim at security startups, as security has been an ever increasing focal point in growth and revenue for AWS.

The major cloud players like AWS and Azure have been increasing their own rates of spending, innovation, and acquisitions in the security space to gobble up new security capabilities over the last 2-3 years. The cloud heavyweights have moved from "good enough" in the security world to serious contenders. 💥🥊

With cybersecurity buyers facing budget strong headwinds going into Q1 2023, look for companies consolidate security spending into cloud spending where they can.

For all the tech startups out there this week:

I also hit a new milestone of over 1,000 subscribers last week and I couldn't be more excited! A HUGE thank you to everyone who has subscribed, shared the newsletter, or given me feedback and encouragement along the way! This wouldn't have been possible without you! 🖤

I put together a thread on Twitter about some of the less obvious lessons I learned about growth along the way here:

 🎉 Security, Funded has finally crossed 1,000 subscribers!

This has been a long term milestone for me and here are a few tips I learned along the way about growing a newsletter and running a content business.— Mike Privette (@mikepsecuritee) November 23, 2022 

Onward to this week's issue.

🗣️ Sponsor

Live Q&A: Threats of 2023Join us for ThreatX’s End of Year Live Q&A, talking with Mike Privette, CISO @ Passport Inc, about his predictions for threats in 2023CISO Mike Privette, author of the Return on Security newsletter, is joining ThreatX experts for a 30-minute Live Q&A on December 8th at 10 am PT / 1 pm ET.Save your questions as Mike will be interacting with our live audience to discuss topics related to:* Lessons learned from the threats of 2022* Economic threats in 2023* Attack patterns of 2023Register now to save your spot

📊 Industry News

  • Ransomware incidents now make up majority of British government’s crisis management (more)

  • US Department of Defense releases zero trust strategy and roadmap (more)

  • U.S. and U.K. bans the sale and import of some tech from Chinese companies Huawei and ZTE (more)

💰 Funding Summary

  • 2 companies raised $139.3M across 2 unique productcategories

  • 3 companies were acquired or had a merger event across 3 unique product categories

🧩 Funding by Product Category

  • $135.1M for Managed Security Services Provider (MSSP)

  • $4.2M for Threat & Vulnerability Management (TVM)

🏢 Funding By Company

🌎 Funding By Country

  • $135.1M for Germany 🇩🇪

  • $4.2M for Sweden 🇸🇪

🤝 Mergers & Acquisitions

🔐 Secure The Job


Browse the jobs I curate each week and apply for what matches your interests.

Post a role and request access to start meeting world class candidates open to new opportunities. Learn more or request access here.

📚 Great Reads

  • Legal Risk and Liabilities: A CISOs Guide - A handbook on what CISOs need to know before a chat with the General Counsel (direct PDF download).

  • The Cyber Defense Index - A benchmark of the digital security preparedness of enterprises across the threat landscapes of the world’s top economies from MIT and Code42 (direct PDF download).

  • CISA expanding cybersecurity education program nationwide - The U.S. Cybersecurity and Infrastructure Security Agency (CISA) Director Jen Easterly said the agency is planning to expand a K-12 cybersecurity education program nationwide after the initiative’s success in the state of Louisiana.

🗣️ Sponsor

Talking Heads Interview SeriesAs a cybersecurity start up, we spend a lot of time talking to cybersecurity leaders in many organisations, looking to hear their thoughts on the product we need to build, and understand the risks and pressures they are facing every day. We’re fortunate to get to spend time with some very clever people, and felt their wisdom needs sharing!So, we’re launching “Talking Heads”; a series of structured interview with CISOs (and other roles that interact with CISO’s aimed at sharing best practice and insider knowledge on how to be a great CISO.Learn more

🧪 Labs

Real life threat modeling just hits different

 threat actor = someone who wants to punch you in the face

threat = the punch being thrown

vulnerability = your inability to defend against the punch

risk = the likelihood of getting punched in the face— cje 🌻 (@caseyjohnellis) April 19, 2021 

👋 Thanks

Have questions, comments, or feedback about this issue? I'd love to hear from you. Reach out on Twitter or reply directly to the newsletter version of this issue.

Thanks for reading and see you again next time!


Mike P

Join the conversation

or to participate.