• Return on Security
  • Posts
  • 💰 Security, Funded #78 - Inside Baseball, More Corporate Venture Capital, and Cybersecurity Workers are Still in Demand

💰 Security, Funded #78 - Inside Baseball, More Corporate Venture Capital, and Cybersecurity Workers are Still in Demand

Hey there,

I hope you had a great weekend!

In this week's issue:

  • Inside Baseball

  • More corporate venture capital

  • Cybersecurity workers are still in demand

Microsoft’s security business is running at $20.0B (😳) a year business, Tenable launched a venture capital arm, demand for cybersecurity workers remains strong, and I got the chance to speak candidly to investors and cybersecurity startup founders last week.

Some of the topics at the event that was on the minds of investors and founders alike:

  • What is the current state of cybersecurity buying at companies today?

  • Should founders be trying to sell directly to the CISO?

  • How are the cloud service providers (CSPs) perceived when it comes to security offerings?

  • How is cyber insurance evolving?

  • How important are Gartner reports and how much weight do they carry with buyers?

  • What are the latest problems and trends worth keeping an eye on (from both a product and investment standpoint)?

And a lot of other off-the-cuff topics. It was a great event with a lot of inside baseball shared all around. Hearing all the dialogue let me know that both sides of the market, investors and founders, and trying even harder to innovate and stand out from the competition in this challenging environment.

Thanks to Blu Ventures and Link Ventures for the invite!

Onward to this week's issue.


Lacework: Security for DevOps, Container, and CloudLacework is data-driven cloud securityOur platform, powered by Polygraph®, automates cloud security at scale so our customers can innovate with speed and safety across AWS, Azure, GCP, and Kubernetes environmentsSchedule a meeting to start your cloud security journey today!

📊 Industry News

  • Cyber Security Sector to Reach $657.02 Billion by 2030 (more)

  • Despite slowing economy, demand for cybersecurity workers remains strong (more)

  • APAC's Cybersecurity M&As Dropped Last Year (more)

💰 Funding Summary

  • 17 companies raised $263.2M across 13 unique product categories

  • 5 companies were acquired or had a merger event across 5 unique product categories for $32.8M

🧩 Funding By Product Category

  • $60.0M for Data Protection

  • $55.0M for Digital Forensics and Incident Response (DFIR)

  • $50.0M for Secure Networking

  • $32.6M for Risk Quantification

  • $26.0M for Identity and Access Management (IAM)

  • $25.0M for Application Security

  • $9.8M for Fraud and Financial Crime Protection

  • $3.3M for Managed Security Services Provider (MSSP)

  • $1.5M for Professional Services

  • An undisclosed amount for Threat Detection and Response (TDR)

  • An undisclosed amount for Software Supply Chain Security

  • An undisclosed amount for Identity Governance

  • An undisclosed amount for Breach & Attack Simulation (BAS)

🏢 Funding By Company

🌎 Funding By Country

  • $221.4M for United States 🇺🇸

  • $32.6M for France 🇫🇷

  • $4.4M for Estonia 🇪🇪

  • $4.0M for India 🇮🇳

  • $533.3K for Australia 🇦🇺

  • $271.9K for Ireland 🇮🇪

  • An undisclosed amount for The Netherlands 🇳🇱

  • An undisclosed amount for Israel 🇮🇱

🤝 Mergers & Acquisitions

  • Dragonfly, a United Kingdom-based threat intelligence platform, was acquired by FiscalNote for $32.8M.

  • Beryllium, a United States-based professional services firm focused on securing the defense sector, was acquired by Bema Capital Investments for an undisclosed amount

  • GuardSight, a United States-based managed security services provider (MSSP), was acquired by Iron Bow for an undisclosed amount. (more)

  • OGiTiX, a Germany-based identity and access management (IAM) platform, was acquired by CDI Global for an undisclosed amount.

  • SUPERAntiSpyware, a United States-based anti-spyware and anti-malware application, was acquired by RealDefense for an undisclosed amount.

📚 Great Reads

  • Three Venture Opportunities Stand Out In Cybersecurity For Web3 - So long as Web3 assets with enough political, social, and economic meaning exist, cybersecurity attacks and scams will persist.

  • Awesome Security GRC - A Github repo from Ayoub Fandi for security Governance, Risk, and Compliance (GRC) resources, definitions, tasks, and concepts. This a helpful repo if you work in or around the GRC field in cybersecurity.

  • Cybersecurity interview with ChatGPT - In part one of CyberWire’s Interview with the AI, Brandon Karpf interviews ChatGPT about topics related to cybersecurity. Rick Howard joins Brandon to analyze the conversation and discuss potential use cases for the cybersecurity community.


DuckDB & Privacy Dynamics: More Power, More Productivity, Less PIIIt’s possible to enforce data governance without starting a riotThe temptation for analysts to store data locally has been around for decades, and it is only getting stronger as new tools like DuckDB gain popularity. Remote work, expanding data privacy regulations, and ever present security threats make data governance an important part of every organization.Enforce data governance that won’t slow down your analysts and engineers with de-identified data snapshots. Privacy Dynamics provides on-demand access to Prod quality data, while minimizing security and compliance risks faced by the organization.Read the Article

🧪 Labs

 2FA: something you forgot and something you lost— Aaron Boyd (@Federal_IT) January 28, 2023 

🤔 Have questions, comments, or feedback? I'd love to hear from you!

🤝 Interesting in a sponsor partnership with Security, Funded? Learn more here.

🐝 If you run a newsletter, I can't recommend Beehiiv enough.


or to participate.