- Return on Security
- 💰 Security, Funded #82 - Selling SASE, Funding About Face, and Emails About Security Vendors
💰 Security, Funded #82 - Selling SASE, Funding About Face, and Emails About Security Vendors
I hope you had a great weekend!
In this week's issue:
Funding About Face
Emails About Security Vendors
JPMorgan will restrict employees from using ChatGPT (good luck with that), China doesn’t want any tech with ChatGPT in their country (they will have better luck), January inflation in the US rose more than expected, Dish Network is down so bad with their latest breach that employees might not get paid, earnings report from Palo Alto, emailing email security vendors about security vendors, and the US Supreme Court declined to hear a case about NSA mass surveillance programs.
Last week was a week that many folks have been waiting for with Palo Alto announces its earnings report. Palo Alto is arguably the heavyweight champ in the public cybersecurity company world, and it carries a lot of momentum for investing in this space.
Palo Alto Networks (PANW) - beat its revenue earnings estimate with strong demand for SASE products citing a single $40.0M SASE deal in the last quarter alone, and over $1.0B in SASE deals over the last six quarters. Increased customer demands for zero-trust architectures also propelled growth, as well as PANW’s ability to consolidate vendors and offer a lower total cost of ownership (TCO).
The current macro themes in the cybersecurity industry I’ve called out over the past few issues continue to be reinforced through these earnings calls.
Cost saving and simplification reign supreme for customers.
That may even mean that customers are willing to spend more now to save more later if it helps them simplify their stack and the operational burden of running the program.
What is not being said, is that while spending for cybersecurity tools and platforms seems to be only marginally affected by the macroeconomic headwinds, there is so much more to running cybersecurity programs than just buying tools. 😱
That’s a shocker I know (somewhere right now VCs and founders alike are shedding small tears 🥲), but there are more actual costs and opportunity costs to contend with when running a security program aside from tool spend. That’s why these earnings reports need to be looked at through an operational filter to give them a fair shake and why I feel it’s important to share.
In other news, last week I learned that apparently, a few email security vendors have been regularly blocking my emails… about security vendors. 🤦🏽♂️
I’m looking at you Check Point, Proofpoint, and Barracuda.
There are probably others I don’t know about yet. My current hunch is that it may have something to do with the sheer number of links I have per issue. If you talk to your email security admin today, tell them to help ya boy out and smash that allowlist button for my domain. 🆗
If anyone knows someone who can put me in touch with some product or support folks to troubleshoot at these companies, I would greatly appreciate it! 🙏🏽
Onward to this week's issue.
Lacework is data-driven cloud security
Our platform, powered by Polygraph®, automates cloud security at scale so our customers can innovate with speed and safety across AWS, Azure, GCP, and Kubernetes environmentsSchedule a meeting to start your cloud security journey today!
Industry News Roundup
📅 YTD Funding 🆕
In this section, I'll be showing a running total and evolving series of charts for the year-to-date (YTD) funding and by the week or month of the year.
Funding took an about-face this week and came in significantly lower than last week. My guess is that this is just an off week on timing and nothing more. I expect to see some big numbers popping up soon.
💰 Weekly Funding Summary
17 companies raised $101.2M across 14 unique product categories
2 companies were acquired or had a merger event across 2 unique product categories
🧩 Funding By Product Category
$27.2M for Distributed Ledger Technology (DLT) Security
$20.0M for Data Security Posture Management (DSPM)
$15.4M for Managed Security Services Provider (MSSP)
$15.0M for Identity Governance & Administration (IGA)
$9.8M for Email Security
$7.5M for Continuous Compliance
$3.8M for Hardware Security
$2.2M for Internet Security
$200.0K for Cybersecurity Education & Training
$75.0K for Software Supply Chain Security
$34.2K for Data Privacy
$10.0K for Blockchain Security
An undisclosed amount for Identity and Access Management (IAM)
An undisclosed amount for Artificial Intelligence (AI) Security
🏢 Funding By Company
Radical Semiconductor, a United States-based hardware security platform for credit card chips, raised a $3.8M Venture Round.
🌎 Funding By Country
$48.9M for United States 🇺🇸
$37.5M for United Kingdom 🇬🇧
$7.5M for India 🇮🇳
$7.2M for Japan 🇯🇵
$68.3K for Australia 🇦🇺
An undisclosed amount for The Netherlands 🇳🇱
An undisclosed amount for France 🇫🇷
An undisclosed amount for Canada 🇨🇦
🤝 Mergers & Acquisitions
📚 Great Reads
Forthcoming SEC rules to change how corporate boards treat cybersecurity - The SEC’s proposal would require public companies to openly report serious cyberattacks, as well as explain who on their boards is responsible.
NIST Artificial Intelligence Risk Management Framework (PDF) - I’ve been saying for a while now, especially with the recent introduction of generally available Large Language Models (LLMs) and AI prompts, that AI and cybersecurity are on a collision course more than ever now. Apparently, NIST and others agree. Here is a resource to help organizations manage the many risks of AI and promote trustworthy and responsible development and use of AI systems.
Cybercriminals Bypass ChatGPT Restrictions to Generate Malicious Content - Cybercriminals are working their way around ChatGPT’s restrictions and there is an active chatter in the underground forums disclosing how to use OpenAI API to bypass ChatGPT´s barriers and limitations.
🐝 Cross Pollinate
Discover something 🆕 this week.
This newsletter combines current events, philosophy, technology, and security tools all into one from one of the OGs of the security industry (and a friend and mentor!)
Unsupervised Learning from Daniel Miessler - a newsletter finding the patterns in security, tech, and society in 10 minutes or less each week.
Cybersecurity professionals spend so much of their time defending, but not always enough time advancing their own careers. This short, 55-minute video course and field guide changes that.
You hate to see it 😭
🤔 Have questions, comments, or feedback? I'd love to hear from you!
🤝 Interesting in a sponsor partnership with Security, Funded? Learn more here.
🐝 If you run a newsletter, I can't recommend Beehiiv enough.