💰 Security, Funded #88 - NCC Group, Q1 2023 Trends, and Boots With The Fur
The Business Of Global Cybersecurity Funding And M&A News From The Week Of April 3rd, 2023.
Happy Tuesday (was a holiday in the US on Monday for many), and I hope you had a great weekend!
In this week's issue:
Q1 2023 Trends
Boots With The Fur
US payroll growth slowed in March, the global banking system is still reeling from the recent banking collapse and the response from the FDIC, NCC Group’s stock got clapped, and global VC funding is down 50% YoY.
If you’re reading this and don’t follow me on LinkedIn or Twitter (c’mon dawg, smash that follow or connect button), then you may have missed my take on the recent hit that NCC Group (NCC) took to their stock after cutting their forward-looking revenue for the year. Here’s a thread I wrote:
❓I had an interesting question from one of the Security, Funded subscribers about my thoughts on the news of the NCC Group earnings update and their recent stock hit.
Here's a quick thread on my thoughts 🧵
— Mike Privette (@mikepsecuritee)
Apr 3, 2023
Onward to this week's issue.
🚨Newsletter sponsorships are open for the second half of 2023!
If you want to have your brand amplified to thousands of cybersecurity industry insiders and decision-makers, reach out and let me know! Last year when I opened this up to the public, I sold out the first half of 2023 in 4 weeks, so act fast if you want in! 🤝 See more information about sponsorship options here.
Using anonymized data for development and testing environments has become standard practice. Unfortunately, much of that data can still be identified using linkage attacks.
Research shows 87% of Americans can be uniquely identified using only their zip code, gender, and date of birth. As applications continue collecting detailed personal information from consumers, re-identification becomes even more likely.
With simulated attacks, Privacy Dynamics helps CISOs quickly and easily monitor re-identification risk across their organization.
Industry News Roundup
📅 YTD Funding
A rolling 12-week chart to compare funding each week between 2022 and 2023.
For one of the first times in 2023, we’re seeing funding and volume of transactions on par for the same time last year. With RSA Conference coming up, I expect 2023 funding to be trending upwards for at least the next month.
Q1 2023 Recap
By the Numbers
2022 - $8.1B across 251 funding transactions
2023 - $2.9B across 145 funding transactions
Let’s take a closer look at Q1 2023 trends in the cybersecurity industry.
📉 Macro Data
Macroeconomic data showed weaker performance across industries in Q1 2023, with the cybersecurity sector feeling the impact as well.
Let's break down the trends & their implications for the industry:
🛡️ Partially Recession-Proof
Until H2 2022, cybersecurity was considered recession-resistant. Data from H2 2022 - Q1 2023 revealed that not all product categories or company sizes in cybersecurity were equally resilient. Endpoint Detection and Response (EDR) & Identity and Access Management (IAM) proved more robust.
🎙️ Earnings Calls Insights
Q1 2023 earnings calls highlighted a focus on upmarket customers, cost-saving initiatives & sensitivity to macroeconomic challenges. Mid-market struggles are expected to continue, making it harder to sell to under-resourced segments.
🔧 Adapting to Customer Demands
Companies leaned into customer demands for cost savings & product consolidation, driving growth & further inroads into large companies. Vendors are now solving broader financial problems, not just selling software. This trend is likely to continue into 2024.
💰 Spending Trends & Winning Strategies
Spending on cybersecurity tools & platforms was only slightly impacted by macroeconomic headwinds, as customers emphasized cost-saving and simplification. Companies that lower the total cost of ownership (TCO), save money, simplify the stack, & provide a clear path to ROI will win.
🏟️ Cyber Superbowl Season
With the RSA Conference, one of the world's largest cybersecurity events, kicking off later this month, we can expect to see lots of new innovations (or marketing attempts at innovation) to grab fewer customer dollars. The level of hype, and potentially FUD, will be at an all-time high during conference season.
💰 Funding Summary
16 companies raised $336.4M across 11 unique product categories
4 companies were acquired or had a merger event across 3 unique product categories
🧩 Funding By Product Category
$183.3M for Fraud and Financial Crime Protection across 2 deals
$100.0M for Endpoint Detection and Response (EDR) across 1 deal
$26.5M for Identity and Access Management (IAM) across 3 deals
$15.0M for SaaS Security across 1 deal
$8.5M for Software Supply Chain Security across 2 deals
$1.6M for Transportation Security across 1 deal
$1.0M for Data Protection across 2 deals
$500.0K for API Security across 1 deal
An undisclosed amount for Risk Management across 1 deal
An undisclosed amount for Remote Browser Isolation across 1 deal
An undisclosed amount for Cybersecurity Education & Training across 1 deal
🏢 Funding By Company
🌎 Funding By Country
$144.0M for United Kingdom across 2 deals 🇬🇧
$128.0M for United States across 9 deals 🇺🇸
$54.3M for Netherlands across 1 deal 🇳🇱
$8.0M for Canada across 1 deal 🇨🇦
$500.0K for France across 1 deal 🇫🇷
An undisclosed amount for Germany across 1 deal 🇩🇪
🤝 Mergers & Acquisitions
📚 Great Reads
Core Views on AI Safety - It may be tricky to build safe, reliable, and steerable systems when those systems are starting to become as intelligent and as aware of their surroundings as their designers.
Embracing Quantum Security: Defense in Depth Strategies for a Post-Quantum World - A post NOT about generative AI advancements 😱 - Explore quantum security strategies and in-depth defense approaches for a post-quantum world.
Responsible Cyber Power in Practice - Details on how the UK’s National Cyber Force (NCF) delivers cyber operations daily to protect the UK and its allies from harm.
Communication strategy, coaching, and training for security teams
Whether you’re forging relationships with the board, managing organizational changes, responding to an incident, or marketing your team to potential candidates through conference talks and blog posts, it all takes an effective communication strategy – and execution – to make an impact. Our team has 15 years of experience leading communication programs specifically tailored to the technical and stressful demands facing security organizations. Trusted by security teams at Twilio, Yahoo, and Trail of Bits.
Not gonna lie, this remix slaps
I - Integrity
A - Apple bottom jeans, boots with the fur
— Sherrod DeGrippo 📬 (@sherrod_im)
Apr 4, 2023
🤔 Have questions, comments, or feedback? I'd love to hear from you!
🔥 Security, Funded is brought to you by Return on Security.
🤝 Want to partner with Security, Funded? Learn more here.
🐝 If you run a newsletter, I can't recommend Beehiiv enough.