💰Security, Funded #65 - CISO spending priorities, Thoma Bravo can't be stopped, Q3 took a hit

The Security, Funded newsletter issue #65 - Global cybersecurity funding and M&A news from the week of October 10th, 2022.

Mike P
Mike P

Table of Contents

Hey there,

I hope you had a great weekend!

In this week's issue:

  • Spending priorities
  • Thoma Bravo cannot be stopped
  • Funding continued to drop in Q3 2022

Thoma Bravo’s bloodlust seemingly knows no bounds. Last week the identity and access management (IAM) company, ForgeRock, was the latest target (see below) for Thoma Bravo who is on a streak of IAM acquisitions.  Thoma Bravo has already acquired SailPoint in April 2022 and Ping Identity in August 2022.

Thoma Bravo has found a great wedge to make a big bet on - the battle of who controls identity in the enterprise.

With Thoma Bravo locking in on the IAM space by acquiring competitors who capabilities compliment and overlap each others, they will have secured themselves a large return on security investment (see what I did there?).

From a CISO's point of view, IAM capabilities make up a huge percentage (> 50%+) of the annual security budget for most enterprise security programs. Compliance frameworks, regulators, and auditors all care about access as a core component of reducing risk and it's a place that most organizations struggle with when it comes to tech debt. As a result, IAM gets a lot of attention. And cash.

Expect to see an increase in new identity-based governance and threat detection platforms in 2023 to attempt to solve old problems in novel ways.

Cybersecurity funding continued its downward trend in Q3 2022. Both overall volume of transactions and total amount of money raised took a hit.

Source: from a live dashboard I made

What is interesting, however, is that while the total funding volume is down, the average funding round check size is still on par with 2021 to the tune of $29.1M in 2022 compared to $29.8M in 2021.

Q4 2021 saw a rebound in transaction volume and money, and based on how October has started, this trend appears to be happening again in 2022.

Onward to this week's issue.

I'm now opening newsletter sponsorships for the first half of 2023!

If you would like to get your company in front of some of the most influential eyes in the cybersecurity and investing industries, reach out to learn more.


Avoiding Career Lateral Movement

In less than one episode of Ozarks, hear my own career advancement story and get the actionable steps, checklists, and action prompts I've used to advance my own career.

I’ve done a lot of guessing, checking, and iterating (i.e., changed jobs a ton) and I’ll share what has worked and continues to work for me.

Let's get this bread together, family. 🥖

📊 Industry News

  • Aviation and Defense Cyber Security Global Market To Grow At Rate Of 12% Through 2026 (more)
  • Biden signs executive order on US-EU data transfer privacy (more)
  • What the DDoS Attack on LAX Could Mean for US Cybersecurity (more)

💰 Funding Summary

  • 18 companies raised $512.7M across 15 unique product categories
  • 6 companies were acquired or had a merger event across 5 unique product categories for $6.9B

🧩 Funding by Product Category

  • $100.0M for Remote Browser Isolation
  • $75.0M for Threat Detection and Response (TDR)
  • $66.0M for Cybersecurity Education & Training
  • $52.7M for Threat Intelligence
  • $45.0M for Data Privacy
  • $42.6M for Extended Detection and Response (XDR)
  • $40.0M for Continuous Compliance
  • $25.2M for Identity and Access Management (IAM)
  • $25.0M for Software Supply Chain Security
  • $21.0M for Internet of Things (IoT) Security
  • $20.0M for Professional Services
  • $180.0K for Managed Services Provider (MSP)
  • An undisclosed amount for Threat & Vulnerability Management (TVM)
  • An undisclosed amount for Secure Remote Access
  • An undisclosed amount for Data Protection

🏢 Funding By Company

🤝 Mergers & Acquisitions

🔐 Secure The Job

If you're looking for new opportunities (actively or passively), I've got two ways to help:

Are you hiring? Post a role and request access to start meeting world class candidates open to new opportunities. Learn more or request access here.

📚 Great Reads

  • Cyber Security Career Pathways - Common career pathways within the security industry to contextualize where Cloud Security fits into the big picture.
  • Secure your machine learning with Semgrep - To strengthen the ML ecosystem, Semgrep analyzed the source code of many ML libraries and identified some common problematic patterns.
  • Securing the U.S. Electricity Grid from Cyberattacks - Reliable electricity is essential to the conveniences of modern life and vital to our nation’s economy and security. But the electricity grid is an attractive target for cyberattacks from U.S. adversaries—such as nations like China and Russia, as well as individual bad actors, such as insiders and criminals.

You can see the full list of curated posts across all issues here, and you can submit an article, post, tweet, or video here and it can show up in the newsletter!

🧪 Labs

👋 Thanks

Have questions, comments, or feedback about this issue? I'd love to hear from you. Reach out on Twitter or reply directly to the newsletter version of this issue.

Thanks for reading and see you again next time!

Whenever you're ready, there are a few ways I can help you:

  • Work 1:1 with me to evaluate a company or product category here. 🤝
  • Sponsor the newsletter decision maker eyeballs on your brand here. ✉️


Mike P