Table of Contents
I hope you had a great weekend and hope that everyone who celebrated Thanksgiving enjoyed lots of great food, company, and some time off! 🦃
In this week's issue:
- Good Luck
- Major Thanks
- Threat Modeling IRL
Keeping it light on the intro this week since it was a quieter week on the investment front due to the Thanksgiving holiday in the US.
AWS re:Invent is coming this week and like always, expect to see a flurry of compute, storage, and security services and partnerships introduced. It will be interesting to see where AWS takes aim at security startups, as security has been an ever increasing focal point in growth and revenue for AWS.
The major cloud players like AWS and Azure have been increasing their own rates of spending, innovation, and acquisitions in the security space to gobble up new security capabilities over the last 2-3 years. The cloud heavyweights have moved from "good enough" in the security world to serious contenders. 💥🥊
With cybersecurity buyers facing budget strong headwinds going into Q1 2023, look for companies consolidate security spending into cloud spending where they can.
For all the tech startups out there this week:
I also hit a new milestone of over 1,000 subscribers last week and I couldn't be more excited! A HUGE thank you to everyone who has subscribed, shared the newsletter, or given me feedback and encouragement along the way! This wouldn't have been possible without you! 🖤
I put together a thread on Twitter about some of the less obvious lessons I learned about growth along the way here:
Onward to this week's issue.
Join us for ThreatX’s End of Year Live Q&A, talking with Mike Privette, CISO @ Passport Inc, about his predictions for threats in 2023
CISO Mike Privette, author of the Return on Security newsletter, is joining ThreatX experts for a 30-minute Live Q&A on December 8th at 10 am PT / 1 pm ET.
Save your questions as Mike will be interacting with our live audience to discuss topics related to:
* Lessons learned from the threats of 2022
* Economic threats in 2023
* Attack patterns of 2023
Register now to save your spot
📊 Industry News
- Ransomware incidents now make up majority of British government’s crisis management (more)
- US Department of Defense releases zero trust strategy and roadmap (more)
- U.S. and U.K. bans the sale and import of some tech from Chinese companies Huawei and ZTE (more)
💰 Funding Summary
- 2 companies raised $139.3M across 2 unique product categories
- 3 companies were acquired or had a merger event across 3 unique product categories
🧩 Funding by Product Category
- $135.1M for Managed Security Services Provider (MSSP)
- $4.2M for Threat & Vulnerability Management (TVM)
🏢 Funding By Company
- Giesecke+Devrient, a Germany-based managed security services provider (MSSP), raised a $135.0M Debt Financing round. (more)
- Holm Security, a Sweden-based threat and vulnerability management (TVM) platform, raised a $4.2M Seed from Subvenio Invest. (more)
🌎 Funding By Country
- $135.1M for Germany 🇩🇪
- $4.2M for Sweden 🇸🇪
🤝 Mergers & Acquisitions
- Aspen HSC, a United States-based professional cybersecurity services to the healthcare industry, was acquired by General Informatics for an undisclosed amount. (more)
- Benu Networks, a United States-based managed services provider (MSP) for networking and edge computing, was acquired by Ciena for an undisclosed amount. (more)
- Cycurion, a United States-based managed security services provider (MSSP), went public via SPAC with Western Acquisition Ventures Corp. (more)
🔐 Secure The Job
Browse the jobs I curate each week and apply for what matches your interests.
Post a role and request access to start meeting world class candidates open to new opportunities. Learn more or request access here.
📚 Great Reads
- Legal Risk and Liabilities: A CISOs Guide - A handbook on what CISOs need to know before a chat with the General Counsel (direct PDF download).
- The Cyber Defense Index - A benchmark of the digital security preparedness of enterprises across the threat landscapes of the world’s top economies from MIT and Code42 (direct PDF download).
- CISA expanding cybersecurity education program nationwide - The U.S. Cybersecurity and Infrastructure Security Agency (CISA) Director Jen Easterly said the agency is planning to expand a K-12 cybersecurity education program nationwide after the initiative’s success in the state of Louisiana.
As a cybersecurity start up, we spend a lot of time talking to cybersecurity leaders in many organisations, looking to hear their thoughts on the product we need to build, and understand the risks and pressures they are facing every day. We’re fortunate to get to spend time with some very clever people, and felt their wisdom needs sharing!
So, we’re launching “Talking Heads”; a series of structured interview with CISOs (and other roles that interact with CISO’s aimed at sharing best practice and insider knowledge on how to be a great CISO.
Real life threat modeling just hits different
Have questions, comments, or feedback about this issue? I'd love to hear from you. Reach out on Twitter or reply directly to the newsletter version of this issue.
Thanks for reading and see you again next time!