- Return on Security
- Posts
- 💰 Security, Funded #101 - Slumpin' and Pumpin': Q2's Cyber Rollercoaster 🎢
💰 Security, Funded #101 - Slumpin' and Pumpin': Q2's Cyber Rollercoaster 🎢
A review of cybersecurity funding and industry news from the week of July 3rd, 2023.
Mike Privette
July 10, 2023 • Reading Time: 12 minutes
Hey there,
Happy Monday, and I hope you had a great weekend!
🏃♂️ The Rundown
A meta roundup of all the important things affecting cybersecurity and the microenvironment:
🏃♂️ 2023's Q2 Cyber funding slumps
🛞 SEC delays cyber rules enactment
🧨 Blasting the UK’s Online Safety Bill
🤖 AI and Machine Learning Round-Up
📚 Meta’s Threads app is a privacy nightmare
💰 8 firms raised $71.0M in Q2, 10 cyber companies acquired
Onward to this week's issue.
🗣Sponsor
Get compliant in weeks not months
What makes Secureframe different?
Get audit-ready and achieve compliance in weeks, not months, with built-in remediation guidance and 100+ integrations.
Stay compliant with the latest regulations and requirements, including ISO 27001, GDPR, HIPAA, PCI, and other standards.
Automate responses to RFPs and security questionnaires with AI.
Secureframe’s NEW Comply AI can help you remediate failing controls, generate fixes for IaC, or provide tailored guidance for meeting technical compliance requirements.
Thousands of companies already use Secureframe to achieve and maintain continuous security and privacy compliance
🔮 Earnings Reports
A section for notable earnings reports from public cybersecurity companies, be they “pure play” or hybrid companies:
None to report on this week! 🫡
🛞 Industry News Roundup
📅 YTD Funding
A rolling 12-week chart to compare funding each week between 2022 and 2023.
Cybersecurity funding globally reached ~$3.0B in the second quarter, a 43% drop year over year and a 2% increase from the especially low Q1 2023. Deal count continued to slump, down ~44% from Q1 2023 to 145 deals.
Here’s a quarter-over-quarter view of the data comparing 2022:
Q2 seemed to only finish slightly up due to the heavy last week of the quarter when those first big AI-driven cyber investments came sliding in sideways.
💰 Funding Summary
8 companies raised $71.0M across 8 unique product categories
10 companies were acquired or had a merger event across 4 unique product categories
🧩 Funding By Product Category
$45.0M for Governance, Risk, and Compliance (GRC) across 1 deal
$13.8M for Managed Security Services Provider (MSSP) across 1 deal
$6.3M for Anti-Malware across 1 deal
$3.0M for Distributed Ledger Technology (DLT) Security across 1 deal
$2.8M for Data Protection across 1 deal
$75.0K for Operational Technology (OT) Security across 1 deal
An undisclosed amount for Fraud and Financial Crime Protection across 1 deal
An undisclosed amount for Artificial Intelligence (AI) Privacy Assurance across 1 deal
🏢 Funding By Company
Unit21, a United States-based no-code governance, risk, and compliance (GRC) platform, raised a $45.0M Series C from Tiger Global Management. (more)
Cyber Kunlun, a China-based managed security services provider (MSSP), raised a $13.8M Series A from Fortune Venture Capital. (more)
Glasswall, a United Kingdom-based anti-malware platform for files, emails, and collaboration platforms, raised a $6.3M Debt Financing round from HSBC. (more)
OlaVM Technology Ltd., a China-based software framework that allows for secure deployments of zero-knowledge (zk) blockchain applications, raised a $3.0M Seed. (more)
Infisical, a United States-based encrypted secrets management platform, raised a $2.8M Seed from Gradient Ventures. (more)
Cynalytica, a United States-based industrial control systems (ICS) security platform, raised a $75.0K Grant from Virginia Innovation Partnership Corporation. (more)
CUBIG, a South Korea-based platform using synthetic data to protect sensitive data usage in AI applications, raised an undisclosed Seed from NAVER D2 Startup Factory. (more)
Magic - ID Network, a United Kingdom-based identity verification and Know Your Customer (KYC) platform, raised an undisclosed Pre-Seed from SFC Capital. (more)
🌎 Funding By Country
$47.9M for United States across 3 deals 🇺🇸
$16.8M for China across 2 deals 🇨🇳
$6.3M for United Kingdom across 2 deals 🇬🇧
An undisclosed amount for South Korea across 1 deal 🇰🇷
🗣Sponsor
Similar to how we implement strong security measures to stop attackers from escalating privileges and infiltrating our networks, it's crucial to actively combat career stagnation and progress up the ranks of success.
This course is your key to achieving that upward momentum in your cybersecurity career.
🤝 Mergers & Acquisitions
Cirrus IT Solutions, a United States-based managed security services provider (MSSP), was acquired by The 20 MSP for an undisclosed amount. (more)
Epiphany Systems, a United States-based attack surface management (ASM) platform, was acquired by Reveald for an undisclosed amount. (more)
INCIDE, a Spain-based professional services firm focused on digital forensics and incident response (DFIR), was acquired by Computest for an undisclosed amount. (more)
NEVERHACK (previously Pr0ph3cy), a France-based cybersecurity consulting and upskilling firm, was acquired by The Carlyle Group for an undisclosed amount. (more)
OryxLabs, a United Arab Emirates-based external attack surface management (ASM) platform, was acquired by EDGE Group for an undisclosed amount. (more)
Security Management Partners, a United States-based professional services company focused on cybersecurity consulting, was acquired by GraVoc for an undisclosed amount. (more)
ThreeTwoFour, a United Kingdom-based managed security services provider (MSSP), was acquired by Node4 for an undisclosed amount. (more)
Vestigit, a Poland-based platform protecting against video digital piracy, was acquired by Redge Technologies for an undisclosed amount. (more)
Vital Technology Group, a United Kingdom-based managed security services provider (MSSP), was acquired by Air IT for an undisclosed amount. (more)
Wise Security Global, a Spain-based professional services firm focused on penetration testing and ethical hacking, was acquired by Var Group for an undisclosed amount. (more)
📚 Great Reads
Your Network Matters More Than Your Resume - I was on the eXecutive Security podcast with the CEO of ThreatX, Gene Fay, a few months back, where I talked about how the cybersecurity job market has shifted dramatically in the past two years and my thoughts on navigating it.
Meta’s Threads app is a privacy nightmare and won’t launch in the EU - Information provided about the app’s privacy via mandatory disclosures required on iOS shows the app may collect highly sensitive information about users in order to profile their digital activity — including health and financial data, precise location, browsing history, contacts, search history, and other sensitive information.
AI and Machine Learning in Cybersecurity - An overview of current applications of AI/ML to cybersecurity with relevant links and a vision of where things are headed from Clint Gibler.
🧪 Labs
Meanwhile, the majority of InfoSec Twitter / Bluesky / Mastodon this past week
I’ve been awake for 24 hours comparing social media platforms so you don’t have to.
Here’s what I’ve learned:
I have a problem.
— Douglas A. Boneparth (@dougboneparth)
Jul 6, 2023
How was this week's newsletter? |
✅ Let’s Work Together
Whenever you’re ready, I’ve got a few ways I can help support you:
Promote your business to a hard-to-reach audience of cybersecurity and investment professionals by sponsoring this newsletter.
Schedule a 1:1 coaching call on newsletters, monetizing, cybersecurity trends, product strategy, or anything else.
Join the conversation