💰 Security, Funded #112 - Acquire or Aspire: The Cyber Saga Continues! 🛒🌟

Hey there,

Happy Monday, and I hope you had a great weekend. This week, we’ve got:

• 🤔 Vendor loyalty hinges on breach responses

• 🎯 M&A activity is sizzling, and IPOs are playing hard to get

• 💰 $456.9M raised for 10 companies, $28.4B in acquisitions

• 📚 Professional Growth: How to set your career apart and grow

The cybersecurity acquisition market is hitting differently these days.

Huge acquisitions and big moves from big players (details below) are picking up speed as the year goes on. While some are decrying “the cyber consolidation is finally happening,” those of us who have been in the game long enough know that this is just another phase of the normal cycle of market evolution.

Think about the cybersecurity market as an accordion 🪗 that expands and contracts over time at different points, where new players are constantly entering, existing players are getting acquired, merging, or going IPO, and players falling out of the market and going RIP (Rest in (P)Shareholder Value 🙏 🪦). This is just another phase of the market that will get replaced quicker than you think with the next wave of new entrants.

With IPOs playing hard to get and acquisitions hotter than Burning Man, cyber companies are left with a big choice:

Bulk up to make that IPO runway or master the art of being irresistibly acquirable?

Onward to this week's issue.

Last week’s poll:

Vibe Check - MSSPs
If a cybersecurity vendor your company uses has a breach event, do you start looking for a replacement and kick them to the curb?

68% of respondents said “it depends” or “no” when it comes to replacing security vendors who have a security breach. Most of the comments came down to the public perception of how the breach was handled and how the company responded to customers. Honesty is the best policy, folks!

This was the most responded to poll I’ve done yet, so thank you to everyone who took the time!

_{If you want to add commentary to your poll answer, leave an answer when you cast your vote or email me at [email protected].} 

📅 YTD Funding

A rolling 12-week chart to compare funding and acquisitions each week between 2022 and 2023.

Funding continues the year-end ramp-up, with last week being ~42% higher than the 12-week average. And with this last tranche of funding, we’ve pushed north of $10.0B in cybersecurity funding for 2023.

Another huge week for acquisitions, and I’m thinking about the acquisition market like the old adage about groceries and weightlifting: If you can’t carry all of your groceries in one trip, do you even lift?

But consider the alternative as a parallel to the current state of the cybersecurity acquisition market: If you can carry all your groceries in one trip, do you even eat?

If you’re a cyber company doing great with PMF with a healthy clip of increasing ARR and logos, but you’re not getting acquisition offers thrown at you, are you even cybering? 🤔 

💰 Funding Summary

• 10 companies raised $456.9M across 9 unique product categories

• 6 companies were acquired or had a merger event for $28.4B across 5 unique product categories

🧩 Funding By Product Category

• $238.0M for Secure Access Service Edge (SASE) across 1 deal

• $76.2M for Operational Technology (OT) Security across 2 deals

• $50.0M for Machine Learning (ML) Security across 1 deal

• $40.0M for Software Supply Chain Security across 1 deal

• $21.0M for Data Protection across 1 deal

• $10.7M for Cyber Insurance across 1 deal

• $10.0M for Secure Collaboration and Messaging across 1 deal

• $8.0M for Cloud Security across 1 deal

• $3.0Mfor Cybersecurity Mesh Architecture (CSMA) across 1 deal

🏢 Funding By Company

• Cato Networks, an Israel-based secure access service edge (SASE) platform, raised a $238.0M Venture Round from Lightspeed Venture Partners. (more)

• Dragos, a United States-based operational technology (OT) and industrial controls systems (ICS) security platform, raised a $74.0M Series D from WestCap. (more)

• HiddenLayer, a United States-based platform protecting against adversarial machine learning (AML) attacks, raised a $50.0M Series A from M12 - Microsoft's Venture Fund. (more)

• Legit Security, a United States-based software supply chain security platform, raised a $40.0M Series B from CRV. (more)

• Alcion, a United States-based backup-as-a-service and data protection platform for Microsoft 365 deployments, raised a $21.0M Series A from Veeam. (more)

• Stoïk, a France-based cyber risk insurance company, raised a $10.7M Venture Round from Munich Re Ventures. (more)

• Rocket.Chat, a United States-based secure collaboration and messaging platform, raised a $10.0M Series A from Valor Capital Group, Alexia Ventures, and Endeavor Catalyst. (more)

• Rencore, a Germany-based cloud governance and compliance platform for the Microsoft stack, raised a $8.0M Venture Round from UVC Partners. (more)

• Discern Security, a United States-based cybersecurity mesh architecture (CSMA) platform, raised a $3.0M Seed from BoldCap, WestWave Capital, and Cyber Mentor Fund. (more)

• Salvador Technologies, an Israel-based operational technology (OT) security platform focused on resiliency and recovery, raised a $2.2M Grant from BIRD Foundation. (more)

🌎 Funding By Country

• $240.2M for Israel across 2 deals

• $198.0M for United States across 6 deals

• $10.7M for France across 1 deal

• $8.0M for Germany across 1 deal

🤝 Mergers & Acquisitions

• Splunk, a United States-based data analytics and log event management platform, was acquired by Cisco for $28.0B. 🤯 (more)

• Bionic, a United States-based attack surface management (ASM) platform, was acquired by CrowdStrike for $350.0M. (more)

• 10-D Security, a United States-based professional services firm focused on risk management and security auditing, was acquired by Neovera for an undisclosed amount. (more)

• AppliedCS, a United States-based professional services firm focused on risk management and security auditing, was acquired by Neovera for an undisclosed amount. (more)

• CyGlass, a United States-based network detection and response (NDR) platform, was acquired by WatchGuard for an undisclosed amount. (more)

• GlassWire, a United States-based network traffic analysis (NTA) platform, was acquired by Domotz for an undisclosed amount. (more)

📚 Great Reads

• Finding Your Moat - Matt Jay shares advice on how you can build a personal moat and set yourself apart by hacking your career. This has long been an approach to career and self-development that I've taken as well, and I highly recommend it.

• *Cyber Venture Forum - Join Blu Ventures on October 19 for a day of networking and thought leadership with 400+ startups, investors, and others from the Cybersecurity, DeepTech, GovCon, and broader innovation community. Use code SECURITYFUNDED for a 20% ticket discount!

• How to become a better security engineer - Frank Wang shares his take on how to get into a security engineering mindset and a list of resources that will give you fundamental skills and understanding to get better in your field.

• The Compounding Power of Ideas - How small efforts in writing can propel your career forward. Explore the concept of compound interest applied to writing and discover how small, consistent efforts can lead to significant growth in your career and personal life.

  _{*Sponsored content and/or affiliate link.}

🧪 Labs

What would you do if you could be truly free?