- Return on Security
- Posts
- 💰 Security, Funded #69 - InfoSec Black Friday, Twitter Out of the Frying Pan, and the Wild Wild West Web3 World™️
💰 Security, Funded #69 - InfoSec Black Friday, Twitter Out of the Frying Pan, and the Wild Wild West Web3 World™️
Let's get this bread
Hey there,
I hope you had a great weekend!
In this week's issue:
InfoSec Black Friday
Twitter out of the frying pan
Wild Wild West Web3 World™️
The cryptocurrency exchange FTX had a wild week that keeps on getting wilder, including saying they might have been hacked (right after filing for bankruptcy), and with researchers saying that $1-2B in customer funds may also be missing.
What does this mean for the funding landscape? If you've been reading this newsletter for any amount of time you know I've been calling out the violent convergence that is coming between the Wild Wild West Web3 World™️ (#5W) and the cybersecurity world.
We're in the early email scam days of Web3, only now it's much harder to know when you're being scammed or when you're a part of a Ponzi scheme. The technology interactions with Web3 are much more complex (or so we are led to believe), the narratives around what can be accomplished with Web3 mirror that of the Dot Com era before the bubble, and there is more bandwagon hopping to find the next way to get rich and be a part of the future. More money and power is up for grabs than ever before.
As a result, it's appears easier to hide behind the veil of complexity with Web3 and scam people. Individuals and companies can only lose money so many times before market forces create medicine for this ailment.
Expect over-correcting regulation and more Web3 Security companies in 2023.
As for Twitter, things are really heating up over there with Elon at the helm. 🍳🔥
Not only did half of the staff get fired (and then some were asked to come back), but Twitter's latest CISO (not that one), stepped down citing security, privacy, and governance concerns:
I've made the hard decision to leave Twitter. I've had the opportunity to work with amazing people and I'm so proud of the privacy, security, and IT teams and the work we've done.
I'm looking forward to figuring out what's next, starting with my reviews for @USENIXSecurity 😁— Lea Kissner (@LeaKissner) November 10, 2022
As you might expect, the details of all the ugly news at Twitter is unfolding on... well, Twitter, of course:
1/ Just want to put this news in plain language for people.
Senior people at Twitter have resigned in the last 48 hours. We now now why. They said in private Slack channels that @elonmusk is so desperate to recoup his money, he’s taking crazy risks with YOUR privacy and safety.— Brianna Wu (@BriannaWu) November 10, 2022
It's hard to distill what is smoke from fire with Twitter these days, but any way you look at it, a lot of iteration needs to happen towards a better platform for people to trust it again.
Onward to this week's issue.
Subscribe to Security, Funded
Know what and who is moving the cybersecurity.
🗣️ Sponsor
🗣️
Live Q&A: Giving Thanks to CISOsJoin us for ThreatX’s Live Q&A Thanksgiving special: Giving Thanks to CISOs with the CISO of Query.AI, Neal Bridges and ThreatX Field CISO, Jeremy VenturaWith Thanksgiving right around the corner, ThreatX Field CISO Jeremy Ventura and Neal will discuss why we are thankful for CISOs, plus the risks and rewards of this challenging role. Join us for a 30-minute Live Q&A on November 21st at 10 am PT / 1 pm ET.Prepare your questions as Neal and Jeremy will be interacting with our live audience to discuss topics related to:* The risks and rewards of the CISO role* Navigating today’s economic and cyber landscape* The future of the CISO roleRegister now to save your spot
🔮 Survey Time
Would you please help me out by filling out the Security, Funded Audience survey? Thanks to everyone who filled this out last week!
My goal is to generate a broad picture of the Security, Funded audience to write more engaging content and partner with relevant sponsors. This survey is completely anonymous and totally optional, but much appreciated!
📊 Industry News
💰 Funding Summary
16 companies raised $268.9M across 15 unique product categories
5 companies were acquired or had a merger event across 5 unique product categories
🧩 Funding by Product Category
$70.0M for Fraud and Financial Crime Protection
$60.0M for Remote Browser Isolation
$50.0M for Continuous Compliance
$26.3M for Network Detection and Response (NDR)
$18.5M for Attack Surface Management (ASM)
$16.0M for API Security
$13.5M for Data Privacy
$8.0M for Secure Collaboration and Messaging
$4.1M for Threat Intelligence
$2.5M for Internet of Things (IoT) Security
$25.0K for Professional Services
An undisclosed amount for Software Supply Chain Security
An undisclosed amount for Operational Technology (OT) Security
An undisclosed amount for Managed Security Services Provider (MSSP)
An undisclosed amount for Insider Threat
🏢 Funding By Company
TRM Labs, an anti-fraud platform for cryptocurrencies and Web3, raised a $70.0M Series B from Thoma Bravo. (more)
Island, a secure remote browser isolation platform, raised a $60.0M Series B from Georgian. (more)
Laika, a continuous compliance and security platform, raised a $50.0M Series C from Fin Capital. (more)
Trinity Cyber, a network detection and response (NDR) platform, raised a $26.3M Debt Financing round.
Veriti, an attack surface management (ASM) platform, raised a $18.5M Series A from Insight Partners. (more)
Wib, an API security platform, raised a $16.0M Series A from Koch Disruptive Technologies. (more)
Apheris, a data privacy and governance platform, raised a $8.8M Seed from Octopus Ventures. (more)
Worldr, a platform for encrypting the communication channels of platforms like Slack and Microsoft Teams, raised a $8.0M Seed from Molten Ventures. (more)
Secure AI Labs, a platform for securely sharing privacy regulated data in the healthcare industry, raised a $4.7M Seed from Asset Management Ventures (AVM). (more)
Bfore.AI, a threat intelligence platform, raised a $4.1M Seed from KaristaandKarma VC. (more)
Angoka, an Internet of Things (IoT) security platform for smart cities, raised a $2.5M Seed from 24 Haymarket. (more)
Oppos, a professional services firm focused on cybersecurity governance and compliance, raised a $25.0K Grant from DMZ.
6CloudTech, an operational technology (OT) security platform, raised an undisclosed Series C from Beijing Innovation Industry Investment.
CyberSmart, a managed security services provider (MSSP), raised a undisclosed Grant from UK IT Industry Award. (more)
Elevate Security, an insider risk management and threat detection platform, raised a undisclosed Venture Round from Cisco Investments. (more)
Endor Labs, a software supply chain security platform, raised a undisclosed Venture Round from Silicon Valley CISO Investments.
🤝 Mergers & Acquisitions
Auspex, a professional services company focused and cybersecurity and data analytics services, was acquired by Edgesource for an undisclosed amount. (more)
Interconnect Networks, a managed services provider (MSP), was acquired by Xobee Networks for an undisclosed amount. (more)
Templarbit, an attack surface management (ASM) platform, was acquired by BOXX Insurance for an undisclosed amount.
ThreatSwitch, a continuous compliance platform for the federal government space, was acquired by Sign In Solutions for an undisclosed amount. (more)
TwinWave, a threat intelligence platform focused on credential phishing, was acquired by Splunk for an undisclosed amount. (more)
🔐 Secure The Job
If you're looking for new opportunities (actively or passively), I've got two ways to help:
Return on Security Job Board - Browse the jobs I curate each week and apply for what matches your interests.
Return on Security Talent Collective - Apply to my talent collective to get personally matched with high-growth, high-upside opportunities (if you refer one (1) person to this newsletter you get access automatically!)
Are you hiring? Post a role and request access to start meeting world class candidates open to new opportunities. Learn more or request access here.
📚 Great Reads
Twitter's CISO steps down - Twitter’s privacy and security teams are in turmoil after Elon Musk’s changes to the service bypassed its standard data governance processes.
Critical mistake founders make when pitching in a downturn - The biggest mistakes founders can make are underestimating how a downturn impacts investor psychology, timelines, and due diligence.
InfoSec Black Friday Deals ~ "Hack Friday" 2022 Edition - All the deals for InfoSec related software/tools this Black Friday / Cyber Monday, for all the hackers that saved $8 on blue and got a free 🙈 instead. This repo is a huge hit with the whole cyber community every year, so don't miss the deals (there’s even a deal from me on here 👀).
🗣️
Cybersecurity startup Seedata.io is hiring, full remote roles available!We've seen record levels of layoffs at tech behemoths over the last few weeks. With a little redundancy cash in your pocket, there's never been a better time to join a deception tech startup. We're hiring, and will prioritize applications from the recently displaced.Check out vacancies here
🧪 Labs
When a cybersecurity vendor asks for some time with me, I don't send them my Calendly.
Instead, I send them an OpenTable link to make a reservation at my favorite steakhouse.
Really narrows down who's serious.— Chet Dorn, Global CISO (@chetdorn) October 18, 2022
👋 Thanks
Have questions, comments, or feedback about this issue? I'd love to hear from you. Reach out on Twitter or reply directly to the newsletter version of this issue.
Thanks for reading and see you again next time!
Cheers,
Mike P
Join the conversation