💰 Security, Funded #70 - PANW Earnings, Cyber Marketechture, and Why It’s a Buyer’s Market

Hey there,

I hope you had a great weekend!

In this week's issue:

• Palo Alto earnings

• Cyber marketechture

• Why it's a buyer's market

Palo Alto Networks posted strong Q3 2022 earnings last week beating analyst expectations. Oh yeah, and they acquired Cider Security (see more below).

Per the earnings call, Palo Alto hinted that customers want more security coverage for the same or less money. Palo Alto stated that demand wasn't slowing down, but customer were delaying projects or financing in some cases leading to a deeper pipeline than normal.

Cyber budget dollars are shrinking all around (or at least not growing year over year) in either tools, people, consultants, or all of the above. CFOs and CISOs alike are looking for ways to stem the operational expense bleeding, and as a result, technology partner and vendor consolidation is a top concern for many companies today.

CISOs need their budget dollars to go further than before and that means they will be looking to vendors to take that on, at least in part.

What does this mean for cybersecurity companies?

It means they have to sell even more than they do today. Given that there is a never ending stream of new cybersecurity companies launching, competition is going to continue to heat up in an already hyper competitive space.

In their earnings call Palo Alto's CFO confirmed this statement by saying:

Incidentally, Palo Alto's CEO says they're going to be the first $100B cybersecurity company. 👀

What does this mean for CISOs and decision makers in the buying process going into 2023?

Expect more cold outreach (☠️ your inbox and LinkedIn), more marketechture ("marketing architecture"), and more aggressive positioning and new acronyms from the incumbent heavyweights and welterweights alike. Also expect more tooling changes via vendor acquisitions and acquihires (see Cider Security acquisition).

The silver lining to this, however, is that it could also mean to expect better product and suite package, more favorable payment terms, and vendors who are more incentivized to make the best deal they can for your company.

Onward to this week's issue.

Subscribe to Security, Funded

Know what and who is moving the cybersecurity industry each week.

🗣️ Sponsor

Live Q&A: Giving Thanks to CISOs

Join us for ThreatX’s Live Q&A Thanksgiving special: Giving Thanks to CISOs with the CISO of Query.AI, Neal Bridges and ThreatX Field CISO, Jeremy Ventura

With Thanksgiving right around the corner, ThreatX Field CISO Jeremy Ventura and Neal will discuss why we are thankful for CISOs, plus the risks and rewards of this challenging role. Join us for a 30-minute Live Q&A on November 21st at 10 am PT / 1 pm ET.

Prepare your questions as Neal and Jeremy will be interacting with our live audience to discuss topics related to:* The risks and rewards of the CISO role* Navigating today’s economic and cyber landscape* The future of the CISO role

Register now to save your spot

📊 Industry News

• European Union Agency for Cybersecurity (ENISA) highlights the top cybersecurity threats likely to emerge by 2030 (more)

• Google to pay record $391.5 million for misleading users on location tracking (more)

• Australia launches standing operation against cyber criminal syndicates (more)

💰 Funding Summary

• 12 companies raised $203.2M across 10 unique product categories

• 7 companies were acquired or had a merger event across 6 unique product categories for $195.0M

🧩 Funding by Product Category

• $65.0M for Data Protection

• $46.0M for Breach & Attack Simulation (BAS)

• $25.0M for Secure Remote Access

• $17.7M for Managed Security Services Provider (MSSP)

• $14.0M for Application Security

• $12.4M for Mobile Device Security

• $9.0M for Software Supply Chain Security

• $8.0M for Data Privacy

• $4.8M for Fraud and Financial Crime Protection

• $1.3M for Cloud Security Posture Management (CSPM)

🏢 Funding By Company

• Akeyless Security, a Israel-based secrets management platform, raised a $65.0M Series B from NGP Capital. (more)

• Bishop Fox, a United States-based continuous security validating platform, raised a $46.0M Venture Round from WestCap. (more)

• Cloudbrink, a United States-based secure remote access company, raised a $25.0M Venture Round from Highland Capital PartnersandThe Fabric. (more)

• Eye Security, a Netherlands-based managed security services provider (MSSP), raised a $17.7M Venture Round from Bessemer Venture Partners. (more)

• ArmorCode, a United States-based application security testing platform, raised a $14.0M Series A from Ballistic Ventures. (more)

• Dust Mobile, a Belgium-based secure mobile communications platform, raised a $12.4M Series B from Bpifrance. (more)

• Boostsecurity.io, a Canada-based software supply chain security platform, raised a $9.0M Seed from Sorenson Capital. (more)

• Private AI, a Canada-based privacy-preserving machine learning and natural language processing tool for GDPR compliance, raised a $8.0M Series A from BDC Capital Corporation. (more)

• Yakoa, a United States-based NFT and digital intellectual property fraud detection platform, raised a $4.8M Seed from Collab+Currency, Volt CapitalandBrevan Howard Digital. (more)

• OpsHelms, a United States-based security posture management and remediation platform, raised a $1.3M Seed. (more)

• Entech US, a United States-based managed security services provider (MSSP), raised an undisclosed Private Equity Round from Prospect Partners. (more)

• Sarus, a France-based data privacy and synthetic data platform, raised an undisclosed from Frontier Path Venture Capital.

🌎 Funding By Country (New!)

• $91.1M for United States

• $65.0M for Israel

• $17.7M for Netherlands

• $17.0M for Canada

• $12.4M for Belgium

• An undisclosed amount for France

🤝 Mergers & Acquisitions

• Cider Security, an Israel-based platform focused on security of software delivery pipelines (CI/CD), was acquired by Palo Alto Networks for $195.0M. (more)

• Celltick Technologies, a United States-based secure communications and notification system platform, was acquired by Utimaco for an undisclosed amount. (more)

• Custard Technical Services, a United Kingdom-based managed services provider (MSP), was acquired by Thrive for an undisclosed amount. (more)

• SCRT, a Switzerland-based professional services company focused on detection and incident response, was acquired by Orange Cyberdefense for an undisclosed amount. (more)

• Steel Root, a United States-based managed security services provider (MSSP), was acquired by C3 Integrated Solutions for an undisclosed amount. (more)

• Telsys, a professional services company focused on information security programs, was acquired by Orange Cyberdefense for an undisclosed amount. (more)

• Third Wall, a United States-based endpoint protection platform for MSSPs/MSPs and their customers, was acquired by ThreatLocker for an undisclosed amount. (more)

🔐 Secure The Job

🚨Return on Security Job Board

Browse the jobs I curate each week and apply for what matches your interests.

Post a role and request access to start meeting world-class candidates open to new opportunities. Learn more or request access here.

📚 Great Reads

• An Intro to Cybersecurity for VC's - A cyber operator's guide to learning about the cybersecurity industry for people working in venture capital and private equity.

• Tech layoffs and Cybersecurity - The tech industry has been seeing a bit of a blood bath in 2022. We seem to have gone from The Great Resignation to Quiet Quitting to the Great Firing in a very short time.

• Bad CISO Archetypes - The six types of CISOs you don't want to hire (or don't want to become).

🗣️ Sponsor

Talking Heads Interview Series

As a cybersecurity start-up, we spend a lot of time talking to cybersecurity leaders in many organizations, looking to hear their thoughts on the product we need to build and understand the risks and pressures they are facing every day. We’re fortunate to get to spend time with some very clever people, and felt their wisdom needs sharing!

So, we’re launching “Talking Heads”; a series of structured interviews with CISOs (and other roles that interact with CISOs) aimed at sharing best practice and insider knowledge on how to be a great CISO.

Learn more

🧪 Labs

👋 Thanks

Have questions, comments, or feedback about this issue? I'd love to hear from you. Reach out on Twitter or reply directly to the newsletter version of this issue.

Thanks for reading, and see you again next time!

Cheers,

Mike P