💰 Security, Funded #80 - More Earnings Reports, Cyber Goes Super (Bowl), and Cyber Takes a Page from IT

Hey there,

I hope you had a great weekend!

In this week's issue:

• More Earnings Reports

• Cyber Goes Super (Bowl)

• Cyber Takes a Page from IT

More unidentified flying things over the US got shot down (and they’re not ruling out aliens 🛸), a big batch of public cybersecurity companies announced their earnings and gave some signals as to what to expect for the rest of the quarter, more cybersecurity companies with layoffs last week, and Crowdstrike did a Super Bowl commercial 🤔.

Earnings Reports

Huge week in earnings calls for public companies in the cybersecurity world, with many of the industry heavyweight announcing their Q4 2022 earnings.

Here’s a live look at me from last week

• Fortinet (FTNT) missed their earnings revenue estimate for Q4 2022, but overall revenue was up 32% from 2021. Success in 2022 was driven by lowering the total cost of ownership (TCO) for customers and catering to the exploding Operational Technology (OT) and SD-WAN markets. Shares jumped 14% post-announcement.

• Rapid7 (RPD) beat its earnings estimate and is trying hard to overcome its old framing of being client-server vulnerability scanning focused by positioning itself as a platform that has "strategic relevance for a modern cloud world [with a] focus on Security Operations."

• CyberArk (CYBR) beat its earnings estimate and attributed its continued growth to privileged access management (PAM), identity attack surface, and how access security is a "must-have" for business even with macroeconomic pressures.

• Tenable (TENB) smashed its earnings estimates off the back of a platform and tool consolidation play. Like Rapid7, Tenable is trying to move away from its old positioning and lean into attack surface management and a unified threat management offering.

• Cloudflare (NET) beat its earnings revenue estimates, in part, on the strengths of its evolving security business. Zero trust and email security led the charge here and allowed Cloudflare is displacing some large incumbents (while also firing some shots at competitors like ZScaler 👀).

All mentioned being sensitive to the overhang of macroeconomics, delayed ordering from customers, and all noted that the mid-market will continue to struggle in 2023 (meaning they'll have a harder time selling to an already under-resourced business segment).

So what does this mean for cyber companies and buyers alike?

Those who can help customers save and simplify will win.

Lower the total cost of ownership (TCO), help companies save money, simplify the stack over introducing new tools, and give a clear path to ROI. Everyone can win even in this environment.

Sound familiar? If you’ve been in or around the IT world for any amount of time, this isn’t new. This is a fact many traditional IT disciplines have had to face for the last decade as telecommunications, networking, and cloud computing technologies have evolved and driven prices way down. It’s just now we are in a season where cyber has to also consider this reality. This is a deviation from the “more money and more tools” cyber world of the last 5-7 years.

I do think it is just that, however, a season. One that when it turns, will be a leading indicator of “businesses being back” so to speak.

Onward to this week's issue.

🗣Sponsor

CCPA, CTDPA, VCDPA…Digging into US Data Privacy in 2023Join the webinar on March 1 with Matt Cooper, Sr. Manager, Privacy, Risk & Compliance at Vanta, and Arlo Gilbert, CEO and Co-founder at OsanoRecently, more states have passed consumer data protections, including Connecticut, Colorado, Virginia, and Utah, with many more data privacy laws in the works at both the state and federal levels. Join the webinar on March 1 to learn about the changing privacy landscape in the US and how businesses of all sizes should respond.Register to save your spot

📰 Industry News Roundup

• March Capital announced a new $650.0M fund focused on cloud software, cybersecurity, and cloud/data infrastructure  (more)

• Serious Allegations About Darktrace and their Financial Statements (more)

• Insurers Say Cyberattack that Hit Merck Was Warlike Act, Not Covered (more)

📅 YTD Funding 🆕

In this section, I'll be showing a running total and evolving series of charts for the year-to-date (YTD) funding and by the week or month of the year.

After last week’s issue, I offered a few takes as to why I think the chart looks the way it does on LinkedIn. Check it out and let me know what you think (and let's connect if we're not already)! 👇

💰 Weekly Funding Summary

• 15 companies raised $147.5M across 13 unique product categories

• 4 companies were acquired or had a merger event across 4 unique product categories for $1.7B

🧩 Funding By Product Category

• $50.0M for Network Security

• $30.0M for Fraud and Financial Crime Protection

• $14.0M for Mobile Device Security

• $13.3M for Cloud Security

• $12.0M for Security Awareness

• $9.4M for Operational Technology (OT) Security

• $7.0M for Breach & Attack Simulation (BAS)

• $7.0M for Anti-Phishing

• $3.2M for Threat and Risk Prioritization

• $1.2M for Secure Networking

• $435.0K for Security Operations

• An undisclosed amount for Quantum Security

• An undisclosed amount for Data Privacy

🏢 Funding By Company

• Skybox Security, a United States-based network security posture management platform, raised a $50.0M Venture Round from J.P. Morgan. (more)

• Coincover, a United Kingdom-based cryptocurrency and digital asset protection and recovery platform, raised a $30.0M Series B from Foundation Capital. (more)

• Build38, a Germany-based mobile application security platform, raised a $14.0M Series A from Tikehau Capital. (more)

• Cipher Gateway, a China-based cloud security company, raised a $13.3M Series A.

• Riot, a United States-based security awareness platform focused on training employees about phishing and data breaches, raised a $12.0M Series A from Base 10 Partners. (more)

• Opscura, a United States-based industrial control system (ICS) security platform, raised a $9.4M Series A from Anzu Partners. (more)

• FireCompass, a United States-based breach and attack simulation (BAS) platform, raised a $7.0M Series A from Athera Venture PartnersandCervin. (more)

• Sendmarc, a South Africa-based email anti-phishing platform, raised a $7.0M Series A from Atlantica Ventures. (more)

• VulnCheck, a United States-based threat intelligence and vulnerability prioritization platform, raised a $3.2M Seed from Sorenson Ventures. (more)

• Sitehop, a United Kingdom-based secure networking hardware platform, raised a $1.2M Seed from NPIF – Mercia Equity Finance. (more)

• Salem Cyber, a United States-based security operations center (SOC) AI assistant, raised a $435.0K Seed.

• Beauceron Security, a Canada-based security awareness and training platform, raised an undisclosed Private Equity Round from CIBC Innovation Banking. (more)

• brighter AI, a Germany-based sensitive and identifiable data redaction suite for images and videos, raised an undisclosed Venture Round from Deutsche Bahn Digital Ventures.

• Hut Six Security, a United Kingdom-based security awareness and training platform, raised an undisclosed Venture Round from Development Bank of Wales.

• Terra Quantum, a Switzerland-based quantum security and cryptography platform, raised an undisclosed Venture Round from Investcorp. (more)

🌎 Funding By Country

• $82.0M for United States 🇺🇸

• $31.2M for United Kingdom 🇬🇧

• $14.0M for Germany 🇩🇪

• $13.3M for China 🇨🇳

• $7.0M for South Africa 🇿🇦

• An undisclosed amount for Switzerland 🇨🇭

• An undisclosed amount for Canada 🇨🇦

🤝 Mergers & Acquisitions

• Sumo Logic, a United States-based cloud data and security analytics suite, was acquired by Francisco Partners for $1.7B. (more)

• Apogee IT Services, a United States-based managed services provider (MSP), was acquired by Magna5 for an undisclosed amount. (more)

• LeapYear Technologies, a United States-based privacy-focused data platform for machine learning (ML) applications, was acquired by Snowflake for an undisclosed amount. (more)

• Noventiq, a United Kingdom-based professional services company focused on cybersecurity and digital transformation, entered into an agreement to go public via a SPAC with Corner Growth Acquisition Corp. (more)

📚 Great Reads

• What Does Generative AI Mean for Cybersecurity? - A former cybersecurity product manager turned VC shares their take on what generative AI (h/t Caleb at Unusual Ventures).

• The Four Horsemen of the Tech Recession - It was jarring to see high employment figures the same week that tech company after tech company reported mostly disappointing earnings, and worse forecasts, all on the heels of layoffs.

• The Difference Between Product Security and Application Security - A simple explanation about product security and application security.

🐝 Cross Pollinate 🆕

Discover something new this week.

Security Pills - A weekly newsletter for smart and curious people interested in security, technology, and smartcontracts

🗣Sponsor

Possibly you!

🧪 Labs

Not all typos are created equally 😳

🤔 Have questions, comments, or feedback? I'd love to hear from you!

🤝 Interesting in a sponsor partnership with Security, Funded? Learn more here.

🐝 If you run a newsletter, I can't recommend Beehiiv enough.