ESW #290 – Will Lin, James Norrie
Cybersecurity is now battling a human problem just as much, if not more, than a technical one. According to Verizon’s 2021 Data Breach Security Report, 85% of successful cyberattacks now involve a human element. Combine that with the fact that even the very best technology can only thwart about 93% of attacks and that leaves a large hole in an organization’s basic security hygiene. This has led to a growing demand for ongoing educational programs that rely on behavioral science to measure and manage cybersecurity risk as a distinctly different solution from generic, one-size-fits-all training programs.
In the enterprise security news, SentinelOne and Crowdstrike reinvest in the security market, Malwarebytes raises $100M, Ox Security raises a $34M Seed round??? Jamf acquires ZecOps, New startups looking to improve Code Reviews…Outsource questionnaires…provide consumer privacy awareness…Federal security funding for state and local governments, New software supply chain attacks, Microsoft Windows slaps your hand when you try to update passwords.txt, and stick around until the end, when we talk about a New Jersey Deli with a $100M market cap!
This is a recurring segment, in which we bring on a VC to provide an investor’s point-of-view on all this activity. It’s hard to imagine a better investor to join us than Will Lin, co-founder of Forgepoint, one of the few VC firms that exclusively invests in cybersecurity startups.
We'll discuss: - How, the last time we had Will on (20 episodes ago, ESW 270), we were asking about huge valuations and potential market resets/corrections. Well, it seems that day arrived. What now? - Crowdstrike and SentinelOne are active investors with their own funds now. Is this a new trend, or are we just now noticing it? What does it mean for the larger market and for founders looking to raise? - We've had guests on to discuss enterprise browsers, and DSPM - what hot markets should we target next?
Full Audio
Segments
1. State of the Market With a VC – Will Lin – ESW #290
This is a recurring segment, in which we bring on a VC to provide an investor’s point-of-view on all this activity. It’s hard to imagine a better investor to join us than Will Lin, co-founder of Forgepoint, one of the few VC firms that exclusively invests in cybersecurity startups.
We're excited to have Will back with us! We'll discuss
- How, the last time we had Will on (20 episodes ago, ESW 270), we were asking about huge valuations and potential market resets/corrections. Well, it seems that day arrived. What now?
- Crowdstrike and SentinelOne are active investors with their own funds now. Is this a new trend, or are we just now noticing it? What does it mean for the larger market and for founders looking to raise?
- We've had guests on to discuss enterprise browsers, and DSPM - what hot markets should we target next?
Announcements
Don't forget to check out our library of on-demand webcasts & technical trainings at securityweekly.com/ondemand.
Guest
Will is a member of the ForgePoint founding team and has been involved in every aspect of the firm’s evolution. Since ForgePoint Capital’s founding in 2015, Will has risen from Vice President to Managing Director in five years—a meteoric career advancement. As Managing Director, he is a senior member of the team responsible for leading investments, growing the members of the investment team, expanding the trusted network of industry relationships and supporting fundraising efforts. He started his career at Citi’s Investment Banking Group and subsequently joined Trident Capital where he supported investments in cybersecurity and infrastructure software. Will currently serves on the boards of Attivo Networks, Bishop Fox, Concourse Labs, LoginRadius, Remediant, Symmetry Systems, Uptycs and an unannounced company.
Hosts
2. A Human Defense Platform: Fortifying Your Last Mile of Cybersecurity Defenses – James Norrie – ESW #290
Cybersecurity is now battling a human problem just as much, if not more, than a technical one. According to Verizon’s 2021 Data Breach Security Report, 85% of successful cyberattacks now involve a human element. Combine that with the fact that even the very best technology can only thwart about 93% of attacks and that leaves a large hole in an organization’s basic security hygiene. This has led to a growing demand for ongoing educational programs that rely on behavioral science to measure and manage cybersecurity risk as a distinctly different solution from generic, one-size-fits-all training programs.
Announcements
Don't miss any of your favorite Security Weekly content! Visit https://securityweekly.com/subscribe to subscribe to any of our podcast feeds and have all new episodes downloaded right to your phone! You can also join our mailing list, Discord server, and follow us on social media & our streaming platforms!
Guest
Dr. James Norrie is a tenured Professor of Strategy, Cybersecurity and Law, and former Dean of the Graham School of Business, at York College of Pennsylvania. He has terminal degrees in business and law, and graduate degress in education, psychology, engineering and cybersecurity. He is the author of six books, multiple book chapters and hundreds of journal articles and national op-ed’s. He is a sought-after expert consultant, frequent media commentator with an international reputation in his field.
His published areas of research delve into the intersection of psychology and technology and the friction this creates, particularly as cybercrime has become a ferocious global problem. In addition to his academic role, he is the Founder and CEO of CyberconIQ. This innovative, VC-backed firm is committed to changing the global cybersecurity conversation from fear to hope offering patented and proprietary solutions that enable individual employees to become measurably safer online and reduce the risk of a human factors breach. He conducts, presents and publishes industry-related research and consults globally to prominent companies in financial services, technology, healthcare and retail concerning cybersecurity, information privacy and security, and economic crime detection and prevention methods. He lives in York, PA.
Hosts
3. SentinelOne, Malwarebytes Raises $100M, Federal Security Funding, & Passwords.txt – ESW #290
In the enterprise security news, SentinelOne and Crowdstrike reinvest in the security market, Malwarebytes raises $100M, Ox Security raises a $34M Seed round??? Jamf acquires ZecOps, New startups looking to improve Code Reviews…Outsource questionnaires…provide consumer privacy awareness…Federal security funding for state and local governments, New software supply chain attacks, Microsoft Windows slaps your hand when you try to update passwords.txt, and stick around until the end, when we talk about a New Jersey Deli with a $100M market cap!
Announcements
Do you have a specific guest or topic that you want us to cover on one of the shows? Submit your suggestions for guests by visiting https://securityweekly.com/guests and completing the form! We review suggestions monthly and will reach out to you once reviewed!
Hosts
- 1. FUNDING: SentinelOne launches $100M fund to invest in enterprise cybersecurity startups
- 2. FUNDING: Malwarebytes Secures $100M Investment, Eyes MSP Business Growth – MSSP Alert
- 3. FUNDING: Deep Instinct raises $62 million from BlackRock and Chrysalis
- 4. FUNDING: As demand for compliance and security soar, DataGuard tops up with €61 million
- 5. FUNDING: Ox Security lands $34M in seed funding to strengthen software supply chains
- 6. FUNDING: Web3 bug-bounty platform Immunefi raises $24M for its Series A funding round
- 7. FUNDING: Codacy nabs $15M to improve code reviews with automation
- 8. FUNDING: Evident Raises $14 Million to Reduce Third Party Insurance-Related Risk for Enterpriseshttps://www.einnews.com/pr_news/592509938/evident-raises-14-million-to-reduce-third-party-insurance-related-risk-for-enterprises
- 9. FUNDING: LayerX Security$8M in Seed funding, from Glilot Capital Partners. Remote browser isolation.
- 10. FUNDING: Digital privacy company Hush picks up $4m seed
- 11. FUNDING: Operant Networks Emerges From Stealth With SASE Solution for Energy OT$3.8M Seed, led by Constellation Technology Ventures. Secure access to SCADA/ICS systems.
- 12. FUNDING: CrowdStrike’s Falcon Fund Invests in Compliance Automation Pioneer, Vanta
- 13. FUNDING: CrowdStrike’s Falcon Fund Invests in API Security Leader, Salt Security
- 14. FEDERAL FUNDING: Biden admin launches $1B cyber grant program for state, local governments
- 15. ACQUISITIONS: Jamf announces intent to acquire ZecOps, to provide a market-leading security solution for mobile devices as targeted attacks continue to grow
- 16. NEWSLETTERS: Tenchi’s new newsletter, Alice in Supply ChainsAdrian's employer, Tenchi Security, has a new newsletter you should check out!
- 17. SUPPLY CHAIN: Malicious OAuth applications abuse cloud email services to spread spam – Microsoft Security Blog
- 18. SUPPLY CHAIN: Security alert: new phishing campaign targets GitHub users
- 19. NEW FEATURES: Enhanced Phishing Protection in Microsoft Defender SmartScreen – Windows security
- 20. USEFUL REFERENCES: Twitter list of all global CERTs/CIRTs/SIRTs/etc, from Patrick C Miller
- 21. LEGAL DRAMA: Fired Uber attorney testifies against ex-security chief in trial over 2016 data breach cover-up
- 22. APP CRIMES: Banks fined $1.8B for illegal app use
- 23. SQUIRREL: Three men charged with fraud in $100 million New Jersey deli schemehttps://www.cnbc.com/2022/09/26/three-men-charged-with-fraud-in-100-million-new-jersey-deli-scheme.html
