World Chocolate Day – ESW #248
This week, we welcome Jamie Moles, Senior Technical Marketing Manager at ExtraHop, to discuss Decrypt As If Your Security Depends On It! In the Enterprise Security News, Devo, Dragos, Cato Networks and Aura have all announced $200m or larger funding rounds, TransUnion acquires Sontiq for $638m, Summit Partners acquires Invicti for $625m, Privacy engineering startup Piiano emerges, from stealth mode, Will cybersecurity funding top $20bn for 2021, New US spyware export rules, and a silicon valley entrepreneur wants to scan your eyes! In the final segment, we spoke with Will Lin, co-founder of Forgepoint, one of the few VC firms that exclusively invests in cybersecurity startups!
Visit https://securityweekly.com/extrahop to learn more about them!
Visit https://www.securityweekly.com/esw for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
Use of encryption is on the rise: both by cyber defenders and the attackers they’re tasked to defend against. Encryption has reached near-full adoption by internal teams hoping to implement stronger security and privacy practices. Simultaneously, attackers are using the same mechanisms to hide their malicious activity from the defender’s line of sight. ExtraHop’s Jamie Moles, Senior Technical Marketing Manager joins Enterprise Security Weekly to discuss the various techniques attackers are using to cover their tracks using encryption, addresses common objections about decryption, and makes the case for decryption as a path toward faster, more confident defense. Jamie shares a demonstration of how the ExtraHop Reveal(x) network detection and response platform securely decrypts network traffic in order to successfully halt a breach in progress.
This segment is sponsored by ExtraHop Networks.
Visit https://securityweekly.com/extrahop to learn more about them!
InfoSec World 2021 is proud to announce its keynote lineup for this year’s event! Hear from Robert Herjavec plus heads of security at the NFL, TikTok, U.S. Department of Homeland Security, Stanford University, and more… Plus, Security Weekly listeners save 20% on Digital Pass registration! Visit https://securityweekly.com/isw2021 to register now!
Jamie has a wealth of experience having worked in the Computer Industry for over 34 years – cutting his teeth in IT-MIS he quickly discovered a talent for handling complex technical issues, building sophisticated infrastructure solutions to meet enterprise business requirements and talking to people at all levels of an organization to share knowledge.
With his passion for security and networking being long standing, having been a leader in the early Antivirus industry with his own scanning software and having built and maintained the Cisco routing and switching infrastructure for Europe’s first Application Service Provider his career has always been focused on the cutting edge of security and infrastructure solutions which he enjoys mastering and telling anyone who will listen how great these new technologies are.
In the Enterprise Security News, Devo, Dragos, Cato Networks and Aura have all announced $200m or larger funding rounds, TransUnion acquires Sontiq for $638m, Summit Partners acquires Invicti for $625m, Privacy engineering startup Piiano emerges, from stealth mode, Will cybersecurity funding top $20bn for 2021, New US spyware export rules, A silicon valley entrepreneur wants to scan your eyes, All that and don't forget to stick around for the squirrel story on this episode of Enterprise Security Weekly!
In an overabundance of caution, we have decided to flip this year’s SW Unlocked to a virtual format. The safety of our listeners and hosts is our number one priority. We will miss seeing you all in person, but we hope you can still join us at Security Weekly Unlocked Virtual! The event will now take place on Thursday, Dec 16 from 9am-6pm ET. You can still register for free at https://securityweekly.com/unlocked.
- 1. FUNDING: Devo Whips Up $250M Series E At $1.5B Valuation - All the key numbers are right there in the title. There are currently 653 unicorns by the old method of calculating (valuation > $1bn). 28 of those are cybersecurity startups. Sorry Devo, nothing personal, but I propose we move that number so that we can continue using the term unicorns to refer to startup valuations so high, they're still rare. At $5bn, it still seems like too many! There are 108 startups valued at $5bn or more and 4 cybersecurity startups. If we go up to $8bn, we're down to 32 unicorns total, one of which (Snyk) is a cybersecurity startup. That feels about right and gives us some room to grow. So, about Devo - the original premise was, "hey, Splunk had a great idea, but what if it didn't have to be so expensive?" Turns out a lot of folks agreed with that premise and that's reflected in the size of this round and the valuation. This round was led by TCV, which has a long history of taking startups to IPO, and there's little question here - the next big milestone for Devo is likely to join competitors Splunk and SumoLogic as a public company. IPO makes a lot of sense for this market - data storage and analysis needs will always exist. Any need to pivot with the market should be much easier than, say, an endpoint vendor.
- 2. FUNDING: Dragos Raises $200 Million in Series D Funding to Safeguard the World’s Critical Infrastructure as Valuation Soars to $1.7B - OT is niche, but it's largely an underserved niche and this round sees Dragos focusing more on international expansion. We can especially see the need for training and services in parts of the world where critical infrastructure is common but a skilled and experienced IT/security workforce isn't.
- 3. FUNDING: SASE Firm Cato Networks Raises $200 Million at $2.5 Billion Valuation - Cato Networks was very ambitious in the early days, basically aiming to be a Zscaler competitor that allowed customers more options and customization, whereas Zscaler was more "this is what you get, take it or leave it". Cato aimed to allow customers to build complex software-defined LAN/WAN with integrated security controls. In short, it's a play to outsource a large chunk of a company's infrastructure security controls, regardless of where those workloads live - private datacenter, public cloud, colocated, etc. They're currently using the SASE label, which fits well here and describes where the bulk of the value Cato adds lives in their product. It also doesn't hurt to be compared to Zscaler and other SASE offerings that seem to be doing very well in public and private markets.
- 4. FUNDING: Consumer Security Firm Aura Raises $200 Million at $2.5 Billion Valuation - This one surprised me - it's a huge round and valuation for a company I haven't heard of. This isn't new ground, either - Symantec acquired LifeLock 2 years ago to put together a similar combined offering to what Aura has here. One executive spent 10 years as a product manager at LifeLock, so they've got some industry experience on the team. They also own Pango Group, which seems to be building apps that will integrate with some of the company's identity and fraud protection services. This isn't a space I know well, but when I hear "identity protection" and "VPN apps for your phone", I don't think "massive growth opportunities".
- 5. FUNDING: Private Data Sharing Firm TripleBlind Raises $24 Million in Series A Funding - What's better than double-blind? For an industry obsessed with visibility, a brand called "TripleBlind" makes the dad joke portion of my brain chuckle. Data security is probably one of the toughest problems in cybersecurity. Data is critical and sometimes needs to be shared. Put too many controls and restrictions around data security and it can be a productivity-killing nightmare. Worse, employees are likely to find ways around these controls, so they can get their work done. We've seen many cracks at this. Often, the recipient of protected data has to install software and somehow receive a key to unlock or decrypt the data. Usually, the data owner retains the ability to revoke access to the data, thanks to some sort of PKI infrastructure managed by the product itself. In the case of TripleBlind, the company is still at the stage where it looks like copy is being written by founders and engineers. If they're targeting healthcare, they're going to have to clean up this messaging. "TripleBlind offers proprietary cryptographically-enforced privacy for data and algorithms, allowing institutions to collaborate around the most private and sensitive data without it ever being decrypted or leaving their firewall." The value prop is that data is underutilized due to regulatory fears. TripleBlind claims to be able to open these opportunities without violating regulations like GDPR (EU privacy), PDPA (Singapore), and HIPAA (US healthcare). It's not easy to understand how they're managing to do this, and I can't find enough detail on their website to explain the technical details, workflow, or use cases related to this product. I just find things like: "Real Time Data De-Identification Without the Cost or Loss of Accuracy with Practically 0% Probability of Re-Identification" From what I can tell, it seems like a way you could hire a third-party data science firm to do some analysis of the data, without actually having access to the full data set. For example, they can pull insights out of a set of patient data, but can't pull out individual names and addresses; or tie treatments to individuals.
- 6. FUNDING: SOC Prime lands $11M Series A to become ‘Spotify for cyber threats’ – TechCrunch
- 7. ACQUISITION: Summit Partners acquires majority stake in app security company Invicti Security for $625M - Seems like a good exit for Invicti, which is the company behind the popular NetSparker and Acunetix scanning tools. From the investor standpoint, vulnerability management is fairly solid - especially at the application layer. Though the underlying app layers have been changing and increasing in complexity, the presentation layer can still very much benefit from DAST scanning.
- 8. ACQUISITION: TransUnion Acquires Identity Security Company Sontiq for $638 Million - Another deal related to identity monitoring and protection. Sontiq is the parent brand of IdentityForce, Cyberscout, and EZShield. The two latter brands ring a bell, but again, I'm not sure I see huge growth opportunities here. Sontiq was created when PE firm, The Wicks Group, acquired IdentityForce. Breach Clarity and Cyberscout were later acquired and added to Sontiq in Q1 2021. TransUnion is acquiring Sontiq from Wicks. It does make sense for TransUnion to acquire these types of services. Hopefully, they're in better shape than Equifax, because they're clearly a target for adversaries looking to steal identities and personal information as well!
- 9. NEW STARTUP: Enterprise Data Privacy Startup Piiano Emerges From Stealth Mode - Piiano (get it? PII + Piano?) is another privacy engineering startup. We've seen a ton of funding rounds for privacy engineering startups, and each seem like they're doing things a bit different, or aiming at different pieces of the problem. Some aim to create safe *non-production* versions of data for developers to work with. They do this by scrubbing copies of production data, or generating fake data from scratch that matches production fields and formats. In this case, it looks like Piiano's Vault product might be serving up versions of production data modified in real-time, based on each role's needs and/or privacy requirements. Worth noting that YL Ventures is leading the (quite healthy) $9m seed round here.
- 10. BREACH: GitHub Advisory Database – npm package ua-parser-js compromised with malware - This was already discussed on ASW and PSW this week, but it's a significant one. It likely didn't do much damage, as the malicious payload primarily aimed to mine Monero, and only on systems running npm installs or updates. However, it confirms our fears about the vulnerability and attraction of the growing ecosystem of package managers and app 'stores'. On one hand, organizations are incentivized to make it easy for developers to create and publish applications. After getting burned a few times, they'll likely be forced to lock down these software distribution hubs and add security inspection or scanning processes.
- 11. CRIMES: Former CEO, CFO, And VP Of Email Security Company Charged With $50 Million Fraud Scheme - Fake vendor scams investors. Only 3.5% of what Theranos managed to raise. Amateurs.
- 12. CRIMES: Former Netflix Executive Convicted Of Receiving Bribes And Kickbacks From Companies Contracting With Netflix - Customer scams vendors. Actually, that's not exactly correct. While it is Michael Kail going to jail, the companies he received bribes and equity from seemed happy to play ball. Unfortunately, vendors are all too willing to resort to shady practices to get ahead. It's quite common for vendors to purchase awards and pay influencers to write positive things about their companies, posing as independent opinions. Along with ever-growing funding rounds, the pressure is greater than ever to hit massive growth numbers. Ethics and scrutiny should never be sacrificed in order to make numbers.
- 13. TRENDS: No Real Slowdown: Funding For Cybersecurity Tops $14B For Year - We might be on track to top $20bn in funding for cybersecurity startups by the time the year is out! We're looking at between 150 and 180 funding deals per quarter, while M&A is hovering just below that - around 120 deals per quarter. Any way you look at it, 2021 has been busy for cybersecurity startups and investors.
- 14. REGS: US to curb NSO Pegasus-like spyware with export rules - The WSJ story: https://www.wsj.com/articles/new-u-s-rule-would-limit-sales-of-hacking-tools-to-russia-and-china-11634759525 The export controls rule: https://public-inspection.federalregister.gov/2021-22774.pdf
- 15. PRIVACY: Silicon Valley entrepreneur Sam Altman wants to scan your eyes in exchange for free cryptocurrency
- 16. SQUIRREL: Perfect Day Raises $350 Million Ahead of IPO, Announces Dairy-Identical Cheese Label - Vegan dairy products are apparently a thing. Not vegan dairy *substitutes* - actual dairy that doesn't come from animals.
In our news segments, we often discuss and explore the ever-expanding vendor landscape. Funding rounds are getting huge, we're seeing upwards of 40 acquisitions each month - there's a lot of money and activity in the enterprise cybersecurity market.
This is going to be a quarterly, recurring segment, in which we bring on a VC to provide an investor's point-of-view on all this activity. It's hard to imagine a better investor to join us than Will Lin, co-founder of Forgepoint, one of the few VC firms that exclusively invests in cybersecurity startups!
Don't forget to check out our library of on-demand webcasts & technical trainings at securityweekly.com/ondemand.
William (“Will”) Lin is a Managing Director and Founding Member at Forgepoint.
Will is also a Co-Founder & President of the Security Tinkerers, a non-profit organization that brings together information security professionals to share learnings, provide mentorship, and generate opportunities for the security community and its next generation of leaders. He is a Visiting Fellow at the National Security Institute at George Mason University’s Antonin Scalia Law School. He also is a regular contributor to SecurityWeek, was named a Venture Capital Journal Rising Star, and is an avid connector in the cybersecurity entrepreneur, investor, and practitioner ecosystems.