New CEOs, SMB & Cyber Insurance Trends, Herman Miller Chairs, & SQL Slammer – ESW #304
In the Enterprise News: There's lots of executive shuffling going on! Saviynt gets a new CEO and $205M in funding, Forescout appoints its 4th CEO in as many years, and Mudge finds a place at Rapid 7. We've got some interesting trends, like more focus on securing small businesses, and more cybersecurity startups pairing technology with cyber insurance. It seems like only yesterday, we were shocked to hear that Microsoft was running a $10B security business, but Microsoft has apparently now grown security revenue to $20 BILLION DOLLARS.
Also, Tyler explains what Herman Miller chairs have to do with spotting market trends, we note the 20 year anniversary of SQL Slammer, and discuss why consumers don’t want smart appliances shoved down their throats!
Announcements
Don't miss any of your favorite Security Weekly content! Visit https://securityweekly.com/subscribe to subscribe to any of our podcast feeds and have all new episodes downloaded right to your phone! You can also join our mailing list, Discord server, and follow us on social media & our streaming platforms!
Hosts
- 1. FUNDING: Saviynt Raises $205M; Founder Rejoins as CEO, Appoints Seasoned President to Accelerate its Leadership in Identity Management
- 2. FUNDING: Investing in Cygnvs
$55M Series A, led by A16Z. They're coining a new term, the "Crisis Operating System". It basically sounds like they're collecting endpoint, network, and log data and sending it into a protected data-diode-like environment, so attackers can't delete evidence. They also appear to have a cozy relationship with cyber insurance providers.
- 3. FUNDING: Forward Networks Raises $50 Million in Series D Funding
- 4. FUNDING: French cybersecurity platform EGERIE bags €30M to help measure financial impact of cyber threats
- 5. FUNDING: Strata Identity Secures $26M for Its Identity Management Platform
- 6. FUNDING: Sentra Raises $30 Million Series A Financing to Meet Growing Demand for Data Security in the Cloud
- 7. FUNDING: Tenable Ventures – Investing in Cybersecurity Startups
$25M fund raised
- 8. FUNDING: Gem Security wants to secure your cloud infrastructure, raises $11M
- 9. FUNDING: Guardz emerges from stealth with $10M for SMB security and cyber insurance to protect against attack-as-a-service breaches
$10M in seed funding, led by Hanaco Ventures. "Guardz is a holistic cyber security and insurance solution designed for small businesses." Sounds like Guardz is another one of these cyberinsurance MGUs (managing general underwriter), as they're both providing the security product and the insurance coverage.
- 10. TRENDS: The Aeronpocalypse from gilad on Twitter
Is the price and quantity of used Herman Miller chairs on eBay an important financial/market indicator?
- 11. TRENDS: Microsoft security sales soar amid competitive critique of business model
$20 BILLION DOLLARS
Microsoft is a $20B security company.
- 12. TRENDS: Google Fi hack victim had Coinbase, 2FA app hijacked by hackers
There was a lot of discussion about how to handle password databases and MFA/token codes. I store my TOTP codes in my password database (1Password), and a lot of folks were nervous about having both passwords and second factors stored in the same place, preferring to use separate apps for both things. You might not be able to see it, but the impact on Authy in this scenario is giving me smug face.
- 13. TRENDS: Google’s open source team layoffs: Your software supply chain security is at risk – Malware News – Malware Analysis, News and Indicators
Are layoffs putting open source at risk?
- 14. TRENDS: U.S. Intelligence Wants to Use Psychology to Avert Cyberattacks
- 15. TRENDS: How well did Israel’s cybersecurity industry do in 2022?
Spoiler: not bad.
- 16. TRENDS: FBI says it ‘hacked the hackers’ to shut down major ransomware group
THE VOIP CALL IS COMING FROM INSIDE THE HOUSE
- 17. TRENDS: Appliance makers sad that 50% of customers won’t connect smart appliances
Good job, everyone, let's aim for 75% of customers ignoring IoT BS next year!
- 18. TRENDS: New “MITRE ATT&CK-like” framework outlines software supply chain attack TTPs
We're nearing half a dozen "MITRE ATT&CK-like" frameworks already. I predict this will not stop.
- 19. EXEC MOVES: Forescout appoints fourth CEO since 2020, with focus on profitability
- 20. EXEC MOVES: Twitter whistleblower Zatko lands new job at a security consulting firm
Mudge lands at Rapid 7, in a part-time role?
- 21. FOSS TOOLS: CycloneDX Generator
SBOM Generator!
- 22. NEW FEATURES: 5 tips to stay safer online with Chrome
You can now use biometric controls to unlock persistent incognito sessions.
- 23. ESSAYS: A deep look at investing in cybersecurity services for VCs: why, why not, and how to
- 24. ESSAYS: Artificial Intelligence and Cybersecurity: Are We There Yet?
- 25. ESSAYS: By reframing talent, we can meet the cybersecurity skills gap
- 26. POST MORTEMS: Three lessons for DevOps from the CircleCI breach
- 27. RESOURCES: Grand Repository Challenge accepted!
There are many mega lists on github. This one is GRC-focused.
- 28. REGS: What security pros need to know about the FTC’s proposed non-compete rule
Companies might not be able to enforce non-competes, but what about protecting data and preventing corporate espionage?
- 29. NOSTALGIA: Remembering SQL Slammer
- 30. SQUIRREL: This Billion-Dollar Startup Wants to Bring Back the Dodo