🌍 Cybersecurity Innovation Pulse #14: Bye Turla; $1.4B for Merck in NotPetya Claim; Introducing The Earnings Calendar🎉; M&As; Funding News and More!
Covering Apr. 17th - May 11th
Welcome to the 10th issue of the Cybersecurity Market Pulse (14th of CIP) newsletter! I'm Darwin Salazar and this newsletter is your personal guide to the ever-evolving cybersecurity industry. Every week, I bring you the latest updates on product launches, groundbreaking innovations, strategic collaborations, funding news, earnings, and M&A activity. If you enjoy the content and gain value from it consider becoming a paid subscriber to gain access to our archive, and exclusive posts. You can also buy me a coffee ☕ or 3 if subscriptions are not your thing. By subscribing, you'll receive all of the timely and valuable insights directly to your inbox, saving you time and helping you stay ahead of the curve. Now, grab a cup of your favorite beverage, and let’s dive into the market madness that has ensued over the past couple of weeks!
The Market Beat 🥁
The Latest in Cybersecurity Insurance
Cybersecurity insurance has become more critical than ever. Attacks are not stopping. Ransomware is still prevalent. It’s 2023, and companies have woken up to the fact that cybersecurity insurance is a necessity. While the global cyber insurance market reported in at $11.9 billion in 2022, it’s expected to grow to nearly $30 billion by 2027.
In other cyber insurance news, a New Jersey court ruling recently upheld an insurance payout of $1.4 billion to Merck, covering damages from the NotPetya attack. The court held that the attack was not an act of war and did not excuse them from paying the $1.4 billion bill. This case just highlights why cyber insurance is a necessity.
FBI Strikes Major Blow Against Russian Hackers
In a significant cybersecurity victory, the FBI has taken down one of Vladimir Putin's most prized hacking units. The operation led to the discovery of the Turla/Snake malware network, as reported by PacketStormSecurity. As Dan Goodin described it in his ArsTechnica article:
If nation-sponsored hacking was baseball, then Turla would not just be a Major League team—it would be a perennial playoff contender. Researchers from multiple security firms largely agree that Turla was behind breaches of the US Department of Defense in 2008, and more recently the German Foreign Office and France's military. The group has also been known for unleashing stealthy Linux malware and using satellite-based Internet links to maintain the stealth of its operations. - Dan Goodin, ArsTechnica
This event serves as a significant blow to the Russian cyber espionage apparatus, highlighting the FBI's increased competence in tackling state-sponsored cyber threats. This takedown is a major win for global cybersecurity, demonstrating the increasing ability of law enforcement to counter sophisticated cyber threats.
The Shifting Landscape of Cybersecurity Executives: It's Not Just Corporate Responsibility Anymore
The role of cybersecurity executives continues to evolve, with recent events highlighting the personal risks associated with the job. SC Magazine recently reported an unsettling incident where attackers threatened to contact the wife and son of Dragos CEO in a failed extortion attempt. In other cyber exec news, ex-Uber CSO Joe Sullivan avoided federal prison after being charged with covering up the massive Uber data breach. These incidents underline the increasingly challenging landscape faced by cybersecurity executives, where personal, legal, and corporate responsibilities intersect.
Earnings
Cloud Providers
The cloud infrastructure market generated $63 billion in Q1 2023, up by 19% year-over-year. Although cloud growth has slowed, cloud providers are benefitting from AI/ML innovation. The computational power and data storage required to train and run these models is staggering. In fact, Meta’s February LLaMA release took nearly 1 million GPU hours to train, which would cost $2.4 million using AWS Amazon EC2 P4 Instances.
AWS remains the market leader with a 32% share, earning $21.35 billion in revenue, up 16% year-over-year. Microsoft's Azure cloud infrastructure business and Intelligent Cloud unit earned $22.08 billion, also up 16% year-over-year. Google Cloud turned a profit for the first time, earning $7.4 billion in cloud revenue, up 27.5% year-over-year with an operating income gain of $191 million.
It’s key to note that Microsoft does not disclose profit numbers for the Azure cloud business and instead reports Azure numbers under its Intelligent Cloud unit which includes Enterprise Services, Windows Server, SQL Server, and more.
Despite economic pressures, projections suggest significant future growth in the cloud market. This presents an enormous opportunity for cloud providers to capture a share of this growing market.
Security Ecosystem
Juniper Networks reported a quarterly revenue total of $1.372 billion and a year-over-year growth rate of 17%.
CyberArk reported a quarterly revenue total of $161.7 million and a year-over-year growth rate of 27%
Check Point Software reported mixed results for the first quarter with a quarterly revenue total of $566 million and a year-over-year growth rate of 4%.
JFrog had a record quarter with revenue totaling $79.8 million, up 25% year-over-year.
Fastly benefited from increased customer acquisition resulting in record quarterly revenue totaling $117.6 million and an annual growth rate increase of 15%.
Cloudflare reported a quarterly revenue total of $290.2 million, up 37% year-over-year.
Introducing the Earnings Calendar 🎉
Funding News
While VC funding activity still remains tight across most industries (aside from AI, of course), the cybersecurity sector continues to attract substantial investments. Here are the recent funding rounds events since Mid-April:
Replit, the browser-based IDE and GitHub competitor, raised $100 million in a Series B extension led by Andreessen Horowitz and participation from Khosla Ventures, Coatue, SV Angel, Y Combinator, and several others.
Coro raised an additional $75M, totaling $155M in 12 months since launching. The funding round added Energy Impact Partners to its current investors, Balderton Capital and JVP.
Semgrep raised a $53M Series C round led by Lightspeed Ventures and joined by Felicis Ventures, Redpoint Ventures, and Sequoia Capital.
Halcyon raised over $50 million for its anti-ransomware protection platform in a Series A led by SYN Ventures and joined by Dell Technologies Capital and Corner Capital.
Safe Security raised a $50 million Series B round led by Sorenson Capital.
Ditto emerged from stealth with a $45M investment to develop technology that helps companies keep their data in sync securely, led by Acrew Capital.
SpecterOps closed a $25 million Series A round led by Decibel.
CoreWeave finalized a $22 million Series B at a $2B valuation, led by Magnetar Capital.
Dasera raised $12M in a Series A funding round led by Storm Ventures.
Fletch received a $12.5 million Series A investment to grow its NLP engine that scans the cyber threat landscape, led by True Ventures.
Keeper Security received a minority growth equity investment worth $10 million from Summit Partners.
Netrise, a firmware security start-up, secured $8 million in its Series A funding round, led by Squadra Ventures.
Sonet.io emerged from stealth with $6 million in funding, led by The Hive and WestWave Capital.
Aadya, an SMB-focused security platform, garnered $5 million from the venture firms Left Lane Capital, 645 Ventures, and several others.
Moonsense, a fraud detection startup, raised $4.2 million in a seed funding round co-led by Race Capital and XYZ Ventures.
Stack Identity collected $4 million in a seed funding round co-led by WestWave Capital and Benhamou Global Ventures.
Optery, a personal data protection startup, raised $2.7 million in seed funding from Bayhouse Capital.
Lockr secured $2.5M in a pre-Series A funding round from Junction Venture Partners, Grit Capital Partners, and Mozilla Ventures.
Immuta, a data security startup, secured investments of an undisclosed amount as part of their Series C funding round with Databricks being the strategic investor.
Mergers & Acquisitions
The cybersecurity market continues to consolidate, with several major acquisitions happening recently. Here are the most noteworthy:
Datadog and Rubrik are amongst a number of potential suitors reportedly in talks to acquire Laminar, a data protection and compliance startup, for around $200 million, as mentioned in BankInfoSecurity and Calcalistech.
Akamai Technologies, a leading content delivery network, and cloud services provider, is set to acquire API security company Neosec, as reported by DarkReading. This acquisition is expected to strengthen Akamai's security portfolio by adding API-specific security measures.
Cybersecurity provider Lookout is reported to sell its consumer business to F-Secure for $223 million, according to SiliconANGLE. This move allows Lookout to focus more on enterprise security solutions while F-Secure can expand its consumer base.
In another notable deal, cybersecurity provider Absolute Software was acquired for $657 million and will be taken private by Crosspoint Capital Partners, as stated in another report by SiliconANGLE.
Lastly, AI and data analytics firm Databricks has made a strategic move by acquiring Okera, a data governance platform. The acquisition, as reported by VentureBeat, is expected to enhance Databricks' AI-driven data governance capabilities.
Partnerships
Several significant partnerships have been formed recently in the cybersecurity industry, aimed at tackling diverse challenges:
Accenture and Palo Alto Networks have deepened their partnership to bolster their cybersecurity offerings, as reported by HelpNetSecurity. This partnership will create comprehensive security solutions to protect organizations across multiple vectors.
NetWitness has partnered with Palo Alto Networks and Broadcom to launch SASE (Secure Access Service Edge) packet integrations, as detailed in DarkReading. This collaboration aims to provide a unified and secure networking and security service.
Deloitte and Wiz have entered into a strategic alliance to accelerate digital transformation, as mentioned in a Wiz blog post. The alliance combines Deloitte's industry knowledge and Wiz's innovative approach to cloud security.
LogRhythm and Zscaler have partnered to strengthen their cybersecurity offerings, as reported by MSSP Alert.
Stellar Cyber has partnered with NextGen Group and Provintell to extend its global reach, according to MSSP Alert.
Finally, Critical Start has partnered with Sumo Logic to expand security services for SIEM (Security Information and Event Management), as detailed in MSSP Alert.
Conclusion
And that’s a wrap for April 17th - May 11th! If you have any feedback or would like to chat, please share it in the comments or reach out to me on LinkedIn, I’m always looking to improve this publication. See you soon for the next Cybersecurity Innovation Pulse issue!
Disclaimer
The opinions expressed in this newsletter are solely my own and do not reflect the views or opinions of my employer. The information provided in this newsletter is for general informational purposes only and should not be construed as investment advice or a recommendation to buy or sell any securities. Always consult with a qualified financial advisor before making any investment decisions.