2023 Funding, SASE Certification – Mike Privette, Pascal Menezes – ESW #344
Full Audio
View Show IndexSegments
1. 2023 Funding and Acquisition Summary with Return on Security – Mike Privette – ESW #344
We're excited to give an end-of-year readout on the performance of the cybersecurity industry with Mike Privette, founder of Return on Security and author of the weekly Security, Funded newsletter. This year, this podcast has leaned heavily on the Security, Funded newsletter to prep for our news segment, as it provides a great summary of all the funding and M&A events going on each week.
In this segment, we look back at 2023, statistics for the year, comparisons to 2022, interesting insights, predictions, and more!
Segment Resources:
- Mike's blog; Return on Security: https://www.returnonsecurity.com/
- Mike's newsletter; Security, Funded: https://www.returnonsecurity.com/subscribe
Announcements
Security Weekly listeners: Cyber threats are evolving — is your organization keeping up? The 2023 Cybersecurity Year in Review is Here! Uncover the latest challenges and strategic responses in CRA's 2023 Cybersecurity Year in Review – sponsored by RSA Conference. From the impact of generative AI to the risks of ransomware to navigating new SEC rulings, get ahead for 2024 with your free copy. Download the report at securityweekly.com/yearinreview2023
Guest
Mike Privette is the founder of Return on Security and the industry’s first cybersecurity economist. With over 18 years of experience as a security engineer, leader, and CISO, Mike recognized a critical need for accessible intelligence on the cybersecurity landscape from a practitioner’s perspective.
Frustrated by the lack of concise resources to track emerging cybersecurity companies and industry trends, he created Return on Security to serve cybersecurity leaders, founders, investors, and policymakers. Mike analyzes data on technological advancements, regulatory changes, and economic indicators across major economies, providing insights that connect cybersecurity with global economic dynamics.
Host
2. Creating a certification path for SASE products and services – Pascal Menezes – ESW #344
Understanding how CyberRatings, NaaS, and SASE combine to make network security easier to buy and deploy. MEF is an industry association, providing standards, certifications, and facilitating community discussions. MEF has teamed up with CyberRatings.org to establish a certification program for SASE services, making it easier for buyers to understand what's included in SASE-related products and services.
Segment Resources:
Guest
Pascal Menezes, CTO at MEF, is a seasoned expert with a laser focus on cutting-edge technologies. His areas of expertise encompass SD-WAN, SASE, cloud-scale architectures, real-time media networks, SDN, NFV, and LSO. With a decade at Microsoft Skype for Business Global Carrier Group, and a track record of success in five startups, Pascal has earned global thought leadership awards, presented at renowned events, contributed to industry standards in the IETF, MEF, and Broadband Forum (MPLS), holds 30+ patents. Pascal hosts MEF’s Executives at the Edge podcast.
Host
3. Ransomware prevention, ransomware stats, SSH vulns, and $1 Chevy Tahoes! – ESW #344
This week, in the security market, we talk about next NEXT gen anti-virus, how Okta can (apparently) do no wrong, and a VC firm imploding.
Then we discuss how smartphones and speakers are allegedly being used to spy on us, and the future of privacy and consumer tech products.
The latest SSH vuln is much less concerning than media outlets and academic researchers would have you believe. The Citrixbleed vuln, however is about as bad as vulns can get, and has led to one of the biggest US consumer breaches in a while, with Comcast/XFinity losing all customer records.
The SEC backpedals (again!) on requiring breached companies to provide details about how they got breached.
And finally, we have some fun with some squirrel stories that you should absolutely check out by going to our show notes, here: https://securityweekly.com/esw344
Hosts
- 1. FUNDING: Halcyon Closes $40M Series B to Scale Mission of Defeating Ransomware
- 2. ACQUISITIONS: Okta acquiring cybersecurity startup Spera for over $100 million
- 3. SHUTDOWNS: VC firm OpenView Venture Partners winds down
- 4. ANALYSIS: Lets Open(Dir) Some Presents: An Analysis of a Persistent Actor’s Activity – The DFIR Report
- 5. ESSAYS: AI Security by Design?
- 6. ESSAY: Marketing Company Claims That It Actually Is Listening to Your Phone and Smart Speakers to Target Ads
- 7. BREACHES: Fred Hutch Cancer Center attack claimed by Hunters International
Just another ransomware target. You know - hospitals, cancer centers...
This kind of attack is so prolific these days, there were 115 organizations hit in the second week of December alone: https://twitter.com/ido_cohen2/status/1734612507309023306
It's officially out of hand.
- 8. BREACHES: Xfinity hack affects nearly 36 million customers. Here’s what to know.
- 9. VULNERABILITIES: SSH protects the world’s most sensitive networks. It just got a lot weaker
But did it really though? Or is this just another academic vuln that will never be used IRL?
- 10. VULNERABILITIES: This Google OAuth vulnerability allows former employees to retain SaaS access. Here’s what you need to know.
- 11. LAW ENFORCEMENT: Justice Department Disrupts Prolific ALPHV/Blackcat Ransomware Variant
- 12. LAW ENFORCEMENT: Blackcat Search Warrant
- 13. REGULATIONS: Under pressure, SEC backpedals on 4-day breach disclosure rule at 11th hour of mandate
FFS: "the industry has responded positively to a last-minute change that does not require companies to file the technical details of a breach"
SIGH
- 14. REGULATIONS: Digital Operational Resilience Act (DORA), (EU) 2022/2554, Articles
- 15. SQUIRREL: Tweet from Paul Fairie: A List of Predictions Made in 1923 About 2023
- 16. SQUIRREL: GM Dealer Chat Bot Agrees To Sell 2024 Chevy Tahoe For $1
- 17. SQUIRREL: Mike Privette uses GenAI to imagine an industry analyst losing their mind
