Final fundings for 2024, Blackberry sells Cylance cheap, Product Testing Drama – ESW #388
In the enterprise security news,
- a final few fundings before the year closes out
- Arctic Wolf buys Cylance from Blackberry for cheap, a sentence that feels very weird to say
- the quiet HTTPS revolution
- passkeys are REALLY catching on
- resilience keeps showing up in the titles of news items
- Apple Intelligence insults the BBC’s intelligence
- MITRE ATT&CK evals drama
- Lastpass breach drama continues
All that and more, on this episode of Enterprise Security Weekly
Hosts
- 1. FUNDING: Courtesy of the Security, Funded Newsletter, Issue #174 – All I Want for Christmas is [Shareholder Value]!
A few final fundings before we wrap up 2024:
- Sublime Security raises a $60M Series B for email security
- Canadian-based Flare raised a $30M Series B for brand protection and threat intelligence
- Island raised an Series D, though the amount was not disclosed, ooooh, mysterious!
- 2. ACQUISITIONS: Arctic Wolf and BlackBerry Announce Acquisition Agreement for Cylance
$160M??? That's a massive loss in value. Not too far off from Cybereason's losses.
- 3. NEW TOOLS: dreadnode/burpference: A research project to add some brrrrrr to Burp
- 4. GOOD NEWS: The Quiet HTTPS Revolution
It might be small consolation, but we did it. We encrypted the public Internet.
Internal networks? Probably not, there's probably still a lot of cleartext protocols flying around all over on teh LANs.
- 5. LEGISLATION: FCC, for first time, proposes cybersecurity rules tied to wiretapping law
The USGov is scrambling to address telecom security after it became widely known that China thoroughly compromised them.
It's not like this is the first time securing telecoms has come up, however. A birdie shared with me that, 11 years ago, it was decided to make security measures voluntary.
- 6. REGULATIONS: Ensure compliance with DORA ICT risk framework using runZero
I don't know much about DORA, but what I've seen, I really like. Loving this push towards resilience, understanding your assets...
- 7. HOT TAKES: MITRE ATT&CK Evaluations Drama
Ranking or scoring products always leads to bad places. Don't do it.
- 8. BREACHES: LastPass 2022 hack fallout continues with millions of dollars more reportedly stolen
I had no idea so much crypto was stolen!
- 9. ESSAYS: Why Every Cybersecurity Leader Needs Financial Literacy
So true. It's arguably more important than technical literacy, which explains why we've seen an increase in "professional" CISOs over the past decade or so. It's not uncommon to see a former chief financial officer, general counsel, or HR leader step into a CISO role in an organization with a sizable security staff that can benefit more from better management than having a cyber expert at the helm.
