At a glance.
- New York's financial regulator charges First American subsidiary with cybersecurity violations.
- Darktrace shifts one of its CEOs to Chief Strategy Officer.
- Avast moves VPN servers out of Hong Kong.
- Intel considers outsourcing chip production
Mergers and acquisitions.
New York-headquartered software assurance and security provider GrammaTech has acquired the intellectual property and assets of Italian software security testing company JuliaSoft. GrammaTech stated that "the Julia Static Analyzer will be unified into the CodeSonar® platform. This will enable developers to perform static analysis of C, C++, Java and C# code and develop secure applications faster."
Momentum Cyber published its Cybersecurity Snapshot for May 2020. The report states that fifteen M&A deals occurred in the cybersecurity industry in May, with disclosed values totaling $154 million. Additionally, thirty-two financing deals took place, totaling $497 million. 47% of these transactions were early stage to Series A, with a median value of $7.5 million.
Investments and exits.
Los Angeles-based mobile access control company Openpath has raised $36 million in a Series C round led by Greycroft, with participation from Okta Ventures, LPC Ventures, Allegion Ventures, and Sentre. According to PlaceTech, the company will use the funds "to accelerate Openpath’s product engineering, hardware and software development, and will support Openpath’s expanding client-base across new verticals, as their core safety platform for the built world continues to gain traction in the US and internationally."
Palo Alto, California-based attack surface management provider CyCognito has raised $30 million in a Series B round led by Accel, with participation from existing investors Lightspeed Venture Partners, Sorenson Ventures, and UpWest. Eric Wolford, a partner at Accel, will join CyCognito's board of directors. CyCognito's co-founder and CEO Rob Gurzeev said the funding will allow the company to "greatly increase" its market reach.
Israeli cloud identity and data security company Ermetic has raised $17 million in a Series A round led by Accel, with participation from prior investors Glilot Capital Partners, Norwest Venture Partners, and Target Global. The company says it will "use the funds to scale research & development, go-to-market, sales, marketing and customer support initiatives for its Cloud Infrastructure Entitlements Management platform." Andrei Brasoveanu, a partner at Accel, has joined Ermetic's board of directors.
Tel Aviv-based automotive cybersecurity risk assessment firm Cybellum has raised $12 million in a Series A round led by RSBG Ventures, with participation from existing investors Blumberg Capital and Target Global. Cybellum's CEO Slava Bronfman said the funding will "help us expand our footprint in the automotive industry and introduce our technology to additional industries."
Israeli cloud security startup Mitiga has raised $7 million in seed funding from ClearSky Security, Glilot Capital, Flint Capital, Rain Capital, and DNX Ventures. Tech.eu says the company will use the funding to scale its incident response solutions.
Panaseer has established an advisory board chaired by Robert Swan, a well-known polar explorer and environmentalist. Other members of the board include David Fairman, Netskope's Chief Security Officer, APAC; Andreas Wuchner, Group Head IT & Risk Governance for Credit Suisse; Raffael Marty, Chief Research and Intelligence Officer at Forcepoint; James Doggett, former Chief Technology Risk Officer for AIG; and Andrew Jaquith, CISO and General Manager of Cyber Products at QOMPLX.
Cybereason has hired Andrew Borene as its Managing Director of US Public Sector Business. Borene was most recently CEO of QuantaNova (a division of Cipherloc Corporation) and previously served as a Contractor Senior Advisor to the IARPA Director within the Office of the Director of National Intelligence.
Acceptto has added Dr. John Zangardi to its Board of Technical and Strategic Advisory. Zangardi is the president of Redhorse Corporation and was formerly the CIO for the Department of Homeland Security.
Perspecta has appointed Jennifer Swindell as Senior Vice President and General Manager of the company's risk decision unit. Swindell previously worked at Booz Allen Hamilton for nearly two decades, most recently as Senior Vice President of Booz Allen's US Departments of Justice, Homeland Security, and Transportation accounts.
CrowdStrike has hired Jade Porter as Regional Sales Director for the company's Southern Australian and New Zealand region, SecurityBrief says. Porter was previously Senior Director of Dell's Data Center and Compute Business Unit for ANZ. CrowdStrike also promoted Paul Salmon Regional Sales Director for its Northern Australian region. Salmon served in account management roles for McAfee, Symantec, Dell, and others before joining CrowdStrike in 2016.
Companies in the news.
The New York State Department of Financial Services (DFS) last Wednesday charged First American Title Insurance Co. (a subsidiary of First American Financial Corp) with exposing millions of sensitive customer records due to a misconfiguration on the company's website, the Wall Street Journal reports. Reuters notes that this is the financial regulator's first enforcement action under its cybersecurity regulations, which went into effect in March 2017. DFS alleges that the company was aware of the flaw for months and failed to act before it was reported on by Brian Krebs in May 2019. The charges could result in significant fines, since each instance of exposed information is considered a separate violation carrying a penalty of up to $1,000. First American stated that it "strongly disagrees" with the charges and will contest them.
Intel's CEO Bob Swan said on an analyst call last week that the company could cease manufacturing its own chips, the Seattle Times reports. The company's stock fell 16% following Swan's comments.
Where business is done.
Avast has moved its VPN servers out of Hong Kong following the passage of China's new national security law. The company stated, "After careful consideration, we have decided (at least temporarily) to pull our VPN servers from Hong Kong. Traffic will be rerouted via nearby locations, such as Taiwan and Singapore. As we learn more about the enforcement of the new law in China, it’s crucial that we keep our eyes open for measures including the potential use of wiretaps and surveillance by the authorities."
Avast said to its users in Hong Kong, "We want to make it clear: we are not giving up on you. We will continue to offer our services so that you can continue to encrypt your connection using our servers in other locations, and in the meantime, we will continue to promote your ability to access a free and uncensored internet for as long as we possibly can. We’ll continue to monitor the situation closely."
And security innovation.
The city of Manchester is launching a cybersecurity innovation hub in Heron House, GCHQ's Manchester location, SmartCitiesWorld reports. The city is seeking "an operator with a strong track record" to run the facility.