At a glance.
- L3 Technologies planning to acquire NSO Group.
- Microsoft acquires Miburo Solutions.
- Immuta raises $100 million.
Mergers and acquisitions.
New York-based aerospace and defense technology contractor L3 Technologies is reported to be the “leading candidate” to acquire the controversial Israeli firm NSO Group, known for its proprietary Pegasus spyware. The group has been blacklisted by the US government and faced a range of lawsuits and regulatory scrutiny, along with hostile press coverage. SecurityWeek reports that this follows their acquisitions of Azimuth Security and LinchPin Labs, both groups that work in the business of supplying exploit and surveillance tools to governments. The Guardian reports that this acquisition would give the American firm control over “one of the world’s most sophisticated and controversial hacking tools.”
Microsoft has acquired cyber threat analysis and research firm Miburo Solutions amid heightened concerns over the possibility of cyberattacks arising from Russia’s war against Ukraine. Corporate Vice President of Customer Security and Trust for Microsoft, Tom Burt, said in a blog post, “With the acquisition of Miburo, we will continue our mission to take action, and to partner with others in the public and private sectors to find long-term solutions that will stop foreign adversaries from threatening public and private sector customers and, in fact, the very foundations of our democracy.”
Greensboro, North Carolina-based provider of legal technology firm TCDI has signed an agreement to acquire insurance broker Aon’s eDiscovery practice. Insurance Journal reports that the acquisition “will strengthen TCDI’s existing eDiscovery offerings, adding expansive advisory services such as information governance to its comprehensive legal solutions.”
Investments and exits.
Boston-based cloud data access firm Immuta has raised $100 million in Series E funding, led by NightDragon, with participation from Snowflake Ventures, as well as existing investors. This funding puts the company valuation at $1 billion. Security Week reports that the funding will be used to “accelerate product innovation; expand sales, marketing, and customer success teams; and deepen partnerships within the cloud data ecosystem.”
Forcepoint Federal, a Virginia-based computer security and data protection company, has been awarded an $89 million contract with the United States Department of Defense (DoD) to build a “user activity monitoring enterprise solution” for the Pentagon’s combatant commands and Fourth Estate. MeriTalk reports that Forcepoint will work with the Defense Information Systems Agency (DISA) to provide “a fully integrated and accredited user activity monitoring enterprise solution, multi-level architecture and all the requisite software, hardware, training, and cleared engineering services under a unified management.”
San Francisco-based identity platform startup Middesk has raised $57 million in Series B funding, co-led by Insight Partners and Canapi Ventures, with contributions from existing investors Sequoia, Accel, and Gaingels. Help Net Security reports that the company will use the funding “to invest in new and existing products, scale the team, and educate the market about business identity.”
Backup-as-a-service firm HYCU, headquartered in Boston, has raised $53 million in Series B funding, led by Acrew Capital, with contributions from Atlassian Ventures and Cisco Investments, alongside all previous investors. The company says that the funding will be used to “invest in go-to-market initiatives to meet increasing demand for its products. It will also invest in launching a new developer-led SaaS service. In addition, the company plans to expand alliances, product marketing, and customer success teams.”
Vendor security assessment company Whistic, based in Utah, has raised $35 million in Series B funding, led by JMI Equity, with contributions from Album VC, Emergence Capital, Forgepoint Capital, and FJ Labs. Whistic CEO, Nick Sorensen, said, “This investment from JMI allows us to accelerate our ability to continue solving urgent problems for our global customer base and we couldn’t be more excited for the future.”
Global identity security company CyberArk has announced the launch of CyberArk Ventures, a $30 million investment fund designed to support companies producing innovative technology to solve complex security challenges. The fund has been initially aligned with four venture capital investors, Venrock, YL Ventures, Team8 Capital, and Merlin Ventures. Three cybersecurity startups have been selected for initial investments from the fund: cloud data protection startup Dig Security, application security startup Enso Security, and identity-based micro-segmentation provider Zero Networks.
Mountain View, California-based open distributed cloud service Platform9 has closed a $26 million funding round, led by Celesta Capital, with contributions from Cota Capital and NGP Capital, among other investors. The company reports that the funding will be used to “help accelerate Platform9's go-to-market (GTM) strategy and position the company to deliver scalable growth through more large-scale enterprise deployments.”
Georgia-based banking security and compliance platform DefenseStorm has raised $15 million in Series C funding, led by JAM FINTOP, with participation from existing investors. DefenseStorm CEO Steve Soukup said of the investment, “DefenseStorm and JAM FINTOP are fully aligned in our missions to make the best technology available to community banks. Our comprehensive approach to cyber risk makes it possible for all banks to take the right steps to protect their assets, customers, and reputation.”
Flare, a digital footprint monitoring company based out of Montreal, has raised CAD$9.5 million in Series A funding, which will be used to fund a rapid expansion of the company. The round was led by Inovia Capital with contributions from White Star Capital and Luge Capital. Flare CEO Norman Menz said of the Inovia investment, “Our partnership will propel Flare to the next phase of growth and enable us to deliver on an ambitious roadmap to democratize cybersecurity and empower the mid-enterprise to effectively manage the external threat landscape."
Open source intelligence (OSINT) identity access and management firm 443ID, headquartered in Austin, Texas, has emerged from stealth with $8 million in seed funding, led by Bill Wood Ventures and Silverton Partners. Security Week reports that the funding will be used to “expand its in-house expertise, by recruiting experts in identity and access management, cybersecurity, cryptocurrency, adtech and OSINT.”
Swiss open source identity management platform ZITADEL has raised $2.5 million in seed funding, led by Nexus Venture Partners. Help Net Security reports that the company will use the funding to provide developers with an open source identity management alternative, as well as evolving its solution, scaling sales growth, and nurturing the open source community.
The Cyber Threat Alliance has elected Jaya Baloo and Joe Chen to its board of directors. Baloo is Chief Information Security Officer (CISO) at Avast, and Chen is Vice President of Engineering at Symantec Enterprise Division of Broadcom.
CSO Online reports that Mandiant’s newly launched Cyber Alliance program, announced last week, has seen the addition of some leading cybersecurity vendors. The program was formed to integrate security systems and share threat intelligence. Vendors taking part in the program include: Cloudflare, CrowdStrike, Google Cloud, InnerActiv, Interos, IronNet, Microsoft, Netskope, Nozomi Networks, Nucleus Security, SentinelOne, SimSpace, SnapAttack and Trellix, among others.
Fortunes of commerce.
SecurityWeek reports that OneTrust and Cybereason are facing staff cuts, despite achieving billion-dollar valuations not too long ago. OneTrust has let go of 25% of its workforce, about 950 people, and Cybereason has let go of 10% of its employees, roughly 100 people. Leaders from both companies cite the unsteady state of capital markets as reason for the layoffs.
Coinbase is cutting about 1,100 employees, which make up around 18% of the company’s staff, amid the crypto meltdown, says Wall Street Journal. In a letter to employees, Coinbase Chief Executive Brian Armstrong cites high “employee costs” in an “uncertain market” as reason for the layoffs, and continues, saying, “We appear to be entering a recession after a 10+ year economic boom. A recession could lead to another crypto winter, and could last for an extended period. In past crypto winters, trading revenue (our largest revenue source) has declined significantly.”
Cybersecurity companies struggle to find qualified candidates, and we hope that they take a look at the people affected by the layoffs at OneTrust, Cybereason, and Coinbase. And we wish everyone who found themselves without a job quick success in finding a new position.