The state of venture capital and cybersecurity startups.

DataTribe released a report today detailing the state of venture capital investments and cyber startups in Q3 2022.

Deal activity.

Venture activity is down, overall, and continues to fall as the years pass. The exception, DataTribe discovered, is cybersecurity seed investment activity, which increased 37.5%, from 24 to 33 deals year over year. Overall, cybersecurity activity is only down 3.3% year over year, compared to a decline of 23.7% across other verticals.

The Twitter whistleblower.

The report discusses the case of Peiter “Mudge” Zatko, a former Twitter employee who filed a SEC report about security practices at Twitter. Zatko has been in the cybersecurity industry for a long time, having testified in front of Congress in the late 90’s on cybersecurity issues. Zatko eventually became part of the Twitter team, and discovered they were more lax on cybersecurity than he believed the company should be. “Many engineers at Twitter had a stance that security measures made their lives difficult and slowed people down,” said Twitter engineer Edwin Chen, quoted in the Washington Post. This difference in handling the situation led to Zatko’s dismissal and whistleblower report.

The report says that it’s likely, following the large amount of uncertainty and stress at Twitter between Zatko’s report and Elon Musk’s bids for the company, that a large number of staff at Twitter will leave, inducing a period of elevated security risk.

Storing enterprise secrets.

The report discusses the recent breaches of Uber and the Veterans Administration, saying that company secrets were just “left out for the taking.” The lack of organization in management of company secrets, as well as identification, is an issue for IT at different organizations. The importance of knowing where company information is stored, and ensuring that it’s not being hard-coded into software or left on file servers, is very high.