|
|
|
|
|
Cyber Daily: Cyber Investing, Once Plentiful, Faces a Reckoning
|
|
|
|
|
|
Good day. The broad selloff in stocks has rattled the technology sector, and cybersecurity isn’t immune. What has surprised investors in private markets, however, is the speed with which the effects have been felt in late-stage investing.
Hedge funds, crossover funds and other late-stage investors have largely pulled back from the cyber market, meaning deals that used to be tied up in days now take weeks. While early-stage investing, from seed to Series A, is still strong, the trend may have companies looking more at how they manage their cash flow in the future.
Also today: Gloucester Council in the U.K is still recovering from a December hack; cyber researchers face physical threats; and the European Parliament is holding hearings with NSO Group.
|
|
|
CONTENT FROM OUR SPONSOR: Netscout
|
|
What to Expect When You’re Protected.
Attackers are getting smarter and more daring. Learn what IT professionals from more than a dozen industries had to say about smart hybrid DDoS protection and edge defense.
Read More
|
|
|
|
|
|
|
|
|
The quick slowdown in cybersecurity funding has surprised even some veteran investors.
PHOTO: DAMIAN DOVARGANES/ASSOCIATED PRESS
|
|
|
|
Venture capital money has poured into cybersecurity companies in recent years, driven by an increase in hacking and elevated valuations for startups. Now fears of recession and a disruption in the wider technology market are beginning to curb cybersecurity investments.
Investors say the industry has seen a contraction in late-stage funding, where companies have enjoyed years of rounds in the hundreds of millions of dollars and multibillion-dollar valuations at high multiples of their revenue. The speed of the change has surprised even some veteran investors.
Rama Sekhar, partner at Palo Alto, Calif.-based VC firm Norwest Venture Partners, said that last year VC funding was plentiful and investors were focused on growth. “It’s been dramatically different over the last two months just based on the markets—the private and startup markets always lag the public markets in terms of reaction to downturns, but this one was very quick and very swift,” he said.
Companies and governments depend on the cybersecurity sector to keep pace with the sophistication of hackers. A weakened cybersecurity industry could open the door to further attacks.
“At the end of the day, just because the markets are down, the bad actors aren’t going away. If nothing else, it’s accelerating what they’re doing,” said Mark Hatfield, founder and general partner at cyber-focused VC firm Ten Eleven Ventures.
The slowdown is part of a broader downturn in public markets, where the technology industry has been particularly hard hit following years of growth fueled in part by low interest rates and stay-at-home orders during the pandemic. Tech-heavy indexes such as the Nasdaq Composite Index have seen sharper dips than other benchmarks.
Read the full story.
|
|
|
|
|
The vulnerabilities were found in technology used in power stations and wind turbines, among other industrial settings. PHOTO: ALEX KRAUS/BLOOMBERG NEWS
|
|
|
|
Researchers report 56 flaws in critical infrastructure technology. Operational technology equipment from 10 different manufacturers contains flaws that allow for compromising credentials, bypassing authentication, remote code execution and other tactics that could impact devices, according to a report from Forescout Technologies Inc.’s Vedere Labs. The report said many operational technology devices aren’t built securely and use platintext credentials or weak cryptography. The 56 flaws identified in the report affect devices used in numerous industrial sectors. (Bleeping Computer)
|
|
|
PHOTO: VICTOR J. BLUE/BLOOMBERG NEWS
|
|
|
Cybersecurity researchers face real-world threats. Security experts say some people who work to prevent cybercrime have received death threats, and professionals who engaged directly with ransomware groups have faced personal threats. In one case, a researcher’s child was threatened. Other hackers posted information they found on cyber experts’ families on darknet forums, and encouraged other hackers to target them. (CSO Magazine)
|
|
|
Gloucester still restoring systems after December cyberattack. The city council of Gloucester in the U.K. has been repairing technology systems since a major cyberattack in December, and authorities set aside £630,000, or around $771,000, for the recovery. The council only recently was able to begin processing land charge searches again, a step required for home buyers to complete their purchases. (BBC)
|
|
|
$21 Billion
|
The projected funding for cyber companies this year, according to estimates from investment banking company DBO Partners LLC. Last year, it was $26 billion.
|
|
|
|
|
|
|
PHOTO: MENAHEM KAHANA/AFP/GETTY IMAGES
|
|
|
European Parliament holds hearing with NSO Group. European Parliament members questioned Israeli company NSO Group, maker of the Pegasus spyware, on Tuesday. The legislative body in March set up an inquiry committee into the use of the software after it was revealed that European political leaders and lawmakers had been targeted by it, including Spanish Prime Minister Pedro Sanchez. NSO Group’s general counsel and an external lawyer attended the Brussels parliament hearing. (Politico)
|
|
|
-
Strava user spies on Israeli military with fake routes in bases. An unidentified user of the fitness-tracking app Strava observed service members’ movements across military installations, potentially observing them as they traveled between countries on official business. The operative created fake running routes within bases, picking up runners who had completed similar segments despite other privacy controls. One user running on a base thought to be linked to the Israeli nuclear program was observed moving to other installations and across international borders. (The Guardian)
-
What period-tracker apps’ data practices mean if Roe v. Wade is overturned. If the Supreme Court strikes down Roe, your digital breadcrumbs—including the kind that come from period trackers—could be used against you in states where laws criminalize aiding in or undergoing abortion. WSJ Personal Tech Columnists Nicole Nguyen and Cordilia James break down different apps’ data policies and potential implications for consumers. (WSJ)
|
|
|
|
|
|
|