VC investments in cybersecurity cools off in Q2 of 2022

The cybersecurity startup market has cooled in recent months amid a broader tech slowdown:

• PitchBook stated that infosec market funding was $3.2b in Q2 2022, down 45% from Q1. Exits fell to 13 in Q2 2022 -- their lowest level since 2018.
• Separately, DataTribe reported that median valuations for cyber startups fell to $12m in Q2, down 33% from $18m in Q1.

From a broader perspective:

• The cyber market's long-term prospects remain strong -- the global cybersecurity market is projected to grow at a 13.4% CAGR through 2029.
• The industry is now inundated with vendors -- most venture-backed, many cash-flow negative. Scores of these new vendors will have layoffs/merge/fail. Some tips to manage this turmoil for enterprise customers:
• Create a 2x2 with “Criticality to our Ops” vs. “Financial Viability” as the axes -- plot your vendors.
• Focus on high-risk vendors & ask leadership (not the sales reps): “What’s your monthly cash burn?” and “How much money is in your account?”
• Start scenario-planning on what you would do if “Vendor X” cuts staff, gets bought or shutters.

Nokia's equipment is powering Putin’s surveillance apparatus

 

• Despite stopping sales in Russia, Nokia’s equipment continues to power Moscow’s digital surveillance apparatus:
• For 5+ years, Nokia provided equipment to link the System for Operative Investigative Activities (SORM) to MTS, Russia’s largest telecom provider:
• FSB -- Russia’s main intelligence service -- uses SORM to listen in on phone conversations & it is being used to crack down on domestic dissent against the invasion of Ukraine.
• Nokia acknowledged providing the equipment & stated that Russian law required it to make products enabling Russian telecoms to connect with SORM.
• Nokia executives first pled innocence. When confronted with internal docs, they suggested that if they had not served the FSB, then Huawei would have.

 

• The FBI issued a warning to crypto investors about the risks of decentralized finance (DeFi) platforms:
• Between Jan. & March 2022, cybercriminals stole $1.3 billion in cryptocurrencies -- almost 97% of which came from DeFi platforms.
• Unlike traditional banks, DeFi platforms aren’t backed by govt insurance policies, meaning investors have little recourse to recover hacked/stolen funds.

• Fraud, illicit transactions & hacks are pervasive in the crypto market -- hackers now manipulate DeFi platforms’ own governing mechanisms to steal funds:
• DeFi systems incurred $10.5 billion in criminal losses in 2021.
• 99% of hacked cryptocurrencies in Q1 2022 were stolen as a result of software exploits.