Content by Michael Novinson

SEC Delays Final Rules on Breach Disclosure, Board Expertise

Michael Novinson  •  June 20, 2023

Federal market regulators delayed until October a decision on rules mandating private sector disclosure of cybersecurity incidents and cyber expertise on public boards. The delay comes amid pushback to a mandate to disclose a "material cybersecurity incident" within four business days of discovery.

Sonatype, Snyk, Synopsys Top SW Comp Analysis Forrester Wave

Michael Novinson  •  June 19, 2023

A surging Sonatype and Snyk joined stalwart Synopsys atop Forrester's software composition analysis rankings, while Mend.io tumbled from the leaders category. SCA historically didn't get as much attention as application security testing but that’s changing, said Forrester's Janet Worthington.

DDoS Attacks Culprit of Recent Azure, Microsoft 365 Outages

Michael Novinson  •  June 17, 2023

The litany of outages plaguing Azure and Microsoft 365 in recent weeks stems from DDoS attacks carried out by a pro-Russian hacktivist group. The threat actor since early June has launched DDoS attacks from multiple cloud services and open proxy infrastructures thanks to its collection of botnets.

MOVEit Reveals Another SQL Injection Bug; New Victims Emerge

Michael Novinson  •  June 16, 2023

The latest vulnerability in MOVEit's managed file transfer application could lead to escalated privileges and unauthorized access to customer environments. Progress Software said a SQL injection flaw could allow an unauthenticated attacker to gain unauthorized access to the MOVEit Transfer database.

C5 Looks to Take IronNet Private, Oust Gen. Keith Alexander

Michael Novinson  •  June 16, 2023

C5 Capital extended struggling threat detection firm IronNet a financial lifeline contingent on retired four-star Gen. Keith Alexander stepping down as CEO of the company he founded. The venture capital firm will inject $51 million if IronNet hires ex-Houghton Mifflin Harcourt CEO Linda Zecher.

Russian National Charged With Carrying Out 4 LockBit Attacks

Michael Novinson  •  June 15, 2023

Federal officials charged a Russian national with carrying out at least four LockBit attacks against businesses in the United States, Asia, Europe and Africa. The Justice Department said Ruslan Magomedovich Astamirov, 20, of Chechnya, deployed ransomware between August 2020 and March 2023.

Sumo Logic Lays Off 79 Staffers on Heels of Sale to PE Firm

Michael Novinson  •  June 14, 2023

Sumo Logic has axed 8% of its workforce less than a month after Francisco Partners paid $1.7 billion to take the data analytics vendor private. The company told California's Economic Development Department on June 7 that it would lay off 79 staff at its Silicon Valley headquarters the following day.

Thales to Buy Tesserent for $119.1M to Aid Australian Growth

Michael Novinson  •  June 13, 2023

A French conglomerate will buy Australia's largest publicly traded cybersecurity company to expand its cyber service delivery capability in the high-growth Oceania market. The Tesserent deal will help Thales to accelerate its development road map and boost its footprint in Australia and New Zealand.

Expel Lays Off 10% of Workers 8 Months After Hauling in $31M

Michael Novinson  •  June 12, 2023

Expel has axed 60 workers just eight months after hauling in $31 million to provide the managed detection and response vendor with a financial cushion. The company will reduce its 600-person staff by 10% - or 60 people - in response to "many shifts in the market," the co-founders wrote in a blog.

Shift5 Gets $33M to Help Safeguard Commercial Transportation

Michael Novinson  •  June 9, 2023

Moore Strategic Ventures led a $33 million investment into a military and transportation security startup founded by officers who stood up U.S. Army Cyber Command. The funds will help Shift5 expand from safeguarding military vehicles to protecting commercial modes of transportation.

Blackpoint Gets $190M From Bain Capital to Boost MSP Defense

Michael Novinson  •  June 8, 2023

Bain Capital led a $190 million investment into a managed detection and response provider founded by a former National Security Agency computer operations expert. The money will support development of Blackpoint's security technology and enable its MSP partners to combat a changing threat landscape.

Dragos Lays Off 9% of Workers as OT Security Spending Slows

Michael Novinson  •  June 7, 2023

Dragos has axed 50 workers after longer sales cycles and smaller initial deployment sizes caused the industrial cybersecurity vendor to miss its first quarter revenue target. Dragos revealed plans to reduce its staff by 9% to ensure the company can stay independent through an IPO or Series E round.

Snyk to Acquire App Security Posture Management Startup Enso

Michael Novinson  •  June 7, 2023

Snyk plans to purchase an Israeli startup founded by members of Wix's application security team and backed by CyberArk to help organizations govern developer security. The developer security vendor said its proposed buy of Enso Security will give clients a view of their application security posture.

Cisco Doubles Down on Generative AI, SSE, Cloud App Security

Michael Novinson  •  June 6, 2023

Cisco took its first major step toward realizing its secure cloud vision in April with the debut of a new extended detection and response platform. The next set of enhancements around generative AI, secure access and defending applications across multiple clouds debuted Tuesday at Cisco Live 2023.

Why Rubrik Is Looking to Break Cybersecurity's IPO Dry Spell

Michael Novinson  •  June 5, 2023

Despite the beating new publicly traded security companies have taken during the economic downturn, Rubrik is looking to test its luck in the public market. Reuters reported Monday the firm is working with Goldman Sachs, Barclays and Citigroup in preparation for an IPO that could take place in 2024.