From Paul's Security Weekly
Jump to: navigation, search

Business Security Weekly #81

Recorded April 16, 2018 at G-Unit Studios in Rhode Island!


  • Michael Santarcangelo
    Founder of Security Catalyst, author of Into the Breach, and creator of the Straight Talk Framework.
  • Shawn Tuma
    is the Cybersec & Data Privacy Attorney at Scheef & Stone, LLP.


    • The webcast with Distil Networks on "The Year Bad Bots Went Mainstream", is being held on Wednesday, April 25th. Register now at
    • Check out SOURCE Boston 2018 from May 9th - 10th! Go to and register using the code SW75WMKW to get a $75 discount!
    • Ticket Sales are open for Social Engineering RI Conference. Saturday, June 6th at Salve Regina University in Newport RI. Go to - to register! Patrick Laverty will be joining us for an interview next week. Stay tuned to hear more about this conference!

    Interview: Shawn Tuma on The Legal Case for Cyber Risk Management

    Shawn Tuma is an experienced cybersecurity and data privacy attorney and partner at Scheef & Stone. He is widely recognized as in international thought-leader and subject matter expert in cybersecurity and data privacy law. Having practiced in this area of law since 1999, he is one of the most experienced and well-respected cybersecurity and data privacy law attorneys in the United States.

    • Why is cybersecurity no longer just an IT issue/responsibility?
    • How does legal protect companies from their data?
    • Is this where reasonable security comes in?
    • Does it make sense to have an attorney lead the cyber risk management program?
    • How do we strike the balance between box-checking and boiling the ocean?

    Audience Requested Segment: Attorney-Client Privilege & Security

    Shawn Tuma sticks around to sort the good advice from the misinformation surrounding attorney-client privilege in security.

    • What is attorney-client privilege and why is it interesting to security leaders?
    • Where it make work?
    • What doesn't work?

    Tracking Security Innovation

    Carbon Black files for IPO (worth $100M?)

    VMware acquired E8 for undisclosed

    Bomgar acquired by Francisco Partners for undisclosed

    SourceClear acquired by CA for udisclosed

    • ‘SourceClear is a software composition analysis tool that helps developers in identifying the security of the libraries used in open-sourced applications.’
    • $11.5M over 2 rounds (seed and equity)
    • (BlackDuck was recently acquired by Synopsys,

    SecDo acquired by Palo Alto Networks for undisclosed

    Karamba Security raised $10M in debt round

    SpyCloud raised $5M Series A

    • ‘SpyCloud specializes in providing cybersecurity solutions that focuses on protecting businesses from data breaches and account takeover attacks.’
    • $7.5M over 2 rounds

    Verkada raised $15M Series A

    • ‘Verkada is a cloud-based video surveillance platform that offers activity indexing, access control and tamper detection solutions for businesses.’
    • $18.1M over 3 rounds
    • IoT/Cloud/Video Surveillance (now called video security)

    Armis raised $30M Series B

    • ‘Armis develops an Internet of Things security platform that allows enterprises to control and restrict unmanaged devices accessing their systems.’
    • $48.1M over 3 rounds

    Expel raised $20M in Series B

    • ‘Expel is a cybersecurity firm that helps enterprises to analyze, detect, investigate and respond to threats.’
    • $27.5M over 2 rounds
    • Looks like emphasis on response, replace the spend for MSSP

    ObserveIT raised $16M in a Series B

    OPAQ Networks rises $22.5M in Series B

    Empow raised $10M in Series B

    • ‘Empow is a cyber security firm that that uses AI and machine learning analytics to classify threats and alerts.’
    • $19M raised in 2 rounds since Feb 2017
    • Part of the anti-SIEM backlash; drive toward automation and orchestration

    Kenna raised $25M Series C

    • ‘Kenna Security develops a cloud-based vulnerability management platform that helps organizations to measure risk and prioritize remediation.’
    • $45M over 3 rounds since Nov 2012
    • Plans to hire more, expand sales, “innovate”

    Checkr raised $100M Series C

    • ‘Checkr is an online platform that offers background screening, information security and compliance management solutions for enterprises and startups.’
    • $149M over 3 rounds
    • Helps everyone make better, more nuanced connections

    Onapsis raised $31M in Series C

    Follow us on Twitter Watch Security Weekly videos Listen to Security Weekly Security Weekly fan page Connect with Paul Google+