Table of Contents

• Cybersecurity Insights from Q4 2024

  • 1. Cybersecurity Investments, Funding & Trends

    • Cybersecurity Fundings

    • Cybersecurity Mergers & Acquisitions:

  • 2. Cyber Incidents, Ransomware Attacks & Data brea …

  • 3. Guidance, Standards & Regulations - Notable Upd …

  • 4. Artificial Intelligence (AI), Guidance & Regula …

  • Conclusion

• Insights from My Recent Engagements:

• My Ask

Hi Securing Things Community,

Hope you all had a great Q4 2024 and overall a successful 2024. In this newsletter edition, I am excited to present some of the key Cybersecurity (IT, OT/ICS, AI, Open source) insights from Q4 2024 from the industry, insights from my recent engagements, and sharing my most viewed social media posts.

Cybersecurity Insights from Q4 2024

The final / fourth quarter of 2024 has been a dynamic period for the cybersecurity landscape, vendor focus shift, marked by significant investments, notable cyber incidents, evolving regulations, and advancements in AI agentic cybersecurity. Below are key insights categorized into four sections.

In case you missed the previous insights check them out here → Q1, Q2, and Q3 2024.

1. Cybersecurity Investments, Funding & Trends

Q4 2024 has seen notable investments in the cybersecurity sector, reflecting a growing confidence among investors and a focus on innovative solutions.

Cybersecurity Fundings

• Record Funding Levels: According to AGC’s Q4 2024 cybersecurity market insights; Cybersecurity startups witnessed a surge in venture capital investment, reaching $12 billion+ approximately for the entire year of 2024. This marks a significant recovery from previous years, with Q4 alone contributing to this total due to increased investor confidence in AI-driven security solutions.

• Major Funding Rounds: According to Blackhat MEA Notable funding rounds included Wiz, which raised $1 billion, bringing its total valuation to $12 billion. Additionally, IONIX, an attack surface management platform, secured $42 million in Series A funding, demonstrating strong investor interest in innovative cybersecurity solution. Some interesting reference reads are:

  • major cybersecurity investments in 2024 by Blackhat MEA.

  • Top Cybersecurity Startups You Need to Know in 2024 by ESecurity Planet.

  • 10 Key Cybersecurity Startups Acquisitions in 2024 by CRN

• Surge in Venture Capital Investments: Cybersecurity startups experienced a robust resurgence in venture capital investment, with approximately $2.7 billion raised across 154 deals in Q4 alone. This marks a notable recovery from previous quarters and indicates renewed investor confidence in the cybersecurity sector.

• Focus on AI-Driven Solutions: A significant portion of the funding was directed towards companies leveraging artificial intelligence to enhance security measures. Investors are increasingly interested in solutions that utilize AI for real-time threat detection and response, reflecting a broader trend towards automation in cybersecurity.

• Increased Interest in Integrated Platforms: There is a growing preference among investors for integrated cybersecurity platforms that offer comprehensive solutions rather than point products. This trend is driven by the desire for streamlined security operations and improved efficiency, as organizations seek to consolidate their security tools.

• Rise of Cybersecurity-as-a-Service (CaaS): The emergence of Cybersecurity-as-a-Service models has gained traction, allowing organizations to access advanced security tools and expertise without significant upfront investments. This shift is making sophisticated cybersecurity solutions more accessible, particularly for small and medium-sized enterprises.

• Higher Valuations for Later-Stage Startups: Late-stage cybersecurity startups are seeing higher valuations due to their established market presence and proven technologies. Companies with strong financial backing and innovative products are attracting larger investments, reflecting confidence in their growth potential.

• Continued Growth Amid Economic Challenges: Despite broader economic uncertainties, cybersecurity funding remains resilient. The sector is viewed as essential by investors, leading to sustained interest even as other industries face downturns. This trend underscores the critical importance of cybersecurity in protecting against escalating cyber threats.

  These trends highlight a vibrant and evolving cybersecurity funding landscape in Q4 2024, driven by technological advancements, changing market demands, and a heightened awareness of the importance of robust security measures across industries.

Cybersecurity Mergers & Acquisitions:

Q4 2024, continued to see few interesting mergers & acquisitions.

• Heats Up: The cybersecurity sector saw significant consolidation with key acquisitions such as Palo Alto Networks acquiring IBM’s QRadar SaaS business for $500 million, and Fortinet purchasing cloud security start-up Lacework. These moves reflect a strategic focus on enhancing data security capabilities.

• Increased Consolidation: The cybersecurity market experienced a notable surge in consolidation, with major players acquiring smaller startups to enhance their product offerings and market reach. For instance, Palo Alto Networks acquired IBM's QRadar SaaS business for $500 million, while Sophos announced its acquisition of Secureworks for $859 million. This trend indicates a strategic move towards creating comprehensive security solutions that address a wider range of threats and vulnerabilities.

• Focus on Data Security and SaaS: A significant theme in the recent M&A activity has been the emphasis on data security and Software as a Service (SaaS) solutions. Over half of the recent acquisitions involved companies specializing in data protection, reflecting the growing importance of safeguarding sensitive information in an increasingly digital landscape. For example, Fortinet's acquisition of Next DLP aimed to bolster its secure access service edge (SASE) platform.

• Enhanced Capabilities through Innovation: Acquisitions have enabled companies to integrate innovative technologies into their existing platforms. The acquisition of Adaptive Shield by CrowdStrike, for instance, is expected to enhance its Falcon platform with advanced SaaS security capabilities, providing end-to-end protection against identity-based attacks across various cloud environments.

• Market Valuation and Investor Sentiment: The resurgence in M&A activity has positively influenced market valuations for cybersecurity companies. As demand for robust cybersecurity solutions continues to rise due to increasing cyber threats, investor sentiment remains optimistic. This trend is evidenced by the rise in stock prices for companies like Check Point Software and CyberArk Software, which have seen double-digit growth throughout 2024.

• Increased Competition and Innovation Pressure: The competitive landscape has intensified as larger firms acquire innovative startups, pushing remaining players to either innovate or seek partnerships to stay relevant. This dynamic fosters a more vibrant ecosystem where continuous improvement and adaptation are necessary for survival.

• Strategic Focus on AI Integration: Many acquisitions have been driven by the need to integrate artificial intelligence (AI) capabilities into cybersecurity solutions. As organizations look to automate threat detection and response processes, firms that can offer AI-enhanced products are becoming increasingly attractive targets for acquisition.

Overall, the M&A activity in Q4 2024 has significantly reshaped the cybersecurity landscape, driving consolidation, enhancing capabilities through innovation, and fostering a competitive environment that prioritizes data security and AI integration. These developments not only reflect the current state of the industry but also set the stage for future growth and evolution in cybersecurity practices..

• Europe Market Trends: according to ESCO.

In terms of strategic and enabling technologies and or solutions following are key focus:

There’s an interesting report on Cyber Liability Market Update Q4, 2024 by Brown & Brown.

What’s your take on the most interesting M&As? type in comments below.

2. Cyber Incidents, Ransomware Attacks & Data breaches

Q4 2024 has been no short of cybersecurity news related to ransomware attacks and data breaches with millions of records stolen or leaked from all over the world. Here’s some insights on Cybersecurity Incidents in Q4 2024:

• Ransomware Attacks Surge: Q4 2024 experienced a notable increase in ransomware incidents, with several high-profile attacks affecting critical infrastructure sectors. The average ransom demanded rose to over $2 million, highlighting the escalating threat landscape.

• Major Ransomware Attacks are:

  • NHS London (October 2024): The Qilin ransomware group compromised the data of nearly 1 million patients in London hospitals, exposing sensitive medical information, including conditions like cancer and sexually transmitted diseases. This breach raised serious concerns about patient privacy and data security in healthcare systems.

  • Stillwater Mining Company (October 2024): An attack by RansomHub resulted in the theft of personal information from over 7,000 employees. The breach was discovered months after it initially occurred, showcasing the challenges organizations face in detecting and responding to ransomware incidents.

  • Kawasaki Motors Europe (October 2024): RansomHub also targeted Kawasaki’s European offices, claiming to have stolen nearly 500 GB of data. The company took immediate action to isolate its servers and mitigate the impact of the attack.

  • Port of Seattle (November 2024): Rhysida ransomware group executed a significant attack on this critical infrastructure, further emphasizing the vulnerability of essential services to cyber threats. Details on the extent of data compromised were not fully disclosed, but the attack disrupted operations.

  • VOSSKO (November 2024): This German food processing company faced a ransomware attack that encrypted its internal systems. Although some operational disruptions occurred, they managed to restore affected systems relatively quickly.

• Trends and Observations:

  • Increase in Ransomware Incidents: Overall, ransomware attacks surged by 21% throughout 2024, with attackers increasingly leveraging advanced tactics such as adversarial AI to enhance their phishing schemes and exploit vulnerabilities in various sectors.

  • Emergence of New Ransomware Groups: Groups like RansomHub and Rhysida have gained notoriety for their aggressive tactics and ability to execute large-scale attacks against both private companies and public institutions. Their methods often include double extortion strategies, where they not only encrypt data but also threaten to leak it unless ransoms are paid.

    These incidents reflect a broader trend in cybersecurity where organizations must remain vigilant against evolving threats while implementing robust defenses to protect sensitive information from sophisticated ransomware attacks.

• Data Breaches Reported: Major data breaches were reported across various industries, including a significant breach at a healthcare provider that exposed the personal information of over 2 million patients. This incident underscored the urgent need for robust cybersecurity measures in sensitive sectors.

  

  Source: DBIR 2024 Report

Incidents by region:

These incidents illustrate the evolving landscape of cybersecurity threats in Q4 2024.

• Increased Phishing Campaigns: Phishing attacks surged by approximately 30% in Q4 as attackers employed more sophisticated tactics to exploit vulnerabilities during the holiday season. Organizations are urged to enhance employee training and awareness programs to combat these threats effectively.

What was your best reads? type in comments below.

3. Guidance, Standards & Regulations - Notable Updates!

Q3 2024 also saw governments globally, announcing new laws, regulations around critical infrastructure. Similarly, several new cybersecurity industry best practices guidelines, and standards were published. Below are just few key highlights:

• New Regulatory Frameworks: The European Union's updated Cyber Resilience Act (CRA) came into effect, mandating stricter cybersecurity requirements for digital products and services. Organizations must now ensure compliance with these regulations to avoid penalties.

• NIST Framework Revisions: The National Institute of Standards and Technology (NIST) released updates to its Cybersecurity Framework, emphasizing risk management and incident response planning as critical components for organizations operating in both IT and OT environments.

• SEC Cyber Incident Disclosure Rules: The U.S. Securities and Exchange Commission (SEC) implemented new rules requiring publicly traded companies to disclose material cybersecurity incidents within four business days. This regulation aims to enhance transparency and accountability regarding cybersecurity risks.

These updates reflect a significant shift toward more robust cybersecurity regulations aimed at protecting both consumers and organizations in an increasingly digital landscape.

What other important regulations updates you’ve seen in Q3 2024? comment below.

4. Artificial Intelligence (AI), Guidance & Regulations

In Q4 2024, AI continued to saw a significant adaption and innovation in terms of integration of AI into cybersecurity, while it also saw rise of threats stemming from the use of AI. Some key findings include:

• AI Integration in Cybersecurity Solutions: The use of AI technologies in cybersecurity solutions has accelerated, with many startups focusing on AI-driven threat detection and response systems. These advancements are crucial for automating security processes and improving overall efficiency.

• Ethical AI Guidelines Released: Governments and industry groups have begun drafting ethical guidelines for the use of AI in cybersecurity. These guidelines emphasize the importance of transparency, accountability, and fairness in AI applications used for threat detection.

• Regulatory Developments on AI Use: New regulations are emerging that specifically address the use of AI in cybersecurity contexts. These regulations aim to ensure that organizations employing AI technologies adhere to best practices while protecting sensitive data from misuse.

Conclusion

As we conclude Q4 2024, it is evident that the cybersecurity landscape is evolving rapidly. Organizations must stay informed about these trends and developments to enhance their security posture and effectively mitigate risks associated with cyber threats. Stakeholders across all sectors must remain vigilant and informed as they navigate these changes in the cybersecurity domain.

What was your best reads? type in comments below.

Insights from My Recent Engagements:

Provided advisory / consulting on few engagements ranging from both IT and OT security product evaluations, policy and other developments. A slightly better quarter compared to first 3 quarters in 2024. Did the following:

• IT cybersecurity review and strategy presentation as part of assessment exercise.

• OT/ICS cybersecurity charter and OT/ICS Cybersecurity policy development.

• IT Cybersecurity charter and policy development for a manufacturer.

• Started an OT Network Security Architecture review for part of an OT environment.

• Evaluating 6 OT secure remote access vendor products for suitability against a manufacturing organization.

• Deployed a Asset Attack Surface Management tool to perform discovery work.

• Developing some OT/ICS security digital products are live on academy pages.

• And more.

Besides these few updates on the offerings in case you missed:

• Released brief introduction video on IT-OT CySEAT Training, and recently decided to change the name to reflect it better from awareness to CySEAT as Cyber Security Education and Transformation. See the updated page, working on with the option to offer a certification as STCCP. Also, a teaser for an assignment presentation on IT-OT CySEAT course. The 40% launch discount is still applicable while it last.

• And also a teaser for Master class on Singapore CCOP standards.

• Finalised and launch digital products on Academy related to OT.

My Ask

I invite #SecuringThings community to share their feedback.

Your feedback and input is invaluable to me as we work together to strengthen our cybersecurity defenses and create a safer and smarter digital society. Thank you for your trust and continued support.

Do register, validate your email, and request login link to submit poll to be able to enter a chance to win a future course giveaway. Also:

Here's to Securing Things in Q4 2024 onwards! Thanks for reading - until the next edition!

It’s a Great Day to Start Securing Things for a Smart & Safer Society.

Take care and Best Regards,

M. Yousuf Faisal.

Follow Securing Things on LinkedIn | X/Twitter & YouTube.