The Cyber Why: What We Read This Week...
... and why you should too! (3/17/2023)
Last week was a very odd week, for sure. 90% of what I read was related to SVB and the financial fallout that it triggered. The other 10% was about the crazy good efficacy of ChatGPT-4. Everyone has something to say about the latest financial crisis, from armchair financial experts to Nobel-winning economists. Sadly, the discourse around the problem seems to have devolved into a politically charged rage fest. On a much lighter note, we also talk about Deadpool, the investing superhero, and how countries can pee on each other in mid-air! Yep, I went there! Enjoy this week’s TCW!
If you are tired of bank runs and other black swan events, subscribe to The Cyber Why. I promise that’s not all we talk about!
SVB’s Demise Cools An Already Chilly Climate For Startup Funding (Crunchbase News)
By this point, everyone is well aware of the demise of Silicon Valley Bank and the contagion risk of a broader banking collapse that happened in the last week. There was a significant risk to the startup community, from funders to founders. However, the longer-term impact on the venture investing landscape isn't discussed as much. Will the big money that has previously run up venture investment dry powder return to the table and continue to make money readily available? I’m guessing that funding will be challenging for the next six to twelve months (at least), impacting cybersecurity startups as they run into shortened runway issues. Expect strategic M&A to escalate as more companies require financial life support. I predict it’ll get so bad that even VCs will have to start thinking twice about how much money they raise and how big their firms are.
The tech industry’s latest reckoning: Should it be blamed for SVB’s failure? (NBC News)
Much of the world is blaming “high tech” for the failure of Silicon Valley Bank. I listened with an open mind for the last week as a large portion of the population ripped into venture capitalists, founders, and high-tech companies, blaming them for the financial fallout. It’s an easy out to blame the “greedy VC and tech world people” for the bank run that happened, but I think that is an under-informed opinion. The financial system was under severe stress (and still is) from a long period of zero interest rates that was upended too quickly with massive and rapid rate increases. The banking system still has a lot of recovery to do, and pointing fingers at the tech world isn’t helping the situation. That’s my spicy take, and I’m sticking to it!
The K-Shaped Recovery of the Cybersecurity Industry (Security Funded)
Mike Privette from Security Funded wrote a great piece about the future of cybersecurity funding and startups where he describes a “K” shaped recovery. Cybersecurity buyers will bifurcate into two halves - those who must afford security solutions and those who can’t. As the funding market goes on hold for 2023, cybersecurity vendors will be forced to change pricing and go-to-market strategies to survive. I am confident that Mike’s predictions are correct - strategic acquisition of cyber companies will jump in 2023, and they will be acquired at much lower prices than we could have ever predicted.
Rapid7 Acquires Minerva Labs (Rapid7 - Rick Pick)
Building on the previous point, this week Rapid7 announced the $38M acquisition of Minerva Labs, a "Ransomware Prevention Technology." I struggle to see ransomware prevention technologies as more than a feature in a broader Endpoint Protection Platform. No one wants to run yet another agent, no one. Halcyon is another anti-ransomware platform in the emerging space. At this price point, the acquisition makes sense for Rapid7. They can integrate this feature into their stack and have another capability to promote within their MDR service. Before investing in a product in this space, first, mitigate ransomware actors' initial access vectors. For example, hardening and patching public-facing services will go a long way in ransomware prevention.
This Is the New Leader of Russia’s Infamous Sandworm Hacking Unit (WIRED - Rick Pick)
I like to highlight interesting cyber threat landscape stories, and this is a good one. WIRED's Andy Greenberg writes this article, and anything that Andy writes is worth reading. If you aren't familiar with Sandworm, you might be familiar with NotPetya; this was Sandworm's handiwork. NotPetya was destructive wiper malware that reportedly resulted in global damages of over $10B. Sandworm operations are about as destructive as today's cyber attacks can get. Sandworm has been responsible for electric blackouts in Ukraine and the targeting of the 2018 Winter Olympics. Andy's most recent article highlights the current commander of Sandworm, Evgenii Serebriakov. If Sandworm is ever in your threat model, you could be in for a bad day.
GPT-4 has arrived. It will blow ChatGPT out of the water (Washington Post)
Generative AI is getting smarter at an exponential rate. It’s only been a short time since ChatGPT-3 was released to the public and raced to over 100M users in the first two months of general availability. Last week GPT-4 was released and is at the 93rd percentile for the SAT reading exam and 90th percentile for a simulated bar exam. This is absolutely NUTS - AI currently runs at the “human level of performance.” I’m officially declaring this revision of AI as the greatest invention in human history.
Zuck At the Reopening of Meta HQ (twitter.com/jason)
US Pushes for TikTok Sale to Resolve NatSec Concerns (Rick pick - NYT)
Uncle Joe's admin has picked up the baton from Trump's tiny little hands and "wants TikTok's Chinese ownership to sell the app or face a possible ban." There is support for a ban. However, there likely won't be one cuz lawyers. Hopefully, the administration can force US citizens' data to remain in Murica, where the NSA can continue to spy on it. TikTok's CEO Shou Zi Chew will appear before Congress next week. Get your popcorn ready, especially if you want to hear self-important legislators looking for sound bites to rally their bases. All I know is I need some snarky Chef Reactions in my life. Thankfully, since the last time the U.S. considered bans, creators have expanded to other platforms that take privacy seriously. 😉
T-Mobile buys Ryan Reynolds' Mint Mobile in a $1.35 billion deal (NPR)
As if Ryan Reynolds didn’t have enough money already! He purchased a minority share of Mint Mobile in 2019 and today finds himself with a big fat paycheck on the back of this massive acquisition by T-Mobile. The man lives a blessed life. I guess being famous makes making money a lot easier. In the words of the great superhero Deadpool: “With great power comes great merchandising opportunity.” Long live Merch with a Mouth!
HustleGPT - Build a Business 100% Using GPT Prompts (twitter.com/jacksonfall)
Talk about genius! Jackson Greathouse Fall decided to build a side hustle from scratch using only generative API, and the results are absolutely fantastic. Follow his journey on Twitter and GitHub. It’s both innovative and inspirational.
Russian SU-27 Fighter Jets Crash Into US MQ-9 Drone Over Black Sea (YouTube)
Talk about one country “pissing” off another (watch the video. You’ll get the vibe I’m shooting for). In this recently declassified video, a Russian SU-27 fighter jet, piloted by R. Kelly, dumps fuel and even bumps a US MQ-9 Drone over the black sea. The drone eventually crashed into the water with a mangled rear propeller. Check out the short video below. Pretty amazing stuff!
If you’ve made it this far, you either found our musings at least semi-entertaining, OR you enjoyed the pain and kept going regardless. No matter how you made it to this point, you should know that we appreciate you. Please do us a solid and share The Cyber Why with your friends. We would love to reach a bigger audience, and referrals are how we do it. Help us out, and we’ll see you next week!