Keyboard with locks
Illustration: JuSun/iStock/Getty Images Plus

There’s always money in the firewall

Protocol Enterprise

Hello, and welcome to Protocol Enterprise! Today: why cybersecurity spending is unlikely to be affected by any forthcoming economic downturn, how ASML figured out it had been the victim of corporate espionage, and the latest funding rounds won by enterprise tech startups.

Prosperity by ubiquity

The boom times seem to be rapidly drawing to a close amid war and inflation, and the belt-tightening has already begun for many tech companies. But that doesn't mean everyone in the industry should expect to take an equal hit from a broader economic slowdown, as I wrote about this morning for Protocol as the RSA Conference kicks off in San Francisco.

For cybersecurity, the boom times might not be over at all. Cybersecurity is just about as recession-proof as it gets within the tech industry, according to industry experts.

  • With the intensifying threat landscape, businesses can no longer afford to draw a distinction between "getting the job done" and "getting the job done securely," said William MacMillan, a senior vice president at Salesforce and formerly the CISO for the CIA. "You won't get the business done if you don't prioritize getting it done securely," MacMillan said.
  • Mark Clayman, CEO at managed IT services provider Navisite, puts it more bluntly: "Folks that take their foot off the pedal or de-invest in security — ultimately, you're gonna get slapped upside the head.”

Many businesses now get it, experts said. Cybersecurity is a far higher priority in the C-suite and board level than it was even just a few years ago, said Steven Weber, a professor at the University of California, Berkeley.

  • For the leadership at many companies, Weber said, cybersecurity is now seen "as something we have to protect — and that [may require] cuts elsewhere in order to protect it.”
  • But it’s not just about FUD. A large amount of security spending is now essentially built in due to regulatory and market forces, said Jeff Pollard, a vice president and principal analyst at Forrester. Many cyber insurance policies also necessitate some level of spending on cybersecurity.

Companies that cut back too much on security spending might see a negative impact on revenue as well, Pollard said.

  • Customers now demand a lot more from their suppliers during security reviews, such as demonstrating competence around data security and privacy and incident response capabilities, including breach notification.
  • "You've got to spend money on cybersecurity," Pollard said, "because it's going to cost you deals if you don't."
— Kyle Alspach (email | twitter)

A MESSAGE FROM VERSAPAY

Fewer than half of executives (44%) see better communication with customers as a benefit of digitizing AR. Meanwhile, 72% state that their AR department isn't customer-oriented enough, implying that executives understand the need for customer-oriented AR departments, but aren't aware that they can close that gap as part of their AR digitization project.

Learn more

A wild tale of corporate espionage

China’s homegrown chip tech has lagged behind the U.S. for years, despite tens of billions of dollars of investments and a concerted effort to catch up. But on Monday, Bloomberg News published an article that outlined how a Chinese company called Dongfang allegedly used an unlawful means of gaining access to cutting-edge chip-manufacturing tech developed by tool maker ASML.

It’s a pretty wild read, involving alleged corporate espionage that included the theft of technology that took ASML 10 years to develop and deploy. The tech itself is a crucial part of ASML’s advanced lithography machines called optical proximity correction, which ensures the tiny features are printed accurately onto pieces of silicon.

At the moment, the Dutch government has restricted ASML’s ability to sell its most sophisticated lithography tools to China altogether, in part as a result of pressure from the U.S. government (the U.S. is mulling further restrictions). Successfully copying the optical correction tech would help China develop the tools itself in the longer run, or improve current generations of machines.

“They want to essentially be ASML in China,” said Patrick Ryan, ASML’s lead attorney in a related civil suit, according to Bloomberg. “Stealing our software was a step in the right direction.”

— Max A. Cherney (email | twitter)

Financial corner

Devo Technology was valued at $2 billion after raising $100 million for its cloud-native security analytics software.

Go1 was valued at $2 billion after raising $100 million for its workforce learning software.

Perimeter 81 was valued at $1 billion after raising $100 million for its network security services.

Coralogix raised $142 million for its data observability platform.

— Aisha Counts (email | twitter)

Around the enterprise

IBM acquired Randori, a security startup that previously raised $30 million in funding for its threat detection and response software.

Now that everyone is sufficiently freaked out about ransomware, Wired reported that security researchers are warning about the rise of “business-email compromise” attacks, in which a hacker takes over a legitimate email account and sends official-looking but compromised emails to that business’s customer list.

A MESSAGE FROM VERSAPAY

A resounding 96% of respondents claimed that there is work to do in digitizing their AR departments, yet 60% agreed that their AR departments haven’t been prioritized as much as other departments for digitization. At a time when the importance of securing cash flow is higher than ever, many businesses are not putting enough focus on it.

Learn more

Thanks for reading — see you tomorrow!

Recent Issues

The SEC vs. CISA