All news in category "Market Moves"

An Open Letter to Cybersecurity Vendors and Investors

🔊 The cybersecurity market is awash in noise: vendors and investors chase flashy pitches while the long-standing vulnerabilities that cause real breaches remain neglected. The author argues CISOs don’t buy technology so much as they buy reduced risk and confidence, so purchases must fit roadmaps, integrate cleanly, and be sustainable. He prioritizes visibility, identity, automation that empowers people, and tools that reinforce fundamentals like patching and segmentation. Hype, overlapping products, and complexity are rejected in favor of practical reliability.

Replicate Joins Cloudflare to Expand AI Developer Platform

🧭 Cloudflare is bringing Replicate into its developer platform to integrate Replicate’s large model catalog and community with Cloudflare’s global, serverless inference stack. Existing Replicate APIs and workflows will continue to operate without interruption while benefitting from Cloudflare’s performance and reliability. Workers AI users will get immediate access to a greatly expanded catalog plus upcoming support for fine-tuning and custom models, enabled by Cog and unified control through Cloudflare’s AI Gateway.

Why Chief Trust Officers Are Emerging and How CISOs Fit

🤝 Organizations are creating a chief trust officer (CTrO) to elevate trust as a business differentiator, responding to breaches, product-safety worries and AI-related uncertainty. The CTrO typically complements the CISO by focusing on reputation, ethics, transparency and customer confidence while CISOs retain technical controls, incident response and security operations. Leaders stress the role must produce measurable outcomes and avoid becoming mere 'trust theatre' by tracking signals such as customer sentiment, retention and external certifications.

Security Leaders Who Built Companies from Frustration

🔒 Four former CISOs — Paul Hadjy, Joe Silva, Chris Pierson, and Michael Coates — turned recurring operational frustrations into startups that address enduring enterprise security gaps. Hadjy founded Horangi to tackle cloud security in Asia, Silva launched Spektion to reframe vulnerability management as an engineering problem, Pierson created BlackCloak to protect executives’ personal digital lives, and Coates built Altitude to secure cloud collaboration. Their founder journeys emphasize ruthless prioritization, accountability, and treating security as a trust and revenue enabler.

10 Promising Cybersecurity Startups CISOs Should Know

🔒 This roundup profiles ten cybersecurity startups founded in 2020 or later that CISOs should watch, chosen for funding, leadership, customer traction, and strategic clarity. It highlights diverse categories including non-human identity, software supply chain, data security posture, and AI agent security. Notable vendors such as Astrix, Chainguard, Cyera, and Drata have raised substantial capital and achieved rapid enterprise adoption. The list underscores investor enthusiasm and the rise of runtime‑focused and agentic defenses.

How CISOs Can Transition Between Industries Successfully

🧭 Successful cross-industry moves for CISOs require reframing technical experience as demonstrable business impact. Executives often assume security leaders are industry‑locked, but practitioners such as Marc Ashworth and Tim Youngblood show that a background in consulting, active participation in ISACs, and strong risk‑management fundamentals translate across sectors. Recruiters advise emphasizing measurable outcomes, targeting structurally similar industries, and leveraging client relationships to bridge credibility gaps. Avoid being pigeonholed by clearly linking past achievements to the goals of the prospective organization.

Sendmarc names Dan Levinson Customer Success Director

🔐 Sendmarc has appointed Dan Levinson as Customer Success Director — North America to support the company’s regional expansion and enhance locally aligned customer support. Levinson brings more than 15 years of experience across email security, deliverability, account and product management, and leadership, with direct experience implementing SPF, DKIM and DMARC. He will build and lead a North America customer success team focused on accelerating DMARC adoption, improving visibility across email environments, and strengthening protections against impersonation while preserving deliverability.

Why CISO Tenures Are Shortening and What It Means?

🔁 CISO tenures now often last only 18–36 months, driven by burnout, startup pace, and escalating liability concerns. The role demands constant readiness for breaches, extensive cross‑functional communication, and navigation of company politics, which many find unsustainable long term. Larger enterprises typically retain CISOs longer thanks to scale and resources. As a result, some leaders pursue fractional roles, vendor careers, or advisory positions while organizations push for clearer standards and better board-level alignment.

Brave Browser Tops 100M Monthly Active Users in September

🌐 Brave reached a new high in September with 101 million monthly active users and 42 million daily active users, marking the project's largest user base to date. Its privacy-focused Brave Search, built on an independent index, now handles about 1.6 billion queries per month (roughly 20 billion per year), with approximately 8% of queries coming from Chrome users. Regulatory shifts such as the EU Digital Markets Act and Apple’s iOS 17.4 update helped boost installs—iOS downloads in Europe rose about 50%—and Brave's steady gain of ~2.5 million new users per month, combined with privacy AI tools like the AI Answers summarizer (15 million responses/day) and the new Ask Brave chat-search integration, continue to drive adoption.

Cloudflare Sponsors Astro and TanStack for Open Web

🔧 Cloudflare announced financial sponsorships for two key open-source frontend projects, Astro and TanStack. The company is partnering with Webflow to support Astro and with Netlify to support TanStack, creating a coalition of contributors to bolster project sustainability. Cloudflare runs its developer documentation on Astro, citing its “zero JS by default” model and framework-agnostic approach as essential for fast, SEO-friendly docs. The announcement also highlights TanStack’s libraries and the release candidate for TanStack Start as strategic investments for building ambitious, type-safe web applications.

CISA Appoints Stephen Casapulla as Infrastructure Chief

🔔 The Cybersecurity and Infrastructure Security Agency (CISA) announced Stephen L. Casapulla as its new Executive Assistant Director for Infrastructure Security. Casapulla brings extensive federal experience, including service as Director for Critical Infrastructure Cybersecurity in the Office of the National Cyber Director and more than thirteen years at CISA and predecessor organizations. He also has prior roles at the Small Business Administration and the Department of State in Iraq, and over twenty years as a U.S. Navy Reserve officer. Casapulla will continue interim duties at the National Risk Management Center (NRMC) and serve as Acting Chief Strategy Officer.

Check Point Acquires Lakera to Build AI Security Stack

🔐 Check Point has agreed to acquire Lakera, an AI-native security platform focused on protecting agentic AI and LLM-based deployments, in a deal expected to close in Q4 2025 for an undisclosed sum. Lakera’s Gandalf adversarial engine reportedly leverages over 80 million attack patterns and delivers detection rates above 98% with sub-50ms latency and low false positives. Check Point will embed Lakera into the Infinity architecture, initially integrating into CloudGuard WAF and GenAI Protect, offering near-immediate, API-based protection as an add-on for existing customers.

Check Point to Acquire Lakera, Expanding AI Security

🚀 Check Point is acquiring Lakera to build a comprehensive AI security stack for enterprises adopting generative and AI-driven applications. The move aims to protect the emerging AI attack surface by combining Check Point's security platform with Lakera's AI threat analysis and model-protection capabilities. Customers should expect integrated defenses for models, data, and pipelines, increased visibility into model behavior, and tools for managing model risk and compliance.

CrowdStrike to Acquire Pangea to Secure Enterprise AI

🔒 CrowdStrike announced its intent to acquire Pangea to deliver the industry’s first AI detection and response (AIDR) capability, securing enterprise AI use and development across data, models, agents, identities, infrastructure, and interactions. Unveiled at Fal.Con 2025 by Michael Sentonas, the deal will integrate Pangea’s prompt‑layer and interaction security with the Falcon platform to provide unified visibility, governance, and enforcement across the AI lifecycle. The combined solution targets prompt injection, model manipulation, shadow AI and sensitive data exfiltration while enabling developers and security teams to innovate faster with built‑in safeguards.

Sendmarc Names Rob Bowker North American Region Lead

📣 Sendmarc has appointed Rob Bowker as North American Region Lead to drive regional expansion and deepen MSP and VAR partnerships. Bowker brings over two decades of experience in email infrastructure, deliverability, and security, including implementation of DMARC, SPF, and DKIM. He will focus on accelerating DMARC adoption across enterprise and mid-market customers, empowering MSPs to protect SMBs, and executing a partner-first growth strategy. The move aims to broaden Sendmarc’s enterprise footprint and support faster DMARC compliance.

CISA Names Nicholas Andersen Executive Cybersecurity Director

🔔 CISA announced the appointment of Nicholas Andersen as Executive Assistant Director for Cybersecurity, naming him to lead efforts to address major cyber threats and bolster critical infrastructure resilience. Andersen brings extensive public- and private-sector experience, including senior roles at Invictus and Lumen Technologies Public Sector, and prior service at the Department of Energy. He began at CISA on September 2, 2025; Chris Butera will assume the role of Acting Deputy Executive Assistant Director.

CrowdStrike Acquires Onum to Boost Agentic SOC Data

🔒 CrowdStrike has acquired Spanish telemetry specialist Onum for $290 million, aiming to integrate its real-time pipeline and filtering technology into the Falcon Next‑Gen SIEM. The company says Onum’s pipeline will enable higher event throughput, reduce storage costs by about 50%, and cut ingest overhead while accelerating incident response. CrowdStrike frames the buy as a move toward an AI-native, agentic SOC.

CISO Succession Crisis: Lack of Plans Leaves Firms Exposed

🔒 The article highlights a growing succession problem in cybersecurity: although CISO turnover has eased (from 21% in 2022 to 12% in 2023 and an annualized 11% in H1 2024), most organizations still lack formal plans to prepare successors. The gap is less about technical ability and more about developing leaders who can align cybersecurity with business strategy, communicate with executives, and manage risk. Experts recommend early planning, creating a true deputy CISO, rotational assignments, and board exposure to build a resilient internal pipeline.

CrowdStrike to Acquire Onum for Real-Time Telemetry

📡 CrowdStrike announced an agreement to acquire Onum, a leader in real-time telemetry pipeline management that will extend the CrowdStrike Falcon platform's data advantage. Onum transforms telemetry in motion by filtering, enriching and optimizing events as they stream, delivering high-fidelity intelligence to Falcon Next-Gen SIEM, customer AI agents and data lakes. CrowdStrike highlights gains in speed and cost efficiency, saying the integration will reduce storage overhead, accelerate incident response and enable an agentic SOC powered by real-time, AI-driven detection.

Sanborn Auctions Kryptos Part Four Solution at RR Auction

🔐 Jim Sanborn is auctioning the original solution to Part Four (K4) of his Kryptos sculpture, with RR Auction estimating a winning bid of $300,000–$500,000 for the lot. The sale, scheduled for Nov. 20, includes the handwritten plaintext, related papers, and a 12-by-18-inch copper proof-of-concept plate with 1,800 hand-cut letters. Sanborn hopes the buyer will preserve the secret and assume verification duties, potentially by implementing an automated review process.