Evolution Equity Partners

We mark the 23rd anniversary of the September 11th terrorist attacks on our country. Our homeland continues to be targeted by nation state actors, hackers and criminals. Recent developments, including FBI Director Christopher Wray's testimony about Chinese hackers targeting U.S. infrastructure¹, highlight the urgency of defending critical sectors such as energy, finance, and transportation/logistics. As we approach the November national elections, we must also consider the unique vulnerabilities posed by our current socio-political landscape. DM us if you -or someone you know- are working on these solutions: - Advanced AI and machine learning solutions that can detect and combat social media-native disinformation campaigns in real-time, i.e., tools to verify the authenticity of news and social media content. - Advanced threat intelligence platforms with geopolitical context awareness that can bolster resilience against Politically Motivated Attacks (PMA). As adversaries may attempt to exploit political divisions, we need solutions to identify and mitigate attacks designed to inflame partisan tensions quickly.  - Technologies that increase government transparency, including blockchain-based audit trails for critical infrastructure operations and public-facing dashboards for real-time threat monitoring. #cybersecurity #defendandprotect #enterprise #government #b2b #b2g ¹ Read more on the topic here: https://lnkd.in/g9gH5Q-v

The Digital Operational Resilience Act (DORA), which will take effect on January 17, 2025, aims to fortify the financial sector against cyber threats. As a CISO or financial professional, you need to know that DORA is a comprehensive framework designed to strengthen risk management in the financial sector and harmonize cybersecurity regulations across the EU. 🇪🇺 It applies to many entities, from traditional banks to crypto-asset service providers and even to third-party service providers. DORA sets out compliance requirements in four crucial areas: 1. Risk Management 2. Incident Response 3. Digital Operational Resilience Testing 4. Third-Party Risk Management The broad scope of the regulation, coupled with the technical complexity of implementing new systems and processes, presents a significant challenge for organizations, especially given the tight timeline and the need for continuous compliance. Board members and senior managers will be personally accountable for implementing robust risk management strategies, so CISOs will play an increasingly critical role in educating non-technical stakeholders about security risks. With the DORA implementation deadline looming, CISOs and financial professionals should prioritize these crucial action steps: ✔️ Conduct a gap analysis to identify where your current controls meet DORA requirements. ✔️ Focus on critical obligations if full compliance by the deadline seems challenging. ✔️ Map your environment to understand access points for both internal and external parties. ✔️ Upgrade legacy systems where necessary to meet DORA standards. ✔️ Form a multidisciplinary team involving tech, compliance, procurement, and legal staff. Cybersecurity companies that can help with compliance include CounterCraft , OX Security, SecurityScorecard. Pentera, Protect AI amongst others. While DORA is an EU regulation, its influence will likely extend globally. Financial institutions worldwide should pay attention, as similar regulations may follow in other jurisdictions. CISOs, what strategies will you employ to manage third-party risks in light of DORA's requirements? #Cybersecurity #FinancialServices #DORA #RiskManagement #EURegulation Source: CSO 🔔 Follow Evolution Equity Partners for more insights on Cybersecurity and Venture Capital.

What if tech companies unite to enhance security in AI? With AI being put into production faster than ever, new market categories have quickly emerged, highlighting the need for open collaboration. We commend the recent launch of The Coalition for Secure AI (CoSAI) by major tech companies and AI developers (including Google, IBM, Intel Corporation, Microsoft, NVIDIA, PayPal, Amazon, Anthropic, Cisco, OpenAI), which aims to provide guidance and tools for creating 𝘴𝘦𝘤𝘶𝘳𝘦-𝘣𝘺-𝘥𝘦𝘴𝘪𝘨𝘯 AI systems. The main focus is on mitigating risks such as:  - Model theft - Data poisoning - Prompt injection - Scaled abuse - Inference attacks. Through three initial workstreams: 1. AI security governance, including best practices and risk assessment frameworks.   2. Software supply chain security for AI systems, focused on enhancing composition and provenance tracking in AI applications through monitoring software libraries, models, and datasets while maintaining clear records of their origins and modifications. This aligns with Protect AI’s mission to provide solutions for identifying and managing risks in AI/ML environments. 3. Preparing defenders for changes in the cybersecurity landscape due to AI. We’re sure CoSAI will help democratize knowledge and advancements for secure AI integration and fast-track the development of robust AI security standards to benefit the entire industry. Learn more about CoSAI here: https://lnkd.in/ezJ9gBSp #cybersecurity #ai #defendandprotect #machinelearning 🔔 Follow Evolution Equity Partners for ongoing insights on Cybersecurity and Venture Capital.

“Successful investing requires thoughtful attention to many separate aspects, all at the same time. Omit any one and the result is likely to be less than satisfactory." This quote by Howard Marks summarizes well the thought process and calculation that one utilizes when making investments and building a portfolio. "Risk" is but one part of that assessment but as pointed out below a fundamental part of our day to day assessment of managing investments and portfolio construction. #EvolutionEquityPartners #CybersecurityInvestment

With 75% of companies increasing their investment in data life cycle management, the message is clear: tackling this issue early is critical to staying competitive. Companies must focus on building AI responsibly, with diverse data, while ensuring security and compliance.    💡 The solution? Defined.ai — the largest marketplace for high-quality, ethically sourced AI training data. We help businesses like yours navigate the complexities of data management, ensuring your AI systems are powered by the best data available. Daniela Braga, PhD, #defendandprotect, #evolutionportfolio

Did you know there were ~450 million cyberattacks targeting the Tokyo Olympics? Here is a quick recap on the history of cyber-attacks targeting the Olympic games:  🇨🇳 Beijing 2008 was the first Olympic Games during which malicious cyber operations were publicly reported, including a cyber espionage campaign, “Operation Shady Rat,” reported by McAfee targeting the International Olympic Committee (IOC).  🇬🇧 London 2012 experienced a 40-minute Distributed Denial-of-service (DDoS) attack targeting the Olympic Park’s power systems on the second day of the Olympics 🇷🇺 During Sochi 2014, hacktivist groups conducted DDoS attacks on the Sochi airport, Sberbank, and the Russian Olympic Committee websites, impacting 700+ websites that displayed the message “We warned you, Russia.” 🇧🇷 Rio 2016 Olympics were impacted by an advanced cyberespionage campaign led by APT28, an intrusion set linked to the Russian military intelligence (GRU). Also, Fortinet analysts reported an 83% increase in phishing URLs in Brazil before the Olympics compared to a 13% increase for the rest of the world. 🇰🇷 The Pyeongchang 2018 Winter Olympics in South Korea were the first Games that reported being targeted by a large-scale destructive cyber operation – Olympic Destroyer, impacting multiple systems during the opening ceremony.  🇨🇳 Beijing 2022 did not experience significant cyber operations, although Citizen Lab reported a probable cyber-surveillance operation before the Games. Cisco expects 8x more attacks to target the Paris 2024 Olympics due to being the most connected Olympic games ever with the most complex threat landscape and the highest degree of ease for threat actors to execute attacks. 🇫🇷 The event poses an opportunity for criminals, as billions of people will watch the Olympics. Potential threats include:  1. Phishing and ransomware attacks perpetrated by indie hackers for mere financial gain  2. Large-scale Politically-Motivated Attacks (PMA) perpetrated by organized hacktivist groups amidst the current geopolitical context. The French cybersecurity agency, ANSSI - Agence nationale de la sécurité des systèmes d'information National de la Sécurité des Systèmes d’Information, is actively leading the charge to ensure the cyber safety of the Paris Olympics. They are conducting numerous awareness-raising seminars and crisis-planning exercises with various stakeholders across the government, security, and sports ecosystems. Kudos to everyone involved in defending and protecting the Olympic Games this year! #cybersecurity #olympics #technology #cybercrime 🔔 Follow Evolution Equity Partners for ongoing insights on Cybersecurity and Venture Capital.

Great to be at the Cybertech Conference in NYC with Nimrod Kozlovski, Founder and CEO of Cytactic and Tim Brown, CISO at SolarWinds. Cytactic is leading the way with a software platform that enables organizations to prepare for and respond to cyber incidents and crises. #defendandprotect, #evolutionportfolio, #cybersecurity

The recent global Windows outage caused by a faulty CrowdStrike update was possibly the most significant cyber related event of its kind, affecting ~8.5 million Windows machines worldwide. Through a blog post authored by David Weston, VP of Enterprise and OS Security, Microsoft recently provided a detailed outline of several initiatives to improve the safety of third-party security updates moving forward, including: - Providing better rollout guidance and best practices - Reducing reliance on kernel-mode drivers - Enhancing isolation and anti-tampering capabilities - Promoting zero-trust approaches We recommend reading the full blog post here: https://lnkd.in/ewtEpypU But what does this mean for Enterprise CISOs and CTOs? 👇 1. CISOs and CTOs are called to reevaluate security software deployment strategies by implementing phased rollouts and robust testing procedures for all security updates using Windows' App Control for Business to limit allowed kernel drivers. 2. Doubling down on Rust language internal capabilities. 3. Work with your security teams to audit current kernel-mode usage in your security stack and push vendors to minimize kernel-mode operations where possible. 4. Implement Microsoft's recommended best practices, including: Virtualization-based security (VBS) memory integrity Running systems as Standard User Utilizing Device Health Attestation (DHA) 5. Update your Incident Response (IR) plans to account for widespread outages caused by security software and ensure you have fallback mechanisms and isolation procedures in place. 6. Engage in detailed discussions with your security vendors about their update processes and fail-safe mechanisms. Consider diversifying your security stack to mitigate single points of failure. 7. Keep abreast of developments in the Microsoft Virus Initiative (MVI) and similar programs. Regularly review and update your security posture based on emerging best practices. This incident serves as a reminder of the delicate balance between security and system stability. As we continue to #defendandprotect against increasingly sophisticated threats, we must also ensure that our protective measures don't become liabilities themselves. #cybersecurity #vendormanagement #enterprise #saas #crowdstrike #microsoft Follow Evolution Equity Partners for ongoing insights on Cybersecurity and Venture Capital.

Microsoft is paving the way for Cybersecurity to become a top priority for all companies worldwide. Microsoft's Chief People Officer Kathleen Hogan recently announced that starting August 5, 2024, security efforts are now tied to employee performance evaluations. Security is now a "Core Priority" for all Microsoft employees, alongside diversity and inclusion, as employees' performance in security will impact promotions, salary increases, and bonuses. All employees, including executives, are expected to demonstrate impactful security changes. This means incorporating security into product design from the start for technical employees. Some public-facing changes include:  - Ending support for Basic Authentication for Outlook personal accounts - Removing the light version of the Outlook web app - Employees will use the "Connect" tool to set and discuss their Security Core Priority with managers. It has two parts: common elements for all employees and an optional section for role-specific security activations. Microsoft's size and influence in the tech industry means this shift will likely prompt other major tech companies to reevaluate and enhance their own security practices. We may see a domino effect where partners, vendors, and even competitors follow suit to remain competitive and maintain trust. This also means cybersecurity skills will become even more valuable, potentially leading to increased demand and competition for security talent. Other companies may need to enhance their security training and hiring practices to keep pace. Is your organization ready to roll out something like this? 💬 #cybersecurtiy #enterprise #saas #defendandprotect

Strategic acquisitions like the Google-Mandiant $5.4 billion deal highlight how cybersecurity has evolved to a more complex sector. These moves are tectonic shifts shaping the next decade in cybersecurity. Here’s why:  1. Buyers are not just buying technology but acquiring expertise and client relationships. This integration allows for more comprehensive security solutions, combining cloud infrastructure, AI capabilities, and specialized security services. 2. Acquisitions enable tech giants to expand their cybersecurity portfolios, challenging traditional security vendors. The lines between cloud providers, security firms, and IT consultancies are blurring, creating new competitive dynamics. If you’re an enterprise C-level or the leader of a cybersecurity company, expect to have conversations around pricing and vendor lock-in contracts very soon if you haven’t had them already. 3. Acquisitions accelerate innovation cycles through faster product development and integration of cutting-edge technologies (e.g., AI/ML in threat detection). If your cybersecurity company is isolated and not innovating enough, consider going on a shopping spree. 4. Strategic acquisitions allow companies to enter new market segments rapidly (e.g., Google targeting mid-market businesses with Mandiant's capabilities). This expansion creates new opportunities for specialized solutions and services. But what does this all mean?  - For Enterprises: Expect more integrated, AI-driven security solutions. Consider how your security stack might evolve with these industry changes. - For SaaS Entrepreneurs: There is a tremendous opportunity for innovation. As investors, we’ll continue to look for companies that are best of breed and have the potential to be leaders in their respective markets. We are entering a new era of cybersecurity, where the ability to integrate diverse capabilities, leverage vast datasets, and apply advanced AI will be key differentiators. #cybersecurity #venturecapital #vc #enterprise #saas #investors