We are proud to announce our follow-on investment in Lumu, the leading provider of Compromise Detection and SecOps automation. I am fortunate to have known Lumu Founder & CEO Ricardo Villadiego for several years prior to Lumu’s inception.…Read More
Forgepoint Capital saw a unique opportunity in working with Cisco Investments, NightDragon, and Team8 on the 2023 CISO Survival Guide. Together we gathered insights from over 100 CISOs and security leaders who grapple with an array of challenges on the front lines. Thanks to their qualitative and quantitative feedback, the road ahead for securing enterprises is now clearer.
As cybersecurity investors who work closely with security leaders and entrepreneurs to build companies, we know the value of collaboration within a strong network. We were excited to collectively address a key problem for businesses today: the double-edged path to growth. The modern enterprise thrives on high levels of collaboration, universal access, and ever-expanding boundaries. It also faces a larger attack surface and increasing cybersecurity threats from those very conditions.
We hope the 2023 CISO Survival Guide will serve as valuable reference to help security practitioners stay up to date with the latest cybersecurity challenges and emerging solutions.
Here are a few of our key takeaways, leaning into Forgepoint’s focus area on data and collaboration.
Data Access Control is a Challenge
Security leaders face a significant and persistent challenge: managing data access control. Controlling data access and data loss were the top two data security priorities for CISOs, who additionally reported that databases are the most difficult business asset to manage and protect.
Data security is a growing issue as enterprises increasingly leverage data to drive business decisions. One key recommendation from (and for) CISOs was to balance data security with data usability:
“Cybersecurity’s fundamental purpose is to control risk to information. But this must be balanced with the organization’s ability to use the information, and ideally enable its efficient usage” – George Webster (Chief Security Architect, HSBC).
Analyzing the Startup Landscape
Our analysis of the startup landscape segmented companies by the data functions which they address: Data Collaboration, Data Reliability, Data Privacy Management, and Data Protection.
There are numerous companies innovating around the core pillars of data security – Data Collaboration and Data Protection. Data Collaboration vendors play a key role in enabling secure enterprise data use. For example, Cinchy, a pioneer in data infrastructure, uses a true data mesh architecture and allows enterprises to securely collaborate through a universal data model while data is governed via fine-grained federated access controls.
Within Data Protection, we found that Data Security Posture Management has become an increasingly popular but nebulous concept. Data Security Posture Management vendors need to be able to answer two core questions: “What identity types can access what data?” and “What identity types did access what data?” One such company is Symmetry Systems, which focuses on data visualization and security for crown jewel data both on-premises and in the cloud. Another company, Cyberhaven, enhances organizations’ ability to trace data lineage across the enterprise to make data flows more visible and secure. These and other startups are working to enhance enterprise data visibility, controls, and overall security.
Mapping the future for secure and efficient enterprises
The 2023 CISO Survival Guide captures the complex and shifting challenges, perceptions, and innovations that will shape how organizations securely expand in the future. Thank you to Cisco Investments, NightDragon and Team8 for the collaboration and partnership across our teams and networks.
We would also like to thank the distinguished security leaders who made Forgepoint’s contribution to the CISO Survival Guide possible, including George Webster (Chief Security Architect, HSBC), Yonesy Núñez (former CISO, Jack Henry), Diego Souza (Global CISO, Cummins), and Daniel Barriuso (Chief Transformation Officer and former Global CISO, Santander Group). We appreciate your insights, support, and continued industry leadership as we work together to advance cyber innovation globally.
You may also enjoy:
Issue: More companies than ever are using Kubernetes to make application development more efficient- yet its complexity is often misunderstood. Kubernetes (and its “instances” known as K8s) is an open-source platform for managing containerized…Read More
In part 1 of this series, I provided an overview of the 5 essential questions venture capital (VC) investors ask themselves when evaluating a potential investment opportunity. These inquiries revolve around the company’s team, market,…Read More