Today, online publisher BuzzFeed announced that it was going public through a merger with a publicly traded special purpose acquisition company (SPAC) called 890 Fifth Avenue Partners, which holds $288 million in its trust account.
Original Source: forbes.com
MDR services and managing cybersecurity within your business | Carousel Industries
No matter the size, industry, or location, nearly every company today has a cybersecurity strategy. But there are many methodologies your organization can use to protect its digital assets and determining the right approach for your business means balancing your desired cybersecurity posture against your resource availability of staff and money.
Given the evolving threat landscape, reputation damage and financial harm that can result from a security incident, midsize organizations often struggle to determine how to implement an effective cybersecurity strategy while still being cost efficient.
We regularly work with clients who have these same questions. Through our years of experience building out a team of highly skilled cybersecurity experts, we’ve seen first-hand how demanding it can be—from both the cost and headcount standpoints—to develop and maintain an internal MDR. To help illustrate why expenses mount so quickly and how time-consuming the work conducted by a cybersecurity team really is, we’re launching a series of blog posts that dive into the details.
What does an effective cybersecurity team look like?
It’s important to understand the four distinct disciplines or roles that typically form the core of any skilled cybersecurity team.
Governance, risk management, and compliance
This function is sometimes part of the IT department but more often it’s a component within the risk management team. The role focuses on internal audit and third-party risk management functions and likely has a direct reporting line to the CISO when part of the IT team.
Threat detection and incident response are at the heart of the threat management team, encompassing 24/7 monitoring of the company’s assets with risk mitigation related to attacks and security breaches. This group leverages a complex set of tools, which are necessary for not only monitoring but also analysis, forensic investigations, attack mitigation, breach containment, and remediation.
SecOps utilizes tools that are core to the protection of the organization’s assets and the team’s responsibilities range across applications, endpoints, identity, edge, network, monitoring on compliance, management, and DevOps. The SecOps role focuses on the health, care, and feeding of the tools and platforms used to accomplish their tasks and ensuring activities are in alignment with best practices.
In order to remain compliant with evolving regulatory standards and maintain parity with the constantly changing threat landscape, an organization must continuously re-assess and update its tools and technologies. The group managing the company’s digital transformation efforts needs to have a strategy and long-term plans to ensure new implementations align with the organization’s use cases and requirements over time.
Looking at the math of cybersecurity
Of the four core areas described above, threat management and SecOps are the most resource intensive and expensive components of a cybersecurity program. Threat management is complex and difficult, and it doesn’t scale down well. Minimum viable coverage 24/7 across the various key areas—threat monitoring, threat research and hunting, pen testing, content development, attack simulation, and incident response among them—typically requires at least 15-20 people based on deep research conducted as part of a master’s dissertation focused exclusively on the topic. That level of coverage provides only a single resource in each of the senior roles and doesn’t allow for redundancy. An effective, properly staffed threat management function is nearly impossible to accomplish without a hefty budget available to launch and sustain operations. Attaining similar coverage within a SOC operation is equally prohibitive, requiring more than two dozen individuals with highly targeted skills and expertise.
There are relationships between spend levels and security postures that are relatively similar throughout the SME space. Looking across the available reports, mid-market companies report their IT budgets are typically about 7% of revenue. From there, SMEs say they spend an average of between 10% and 15% of their total IT budget on security. Depending on the organization and its industry, cybersecurity spend can reach 25% of the overall IT budget.
From there, the math reveals just how difficult it is for SMEs to staff and fund a high-performing cybersecurity team completely within their own organization. Using the minimum resource count of 15 people and an average blended rate of $100,000 per headcount, the threat management salary bill alone could tally $1.5 million per year. Assuming the business has 25% of the IT budget available to use for cybersecurity—and also assuming the technology stack would only cost about double the salary bill—then the annual revenue of the organization needs to top $250 million to make an all-internal cybersecurity architecture financially feasible. Utilization rates and other factors may still render it undesirable from a monetary standpoint, potentially even having a negative ROI if the minimum viable requirements fall short of meeting the company’s needs.
Creating the right cybersecurity architecture
So how can midsize firms develop a cybersecurity strategy that blends key internal headcount resources with the right level of external expertise? How can your business keep costs reasonable without sacrificing quality, either in the skills or technology available to protect the organization’s systems and data assets?
There are strong business justifications for maintaining some services in-house and equally important use cases that point to cost-effective outsourcing for other functions. A carefully constructed blend of internal headcount and external expertise provides the monitoring, detection, and response capabilities you need with a financial commitment that fits your budget. The assessments of where those functions are best positioned are covered in more detail in the next post in our cybersecurity series to help you find the right balance for your organization.
Business Of One: Collective Gathers $20M For Self-Employed Financial Services
Subscription-based back-office platform Collective returns with another round of funding, this time a $20 million Series A supported by returning players and a group of new and notable backers.
The new funding comes eight months after the San Francisco-based company raised $8.65 million in seed investment. Its platform provides “businesses of one” with tailored financial services, including access to trusted advisers who oversee accounting, tax, bookkeeping and business formation needs.
“It has been a tremendous period of growth since our seed round,” CEO Hooman Radfar told Crunchbase News. “We’ve had 20,000 members join the waitlist and experienced 8x to 9x growth since that point in membership. We are saving people in businesses of one $16,000 per year and helping them become self-employed.”
General Catalyst is again leading the new round and was joined by Ashton Kutcher, via Sound Ventures, as well as existing investors Expa, QED Investors and Gradient Ventures. Other notable investors include Steve Chen, Hamish McKenzie, Aaron Levie, Kevin Lin, Sam Yam, Li Jin, Shadiah Sigala, Adrian Aoun, Holly Liu, Andrew Dudum and Edward Hartman. This round brings Collective’s total funding to $28.65 million, according to Crunchbase data.
Radfar, along with co-founders Ugur Kaner and Bugra Akcay, launched Collective in September 2020 to go after 59 million self-employed workers in the U.S. who balance administrative tasks with building their business. That number is projected to be 86.5 million by 2027.
The company saw its revenue grow by more than 250 percent in the past year. As such, Radfar intends to invest the new funding in scaling the business, the automation roadmap and new hires.
“We are thinking about our members first and on making them successful,” he added. “We will expand our team to handle the demand and get people off of the waitlist. We continue to make investments in automation, including quarterly tax estimates, and you can also speak with someone from Collective to help you do your taxes.”
Once the tax season is closed out in June, Collective will focus on building on its team of 30, Radfar said. He is currently looking to bring in a person to partner with him on recruiting and developing the talent Collective already has, as well as seek out operations and product technology.
Meanwhile, Niko Bonatsos, managing director of General Catalyst, said the future of the self-employed space will involve earning the trust of individuals, and he believes that Collective has a good foundation there, as well as a strong market fit and team.
“When you have that trust, you can then begin to layer other services, such as benefits and insurance,” he said in an interview. “We felt Collective could emerge as a category-defining company as millions of people are forming businesses of one. More startups are getting incorporated than ever before during the pandemic, so we are on the right side of history.”
Illustration: Dom Guzman
He Built A $2 Billion Business By Creating A SaaS Platform That Powers Banking Services
Eugene Danilkis has raised close to $175M to reengineer how financial and banking services are designed and delivered.
During our interview on the Dealmakers Show Danilkis shared his adventures into entrepreneurship, his perspective on taking risks, fundraising and growing as a startup CEO.
Travel & New Perspectives On Risk
Eugene Danilkis was born in Ukraine when it was still part of the Soviet Union. He didn’t know why his parents were teaching him English when he was still barely learning to speak their native Russian language. It wasn’t until they hopped on a train to leave the country when he was just seven years old that it all made sense to him.
After spending six months in Italy, they finally arrived in Canada, where he spent most of his early life growing up in Vancouver.
He says being thrown into a new culture and language actually motivated him to learn, and as quickly as possible. Partially for survival, but also to thrive, and because so many benefits came from it.
This big transition also gave Eugene a whole new perspective on risk. He saw the big risk his parents took moving their family halfway across the world to a completely new environment. When it came to thinking about entrepreneurship he realized that any potential downsides would be trivial compared to the risks his parents had taken to bring him so far already. He knew what hard was, and he wasn’t afraid of failing at work.
He also credits his parents with offering tremendous support and encouraging him to go above and beyond in applying himself to his studies. That helped him excel in math and computer science.
After college he landed a job writing software that would be used by NASA on the International Space Station
After college he landed a job with the Canadian Space Agency, writing software for NASA satellites.
That experience again set the bar pretty high for what could keep him engaged and interested. Pursuing his Master’s degree seemed like a new challenge worthy of taking on. Even more so when the opportunity arose to get his degree in the US at Carnegie Mellon.
It would be an exciting new adventure to embrace. One with more travel and learning ahead. A chance to start from scratch and explore. So, he gave up his apartment, got rid of his furniture, and got ready to take off with just what he could carry in suitcases.
That program ended up taking him to even more countries, including Portugal, Germany and Netherlands. A lot of the time was also spent working on banking software for a corporate sponsor.
Venturing Into Entrepreneurship
During this program Eugene and his co-founders learned a lot about the world of banking and finance. They saw a great opportunity to innovate and build on the technology side, and to have a big impact. They could see this huge trend happening. This was their chance to ride that wave.
So, again he leaped into a new adventure. Making that leap, and giving up a job, salary, and moving to a new place is what keeps most people stagnant, and on the sidelines.
From his experiences growing up, Eugene says there really was no downside. He could always go back and get a job if he really wanted to. In the worst-case scenario, at least he would get the chance to learn a lot. It was all upside potential.
So, again he leapt into a new adventure. And together they started Mambu.
They spent the first year bootstrapping and figuring out exactly what they were building.
The two of them used consulting and software development to pay the bills and keep their exploratory work running. They built a prototype and then found the backing of some angel investors. That made it real for them. Though it would still be several years before they really made it big.
In fact, looking back and considering his top advice for starting a business with this hindsight, he says he would spend less time trying to convince customers and investors of what they had built already and put more emphasis on transparently iterating and building customized solutions along with their paying customers and shareholders.
Eugene describes Mambu as a SaaS platform for banking like Salesforce is to CRM. The back-office system for banks, lenders, and other fintech businesses to design and manage how their products work. It is an accelerating space in which he sayshas infinite evolutions as consumers and products change in the future.
To date, they have raised $175 million at a $2 billion valuation.
Storytelling is everything which is something that Eugene Danilkis was able to master. Being able to capture the essence of what you are doing in 15 to 20 slides is the key. For a winning deck, take a look at the pitch deck template created by Silicon Valley legend, Peter Thiel (see it here) where the most critical slides are highlighted.
Remember to unlock the pitch deck template that is being used by founders around the world to raise millions below.
Establishing Clarity & Focus
Some of the great takeaways from this podcast episode were how this entrepreneur approaches board meetings and his own evolving role as a founding CEO.
He describes being more intentional and how taking the time to be more clear about the priorities ahead can make a lot of difference in working with your board, and also ensuring you are doing a good job, at the right level as a leader.
For example, clearly and explicitly laying out your own job description with your cofounders each year, as your business evolves. As well as using that same clarity with your board to get the best advice from them, and the most out of your interactions with them.
Listen in to the full podcast episode to find out more, including:
- The keys to surviving lean times to get through to the flush times in your business
- How fundraising changes as you progress through funding rounds
- How big the banking services space is
The post He Built A $2 Billion Business By Creating A SaaS Platform That Powers Banking Services appeared first on Alejandro Cremades.
Commerce3 weeks ago
Could WhatsApp Be the Next Big E-commerce Channel? – Later Blog
Uncategorized2 months ago
LinkedIn Sees The Job Market Going From ‘Doom And Gloom To Boom’
Latest News2 months ago
Undervalued Germany U21 Team Win European Championship In Convincing Fashion
Latest News2 months ago
Floyd Mayweather Vs. Logan Paul Live Results, Odds, Purses, Prediction
Global3 weeks ago
US Sanctions on Ethiopia: Good Policy or Violation of Ethiopia’s Sovereignty? | Global Policy Journal
Latest News2 months ago
BTS’s Old Hits Fill 40% Of All The Spaces On The World Songs Chart
Uncategorized2 months ago
One Dead After String Of Drive-By Shootings Near Phoenix, Police Say
Uncategorized2 months ago
International Travel Nightmares Pause For Supersonic Dreams