Governments Square Up on Cyber
9–25–2023 (Monday)
Hello and welcome to another edition of The Intentional Brief - your weekly video update on the one big thing in cybersecurity for growth stage companies, investors, and management teams.
I’m your host, Shay Colson, Managing Partner at Intentional Cybersecurity, and you can find us online at intentionalcyber.com.
Today is Monday, September 25, 2023, and Fall is firmly here in the Pacific Northwest. Given that we’re just a week away from October, I’d say it’s time, and we’ll manage - we just got used to such nice weather this summer.
Governments Square Up On Cyber
The one big thing this week is the range of government responses to pressing cyber risk - and not just governments in the US.
That said, I would call your attention first to a few things from the USG that have come out in the past week or so, including:
The 2024 Homeland Threat Assessment from the Department of Homeland Security here in the US. There are nearly three dozen mentions of cyber in this piece, including threats to economic security, misinformation, critical infrastructure, disruptive and destructive attacks, espionage, and - of course - the upcoming election. They also call out risks of “cyber actors use AI to develop new tools and accesses that allow them to compromise more victims and enable larger-scale, faster, efficient, and more evasive cyber attacks”
At the same time, the US Department of Defense released their own 2023 Cyber Strategy Summary, which notes that the US “faces diverse, growing threats in cyberspace” and is realizing we can’t go it alone, noting that “Distinct from previous iterations, the strategy commits to increasing our collective cyber resilience by building the cyber capability of allies and partners.”
We’ve seen that partnership in action, with the recent intelligence support from the US in relationship to Canada’s response to accusing the Indian government of assassinating a Canadian citizen on Canadian soil, including using cyber resources to source and deliver intelligence.
Not to feel left out, the NSA is now talking openly about their China directorate, and launching an innovation pipeline focused on “the China mission” called Red Ventures. While the name is a bit on the nose for my liking, there’s no doubt that China remains the most pressing cyber challenge of our time.
To that end, our Five Eyes partners in Australia - and Minister Clare O’Neil in particular - are moving to deploy “six cyber shields” around Australia.
The six shields are useful for both governments, and enterprises, and include:
Strong citizens - or in the business context, engaged employees with sufficient security awareness training.
Safe technology - or “allow listing” that only enables the selected tools you need to run your business.
Threat Sharing and Blocking - see some of the previous videos we’ve done on incident disclosure as to why this capability is key to progress for companies large and small.
Reliable Services - just like countries use Critical Infrastructure, so do businesses.
Sovereign Capabilities - bit of a stretch on this one, but the idea of a leading cyber workforce is something any company can strive for; and finally
A Resilient Region - without mentioning China specifically, working together with those facing similar threats is not new to businesses - as evidence by the various industry focused ISACs we’ve built.
I think the larger takeaways here are that these strategies are useful at a number of different scales, and that the conversation is now evolving both very rapidly, and in public - which is really the only way we’re ever going to get ahead of threats like the ones we’re likely to face today, and tomorrow.
Fundraising
Fundraising volumes continue to be back and be strong - with nearly $20B in newly committed capital over the past week.
Big announcements include Goldman’s $14.2B private equity secondaries fun, and Chris Sacco’s Lowercabron Capital’s $550M venture fund for climate tech startups. Again, two funds that seem very well-timed in a macro sense.
You can find all the links to the stories we covered in the comments section below, find back issues of these videos and the written transcripts at intentionalcyber.com, and we’ll see you next Monday for another Intentional Brief.
Links