MoveIT’s Long Tail
7–3–2023 (Monday)
Hello and welcome to The Intentional Brief - your weekly video update on the one big thing in cybersecurity for private equity investors and the management teams of their portfolio companies.
I’m your host, Shay Colson, Managing Partner at Intentional Cybersecurity, and you can find us online at intentionalcyber.com.
Today is Monday, July 3rd, and while most of the US is either actually on holiday, or just keeping their laptops from hibernating for the day, we’re here with another brief update - including a new name.
As of July 1st, Coastal Cyber Risk Advisors is now Intentional Cyber, and you’ll be seeing new branding, including the two most important parts of a startup - hats and websites - moving forward.
But, for this week, we’re still on MOVEit - because it’s really the story that just keeps on capturing the attention of the cybersecurity media cycles here in the US.
MOVEit, Part 3
We saw the victim count increase over the last week to 169 known victims. Here’s the thing, though - only 12 of the known victims have confirmed the number of impacted individuals - which already exceeds 16 million people.
The total impact will likely never be known, but it’s worth recognizing the scale of this event, even with imperfect data.
Retirees from the State of California are already suing based on the news from last week that CalPERS and CalSTRS were impacted by this event.
Meanwhile, federal health officials notified congress that the impact of the MoveIT breach is considered a “major incident” - one which impacts more than 100,000 people.
Interesting to note, however, that on the official page around the incident from CalPERS initially said “thousands of organizations worldwide were also impacted” - but has since been softened to read “numerous organizations worldwide.”
I would like to move on from talking about MoveIT as much as the rest of you, but the impact is just too big to ignore, and it’s only growing.
Fundraising
We closed out Q2 with a busy week of funding announcements that totaled just over $25B.
The majority of that comes from Ardian’s new $20b PE secondaries fund, which seems very well-timed, indeed, in the macro picture.
Q2 totals at $243.12 B, which pairs nicely with the Wall Street Journal’s discussion this morning of “PE’s pending exit pileup.” Whether or not this becomes an actual issue, or is just something for the Journal to opine on remains to be seen. Either way, though, I think we will see it bear out in the market which businesses are truly resilient, and which were riding a wave - COVID spending, near-zero interest rates, etc.
You can find all the links to the stories we covered below, find back issues of these videos and the written transcripts at intentionalcyber.com, and we’ll see you next Monday for another Intentional Brief.
Links
https://techcrunch.com/2023/06/30/tiaa-teachers-retirement-fund-moveit/
https://infosec.exchange/@brett/110651176496661036
https://finance.yahoo.com/news/latest-victim-moveit-data-breach-202206308.html