10 Cybersecurity Companies Making Moves: July 2023

Hot Market, Big Moves

Since hackers don’t take summers off, neither can the cybersecurity companies developing technology to defeat them. (Or at least make their lives harder.) July was a busy month on both the attacker side of the equation—including with a growing list of victims facing extortion demands over the MOVEit cyberattacks—as well as on the defender side, with numerous security vendors making notable moves. The major announcements in July included product launches from top cybersecurity companies such as Palo Alto Networks, Fortinet and Netskope.

Other big moves last month included another cybersecurity startup acquisition for Cisco Systems, as the company looks to continue building out its Security Cloud platform, along with executive hires and new channel partner program launches by several companies.

[Related: Palo Alto Networks CEO Nikesh Arora On Why ‘The Current Paradigm Is Broken’ In Cybersecurity]

Meanwhile, one of the most consequential moves for the cybersecurity world in July came outside the industry, with the U.S. Securities and Exchange Commission adopting a pair of much-awaited cyber incident disclosure regulations.

The first new SEC rule requires publicly traded companies to disclose cyberattacks in an 8-K filing within four business days of determining an incident is “material” for its shareholders. With the second new SEC rule, public companies must annually disclose information on their management and strategy around cybersecurity risk. Notably, this rule includes a new obligation to describe the role of its board in overseeing cybersecurity threats.

While certain industries are already subject to strict government cyber requirements, the SEC’s oversight of all publicly traded companies makes the new rules the “most widespread regulation” for cybersecurity to date in the U.S., PricewaterhouseCoopers partner Joe Nocera told CRN.

The new regulations are likely to bring significant implications to the cybersecurity industry, as the rules provide another powerful incentive for companies to take security more seriously, Tenable CEO Amit Yoran said in an interview with CRN. “It gets people’s attention—it gets the CEO’s attention, the CFO’s attention, the general counsel’s attention, the board’s attention,” Yoran said.

“When there’s [regulatory] filings involved—and it impacts investors and their engagement with the SEC—then corporate leadership just pays that much more attention. And that means they ask questions about it,” he said. “And when they ask questions about it, they just start pulling on a thread of yarn that causes action.”

While some companies already engage in this way with cybersecurity, “I’d say it is not pervasive,” Yoran said. “Not every CEO, not every audit and risk committee, not every board of directors pays the kind of attention to cybersecurity that they should. But having this connective tissue to public filings and 8-Ks and disclosures will necessitate better engagement between security professionals and corporate leadership. So I think it’s hugely impactful.”

As for the cybersecurity industry’s own moves in July, a number of the them revolved around areas of growing interest to corporate leaders and regulators alike, such as data security, incident response and software supply chain security.

What follows are the key details on 10 cybersecurity companies that made big moves in July 2023.