Lots of cyber security companies are going to fail this year. They will close their doors from running out of money or go to private equity asset sales. This is going to suck in the near term but be a good thing for the industry in the mid to long term. Many of these businesses *deserve* to die, but have subsisted on cheap/free outside capital since money has been free for a while and the new wave of more naive VCs are incredibly inexperienced at diligencing cybersecurity technologies. The companies that will fail will be the companies that are hemorrhaging cash and not providing enough customer security value to justify their existence. High marketing spend, low customer logo count, low renewal rate. All of those companies at the RSA and Blackhat vendor hall with gigantic booths that claim to solve problems that you as a security person ask constantly yourself: "is this really a problem???" have the largest targets on them and will represent the majority of companies that fail. The failures will start in earnest approximately 12 months after it became clear that money was expensive again (12 months from summer of 2022, which puts the crunch time at this summer). The failures will likely continue for at least one full year and slow down around summer of '24. If you are a founder or executive at one of these companies, my unsolicited guidance is as follows: - Get onto a cashflow break-even glide path with whatever money you have in the bank as soon as humanly possible. Stop tracking against future fundraises and start tracking against break-even. Do it now. - Revisit first-principles on your business (what problem are you solving, how are you solving it, what is the alternative to your technology). If what you're doing now isn't working, evaluate all other options. Evolve or die. - If you haven't found product market fit, give your product away for free and interview all of the users to figure out a new strategy for monetizing that you may not have considered. The security community will literally tell you what they want and don't want. All you have to do is listen. - Seriously consider consolidating with a partner, competitor, or larger technology provider.

my first sales job one of the best reps only came in like once a week. pissed leadership off so much when he randomly showed, he'd rip a fat line of white lighting, bang out 250 cold calls, talk at an obscenely loud volume, and hit quota the week 2 of the month then disappear

Still, we’ve got your back. We just launched markets on the number of delays and cancellations at three major US airports: JFK, ORD, and LAX. These daily markets are the best way to hedge against the risk of your flight getting delayed or canceled.

A ten-principle checklist for socio-technical design by Albert Cherns, quoted by Jackson in Critical Systems Thinking paraphrased by me, with commentary for software teams 🧵

Did everyone start their Linux journey with Ubuntu? 🤔

Amazon is mandating a shift to migrate off of Aurora / all other relational databases and over to to DynamoDB, because it doesn't support UNIONs.

Interesting techniques applied to wrong usages may hurt. A thread 🔽 Seems obvious in lots of domain but not in our Software development field (note: I didn’t talk about software Engineering on purpose) Me: Why do we have such an increase of infrastructure costs recently?

Today we're publishing a detailed technical writeup of FORCEDENTRY, the zero-click iMessage exploit linked by Citizen Lab to the exploitation of journalists, activists and dissidents around the world. googleprojectzero.blogspot.c…

We’re pleased to report that New Relic can help you expedite your own response to the log4j incident in three ways, detailed below:

A large strawberry squid, one of three caught on the last trawl of the Deep-See cruise. Photo: NOAA Fisheries