What's your unpopular cybersecurity opinion that gets a reaction like this?

We had SUCH a great time today. @GGACBSA extends a HUGE thank you to @SFFDPIO, @UCSFHospitals, @CHP_GoldenGate, @ClearyBikes, @SFPD, @UCSF_Police, @BORP_org, @SF_EMSA, @StopTheBleed, @thebikehut1 and everyone else who made today's event a huge success. @boyscouts @thecubscouts

Thank you to the over 300 people who rode with us today. #BIKESAFETY

Lots of cyber security companies are going to fail this year. They will close their doors from running out of money or go to private equity asset sales. This is going to suck in the near term but be a good thing for the industry in the mid to long term. Many of these businesses *deserve* to die, but have subsisted on cheap/free outside capital since money has been free for a while and the new wave of more naive VCs are incredibly inexperienced at diligencing cybersecurity technologies. The companies that will fail will be the companies that are hemorrhaging cash and not providing enough customer security value to justify their existence. High marketing spend, low customer logo count, low renewal rate. All of those companies at the RSA and Blackhat vendor hall with gigantic booths that claim to solve problems that you as a security person ask constantly yourself: "is this really a problem???" have the largest targets on them and will represent the majority of companies that fail. The failures will start in earnest approximately 12 months after it became clear that money was expensive again (12 months from summer of 2022, which puts the crunch time at this summer). The failures will likely continue for at least one full year and slow down around summer of '24. If you are a founder or executive at one of these companies, my unsolicited guidance is as follows: - Get onto a cashflow break-even glide path with whatever money you have in the bank as soon as humanly possible. Stop tracking against future fundraises and start tracking against break-even. Do it now. - Revisit first-principles on your business (what problem are you solving, how are you solving it, what is the alternative to your technology). If what you're doing now isn't working, evaluate all other options. Evolve or die. - If you haven't found product market fit, give your product away for free and interview all of the users to figure out a new strategy for monetizing that you may not have considered. The security community will literally tell you what they want and don't want. All you have to do is listen. - Seriously consider consolidating with a partner, competitor, or larger technology provider.

I feel bad for Silicon Valley Bank right now. They have been the biggest capital partner to founders, employees, and investors over the last decade and they’re being completely turned on by all of them. If SVB goes under it would be detrimental to the startup community