(Blood) Bubble Bath

Cyber Thoughts Newsletter

DECEMBER 2025

It’s official: the AI-bubble debate has gone mainstream. People are now comparing NVIDIA to AOL, which is… a choice. We won’t date ourselves with a full history lesson, but let’s just say we’ve seen this movie before.

Bubbles lead to overbuilt infrastructure, which leads to a crash, which then (predictably) gives rise to the companies that actually matter. See: the fiber-optic glut that eventually made Netflix and Amazon possible.

Yes, our age and wisdom are showing. We’re fine with it.

But before anyone labels us curmudgeons, a quick reminder for the cybersecurity crowd. These boom-and-bust cycles don’t hit you nearly as hard.

• Attackers do not care about valuation environments. They will happily wreck whatever infrastructure is available.

• Buildouts create valuable assets, and valuable assets need protection—even if their parent companies don’t survive.

Here is a slide from our annual partner meeting last month, showing how capital and utility curves diverge. If you missed it, it was a star-studded event mixing founders, CISOs, hackers, and investors. 

Note the Capital / Investment curve in yellow and the Utility curve in Green. 

It’s good to be on, and investing in, the Utility curve. Cybersecurity tends to live on the Utility curve even though it’s defending the Capital curve.

Why? Because capital comes in waves while utility compounds. Attackers don’t wake up and say “NVIDIA is down 3%, time for a mental health day!” They’re not motivated by market cycles, so cybersecurity demand doesn’t track them. 

The more we build, the more we need to protect—regardless of who’s still around to do the protecting.

P.S. If you’re curious about the figures, feel free to ping us. We’re happy to share our research.

⸻

Scope Creep

We were in London last month—lovely city. But what really caught our eye was the total absence of a Thanksgiving firewall. With nothing to hold it back, Christmas has already spilled into early November.

Classic scope creep.

⸻

Gift Guide 

Want to know what to get that special hacker in your life? Look no further! 

A good Hacker gift should be useful, slightly ridiculous, and vaguely concerning to airport security. These qualify.

• WiFi Pineapple Pager - The ultimate in WiFi cracking in a sexy form factor.

• CyberCrime Hoodie - When you want to hack the Gibson in style. 

• Rick and Morty Belt - What can we say, nerds love cartoons!

We don’t have affiliate links on these, so if you find yourself purchasing one, you can pay us back by sending our newsletter to someone who’ll appreciate it as much as your gift. 

⸻

Predictions 

Everyone loves a good prediction—please, send us yours!

We’ll be back in January with predictions for the year. If you’ve got predictions of your own, reply and send them—we’ll feature our favorites.

⸻

Obit: 2025

“A year that didn’t quite live up to its hype, but tried really hard not to be a tire fire.” We’ll remember it for the AI drama and the refreshing absence of tech bros in space.

Adieu.

⸻

If you appreciate our highlights and heresies, follow us on Twitter and LinkedIn, we post regularly about real things worthy of your attention.

What We're Reading

Here's a curated list of things we found interesting.

AI Threat Tracker: Advances in Threat Actor Usage of AI Tools

Surprising no one, attackers are now using AI as part of their malware toolset. They are using it not just for preparation but now as a dynamic part of attacks. Cool stuff. 

Based on recent analysis of the broader threat landscape, Google Threat Intelligence Group (GTIG) has identified a shift that occurred within the last year: adversaries are no longer leveraging artificial intelligence (AI) just for productivity gains, they are deploying novel AI-enabled malware in active operations.

Stop Hacklore!

Surprising no one, attackers are now using AI as part of their malware toolset. They are using it not just for preparation but now as a dynamic part of attacks. Cool stuff. 

Based on recent analysis of the broader threat landscape, Google Threat Intelligence Group (GTIG) has identified a shift that occurred within the last year: adversaries are no longer leveraging artificial intelligence (AI) just for productivity gains, they are deploying novel AI-enabled malware in active operations.

Launching the Genesis Mission

Say what you like about the government getting involved in AI, but this is a cool name. But yeah, we are in an arms race and we should try to win it. But maybe in a safe way?

The Executive Order “Genesis Mission” announced on November 24, 2025 by the White House sets the stage for a sweeping U.S. federal initiative to mobilize AI + large-scale science.

Transactions

Deals that caught our eye.

Jamf Enters to be Acquired by Francisco Partners in $2.2 Billion Transaction

Jamf (NASDAQ: JAMF), the standard in managing and securing Apple at work, today announced that it has entered into a definitive agreement with Francisco Partners (“FP”) for FP to acquire all the outstanding shares of Jamf. FP is a leading global investment firm focused exclusively on technology and technology-enabled businesses.

Podcasts

What we’re listening to.

Cyber Thoughts Episode 15 with Mike Privette

In this episode of Cyber Thoughts, Lucas Nelson is joined by Mike Privette, founder of Return on Security, for a data-driven look at the state of cybersecurity funding and M&A. Mike breaks down why Q3 was such a strong quarter, how mega-deals like Wiz fit into the broader trends, and what his latest analysis reveals about the real role of AI in security. He also shares where he sees the most interesting opportunities emerging and what he’s tracking next in his deep-dive reports.

About Lytical

Lytical Ventures is a New York City-based venture firm investing in Corporate Intelligence, comprising cybersecurity, data analytics, and artificial intelligence. Lytical’s professionals have decades of experience in direct investing generally and in Corporate Intelligence specifically.