KPMG Capital Takes Equity Investment in Norse Corp., a Global Leader in Cyber Threat Intelligence

KPMG Capital Takes Equity Investment in Norse Cor...

Norse investment underscores KPMG's drive to deliver new innovations that can dynamically address and avert increasingly sophisticated cyber attacks.


KPMG Capital announced today it has taken an equity stake in Norse Corp., a leader in live attack intelligence solutions which help companies pre-emptively block cyber-attacks, track emerging threats and detect compromises. Norse is the latest investment from KPMG Capital's first global fund focused on accelerating innovation in data and analytics.

KPMG Capital was the lead investor in California-based Norse's latest Series A1 round of funding. The $11.4 million total raised in the round will be used by Norse to bolster the company's product development efforts and accelerate expansion in high-growth markets.

"Cyber threats and attacks can cripple an organization's reputation. They are no longer just risks that need to be mitigated reactively," said Malcolm Marshall, KPMG's Global Leader of Cyber Security and a partner with KPMG's UK member firm.

"The dramatic increase in cyber threats is reflected in the 400 percent growth we have seen in our global cyber business over the past three years. Our clients face highly sophisticated cyber threats. Working with Norse enables us to keep track of the rapidly changing threat landscape to ensure we can provide early warning and deep insights into the tactics employed by attackers, as well as practical actions to counter them."

Under the terms of the investment agreement, KPMG Capital has secured licensing rights for KPMG member firms to offer Norse threat intelligence products and services to clients through the network's global cyber security practice. Norse's solutions are enabled by the Norse Attack Intelligence Network, a proprietary live threat network composed of more than 16 million Norse-owned IP addresses housed in over 200 data centers across 50 countries. Through its global warning grid of millions of sensors, decoys, crawlers and agents, the network continuously analyzes traffic and detects a multitude of IP risk factors.

Norse's family of enterprise threat intelligence solutions includes the Norse Appliance(tm) 10g and the Norse Intelligence Service(tm), a turnkey "early-warning-as-a-service" that helps large financial services firms and government agencies quickly identify compromised systems, spot malicious activity and track attacks while they are still under way.

By analyzing the large amount of data that comes through its network, Norse's suite of solutions gives organizations the ability to instantly assess the risk level and threat context of connections both inside and outside their networks. Threats are identified in near real time, allowing companies to block the sources of threats as they happen.

Norse's in-house team of cyber-intelligence and counter-intelligence "fusion analysts," many recruited directly from military and government intelligence organizations, are at the core of the Norse Threat Intelligence Service. These security professionals deeply understand the wider threat landscape and each customer's incident response options and offer the crucial human touch missing from fully automated solutions.

"KPMG clearly understands the complex challenges that public and private organizations face and that threat intelligence and the insights that it brings are at the heart of the next generation of information and data security. They also have a strong presence in the parts of the world where we see our greatest opportunities for growth," said Norse CEO Sam Glines. "KPMG Capital's strategic investment in Norse and its global adoption of our technology is a strong endorsement of our approach, and we are thrilled to have our efforts recognized by such an established and highly regarded global consultancy with deep business and technology experience."

Said KPMG Capital CEO, Mark Toon: "The increasing sophistication and volume of cyber threats globally today is unprecedented; organizations – whether they're businesses, government institutions or non-profits – will inevitably face the challenge of managing and averting multiple cyber-attacks on a continual basis. Threat intelligence should be a must-have for any organization that needs to protect strategic data assets and privacy.

"Our investment in Norse allows us to enhance the cybersecurity services KPMG member firms can offer, protecting the data privacy of clients and their customers and is a critical addition to KPMG Capital's portfolio of solutions to address clients' most critical risk, cost and growth issues."

"Norse product is an instrument of a "threat intelligence" grade which enables its users to analyse and identify anomalous traffic in a corporate information system.

In its solutions, Norse Corp uses a bunch of honeypots and web services emulating legitimate systems which are intentionally left vulnerable to attract hackers. When hackers get in these honeypots, you can identify sources of malicious activities. Of course, in Russia there exist similar solutions which also make it possible to detect anomalous activities in corporate networks, however the use of an additional source of information helps draw a more holistic picture in terms of the number and sources of cyber attacks.

Acquisition of this asset will undoubtedly let KPMG strengthen its positions in information security services market and offer its clients a wider range of threat intelligence solutions," said Andrey Lepekhin, Partner, Information Risk Management Group, KPMG in Russia and CIS.

About KPMG Capital

KPMG Capital Limited and KPMG Capital Holding Limited comprise an investment fund for KPMG member firms. The investment fund is not open to third-party investment and will not, itself, provide professional services to clients.  KPMG Capital Limited and KPMG Capital Holding Limited are legally distinct and separate from KPMG International Cooperative and each KPMG member firm.

Like every member firm in the KPMG global network, KPMG Capital, and the entities it invests in, is subject to the same rules and regulations promulgated by the regulatory, bodies responsible for establishing standards for auditor Independence (for example, the US SEC, PCAOB, AICPA, IESBA and those established by the various countries in which the investments reside). These rules apply to member firms, the individuals at such member firms and the targets for potential joint venture, alliance or acquisition related to the activities of KPMG Capital. All existing Independence protocols apply to KPMG Capital.

About Norse

Norse is the global leader in live attack intelligence, helping companies block the threats that other systems miss. Serving the world's largest financial, government and technology organizations, Norse intelligence dramatically improves the performance, catch-rate and return-on-investment of the entire security infrastructure. The Norse Intelligence Network, a globally-distributed distant early warning grid of millions of sensors, honeypots, crawlers, and agents, delivers unmatched visibility into difficult-to-penetrate geographies and dark nets, where bad actors operate. Norse processes hundreds of terabytes daily against a 7 petabyte attack history database, and weighs over 1,500 variables to compute real-time risk scores for millions of IP addresses and URLs every day. For more information, visit

© 2022 KPMG. KPMG in Russia refers to JSC “KPMG”, “KPMG” LLC, “KPMG Tax and Advisory” LLC, companies incorporated under the laws of the Russian Federation.  All rights reserved. For more detail about the structure of the KPMG global organization please visit

Connect with us