Cloud

11/16/2018
03:30 PM
Connect Directly
Twitter
LinkedIn
Google+
RSS
E-Mail
50%
50%

BlackBerry Doubles Down on Security in $1.4B Acquisition of Cylance

BlackBerry aims to bring Cylance artificial intelligence and security tools into its software portfolio.

BlackBerry has agreed to buy endpoint security firm Cylance for $1.4 billion cash in a deal expected to close before February 2019, the two companies announced today.

Once famous for its keyboarded smartphones, BlackBerry has since pivoted to enterprise software. The acquisition of artificial intelligence-based threat prevention firm Cylance is BlackBerry's largest buy in seven years, according to Bloomberg data, and it signifies BlackBerry is pushing further to add security and AI to its portfolio. Execs indicate Cylance will also help BlackBerry with IoT security as it focuses on connected devices.

Cylance was founded in 2012 by co-founders Stuart McClure, chairman and CEO, and Ryan Permeh, chief scientist. The Irvine, Calif.-based company applies artificial intelligence, algorithms, and machine learning to proactively identify threats without using signatures. Its idea is to detect "unknown unknowns" at the endpoint before they cause damage.

This year has been a busy one for Cylance, which announced a $120 million Series E funding round in June 2018 and reported annual revenues exceeding $130 million for the 2018 fiscal year. The company has raised a total of $297 million in funding over five rounds and reportedly has 3,500 active enterprise customers, including more than 20% of the Fortune 500.

Cylance was headed for an IPO before BlackBerry swooped in to make an offer, executives reported on a media conference call today. McClure said the reason behind its decision lay in BlackBerry's application of security into embedded and mobile technology. He sees an intersection between Cylance, which focuses on detection and prevention for endpoints and servers, and BlackBerry, which aims to secure a broad range of devices.

When looking at the company's mission and discuss where cyberattacks go, McClure said, they target cloud, mobile, endpoint, IoT, and embedded systems. "Wherever there is a target for an adversary … you're going to have an adversary," he noted. The BlackBerry acquisition will bring Cylance's technology to a wide range of devices and platforms.

John Chen, BlackBerry's executive chairman and CEO, expects Cylance will complement several aspects of its portfolio, most notably Unified Endpoint Management (UEM) and QNX, an operating system intended for embedded systems, particularly connected and self-driving cars.

"One area I think we're going to have a strong influence [in] is transportation," said Chen on the call, adding that 120M cars today use BlackBerry's embedded technology. He explained how UEM and Cylance tech will both be introduced into the connected vehicle space.

Chen also pointed to opportunities within the enterprise of things (EoT) and said Cylance's capabilities will be a "big, big help to making this platform a reality." It seems BlackBerry plans to integrate AI and machine learning into BlackBerry Spark, its platform for connecting the EoT.

In terms of cross-selling opportunities for BlackBerry, Chen said the company would like to get into the Cylance customer base by providing security solutions for device management and application management in the mobile world – a shift from Cylance's focus on PCs and laptops.

Following the deal's close, BlackBerry expects Cylance will operate as a separate business unit within BlackBerry Limited. Read more details in its press release on the news.

Related Content:

 

Black Hat Europe returns to London Dec 3-6 2018  with hands-on technical Trainings, cutting-edge Briefings, Arsenal open-source tool demonstrations, top-tier security solutions and service providers in the Business Hall. Click for information on the conference and to register.

Kelly Sheridan is the Staff Editor at Dark Reading, where she focuses on cybersecurity news and analysis. She is a business technology journalist who previously reported for InformationWeek, where she covered Microsoft, and Insurance & Technology, where she covered financial ... View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Crowdsourced vs. Traditional Pen Testing
Alex Haynes, Chief Information Security Officer, CDL,  3/19/2019
BEC Scammer Pleads Guilty
Dark Reading Staff 3/20/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
5 Emerging Cyber Threats to Watch for in 2019
Online attackers are constantly developing new, innovative ways to break into the enterprise. This Dark Reading Tech Digest gives an in-depth look at five emerging attack trends and exploits your security team should look out for, along with helpful recommendations on how you can prevent your organization from falling victim.
Flash Poll
The State of Cyber Security Incident Response
The State of Cyber Security Incident Response
Organizations are responding to new threats with new processes for detecting and mitigating them. Here's a look at how the discipline of incident response is evolving.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2015-6461
PUBLISHED: 2019-03-21
Remote file inclusion allows an attacker to craft a specific URL referencing the Schneider Electric Modicon BMXNOC0401, BMXNOE0100, BMXNOE0110, BMXNOE0110H, BMXNOR0200H, BMXP342020, BMXP342020H, BMXP342030, BMXP3420302, BMXP3420302H, or BMXP342030H PLC web server, which, when launched, will result i...
CVE-2015-6462
PUBLISHED: 2019-03-21
Reflected Cross-Site Scripting (nonpersistent) allows an attacker to craft a specific URL, which contains Java script that will be executed on the Schneider Electric Modicon BMXNOC0401, BMXNOE0100, BMXNOE0110, BMXNOE0110H, BMXNOR0200H, BMXP342020, BMXP342020H, BMXP342030, BMXP3420302, BMXP3420302H, ...
CVE-2018-13798
PUBLISHED: 2019-03-21
A vulnerability has been identified in SICAM A8000 CP-8000 (All versions < V14), SICAM A8000 CP-802X (All versions < V14), SICAM A8000 CP-8050 (All versions < V2.00). Specially crafted network packets sent to port 80/TCP or 443/TCP could allow an unauthenticated remote attacker to cause a D...
CVE-2019-5490
PUBLISHED: 2019-03-21
Certain versions between 2.x to 5.x (refer to advisory) of the NetApp Service Processor firmware were shipped with a default account enabled that could allow unauthorized arbitrary command execution. Any platform listed in the advisory Impact section may be affected and should be upgraded to a fixed...
CVE-2019-8997
PUBLISHED: 2019-03-21
An XML External Entity Injection (XXE) vulnerability in the Management System (console) of BlackBerry AtHoc versions earlier than 7.6 HF-567 could allow an attacker to potentially read arbitrary local files from the application server or make requests on the network by entering maliciously crafted X...