theDocumentId => 1334973 10 Notable Security Acquisitions of 2019 (So Far)

Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Cloud

6/15/2019
08:00 AM
Kelly Sheridan
Kelly Sheridan
Slideshows
Connect Directly
Twitter
LinkedIn
RSS
E-Mail
50%
50%

10 Notable Security Acquisitions of 2019 (So Far)

In a year when security companies have been snapped up left and right, these deals stand out from the chaos.
Previous
1 of 12
Next

(Image: Itchaznong - stock.adobe.com)

(Image: Itchaznong stock.adobe.com)

Anyone watching the cybersecurity market has likely noticed a wave of acquisitions making headlines. The M&A activity that remained constant last year has only increased in 2019.

"It's like something's in the water right now," says Hank Thomas, CEO at Strategic Cyber Ventures (SCV), where experts had anticipated growth in the cybersecurity market. "We predicted the ability of the market to do this, and we thought it might be this year."  

Cybersecurity Ventures reports more than $7 billion in cybersecurity deals during the first quarter of 2019 alone, and the market certainly hasn't quieted since them. The industry is in a time when large companies are sitting on lots of cash and pondering their security capabilities.

Of course, some technologies are hotter than others. Cloud computing and application security are two notable types ripe for acquisition this year, for example. Service-focused businesses are looking to acquire "as-a-service" companies and wrap their services into their platforms, explains Jeff Pollard, Forrester vice president and principal analyst for security and risk professionals.

He calls this "a bit of an unconventional acquisition scenario, where services companies acquire intellectual properties they can build services around." An example of this can be seen in NTT Security's acquisition of WhiteHat Security, a deal confirmed in March. This acquisition also reflects a trend of companies investing in application security, which Pollard also has noticed.

"Applications generate revenue," he says. The applications companies are building, and the software they're making, go into products and services. "It's not that every company is a software company — it's that every company is making money with software now." Application security goes to the forefront of their priorities because this is technology they use to protect revenue-generating applications, websites, mobile apps, and other products, Pollard continues.

The cloud is a hot target for traditional and legacy vendors, which are still slow to embrace the cloud and adopt native cloud functionality. Vendors struggle to offer the same experience in the cloud as they do on-premises, a challenge that has led to increased activity in cloud-focused M&A, he adds.

These trends are evident in the cybersecurity acquisitions to take place so far this year. Here, we highlight 10 deals that stood out and discuss where the industry is headed. Any transactions you're not seeing? Feel free to share your thoughts in the Comments section, below.

 

Kelly Sheridan is the Staff Editor at Dark Reading, where she focuses on cybersecurity news and analysis. She is a business technology journalist who previously reported for InformationWeek, where she covered Microsoft, and Insurance & Technology, where she covered financial ... View Full Bio
 

Recommended Reading:

Previous
1 of 12
Next
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
SkIEye
100%
0%
SkIEye,
User Rank: Apprentice
2/11/2020 | 6:03:11 PM
Re: Maybe focus on readership over ad revenue?
Just get ready when they throw Allied "Under the Bus" Hearing so much negative as I'm very close ties with Clients are too well. Let them take that to the bank and cash it 

 
ksreiter
87%
13%
ksreiter,
User Rank: Strategist
6/17/2019 | 10:44:09 AM
Maybe focus on readership over ad revenue?
I'm not going to click through 12 pages to read a list of 10 things.  At some point, you should focus on ways to retain your readership numbers by not making them grumpy, instead of focusing on ad revenue.

I'll just read the information somewhere else that gets that - or just use Google if I really can't live without knowing what's on the list.
Edge-DRsplash-10-edge-articles
I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
News
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
Commentary
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
The State of Cybersecurity Incident Response
In this report learn how enterprises are building their incident response teams and processes, how they research potential compromises, how they respond to new breaches, and what tools and processes they use to remediate problems and improve their cyber defenses for the future.
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-32686
PUBLISHED: 2021-07-23
PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In PJSIP before version 2.11.1, there are a couple of issues found in the SSL socket. First, a race condition between callback and ...
CVE-2021-32783
PUBLISHED: 2021-07-23
Contour is a Kubernetes ingress controller using Envoy proxy. In Contour before version 1.17.1 a specially crafted ExternalName type Service may be used to access Envoy's admin interface, which Contour normally prevents from access outside the Envoy container. This can be used to shut down Envoy rem...
CVE-2021-3169
PUBLISHED: 2021-07-23
An issue in Jumpserver 2.6.2 and below allows attackers to create a connection token through an API which does not have access control and use it to access sensitive assets.
CVE-2020-20741
PUBLISHED: 2021-07-23
Incorrect Access Control in Beckhoff Automation GmbH & Co. KG CX9020 with firmware version CX9020_CB3011_WEC7_HPS_v602_TC31_B4016.6 allows remote attackers to bypass authentication via the "CE Remote Display Tool" as it does not close the incoming connection on the Windows CE side if t...
CVE-2021-25808
PUBLISHED: 2021-07-23
A code injection vulnerability in backup/plugin.php of Bludit 3.13.1 allows attackers to execute arbitrary code via a crafted ZIP file.