Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Cloud

6/15/2019
08:00 AM
Kelly Sheridan
Kelly Sheridan
Slideshows
Connect Directly
Twitter
LinkedIn
Google+
RSS
E-Mail
50%
50%

10 Notable Security Acquisitions of 2019 (So Far)

In a year when security companies have been snapped up left and right, these deals stand out from the chaos.
Previous
1 of 12
Next

(Image: Itchaznong - stock.adobe.com)

(Image: Itchaznong stock.adobe.com)

Anyone watching the cybersecurity market has likely noticed a wave of acquisitions making headlines. The M&A activity that remained constant last year has only increased in 2019.

"It's like something's in the water right now," says Hank Thomas, CEO at Strategic Cyber Ventures (SCV), where experts had anticipated growth in the cybersecurity market. "We predicted the ability of the market to do this, and we thought it might be this year."  

Cybersecurity Ventures reports more than $7 billion in cybersecurity deals during the first quarter of 2019 alone, and the market certainly hasn't quieted since them. The industry is in a time when large companies are sitting on lots of cash and pondering their security capabilities.

Of course, some technologies are hotter than others. Cloud computing and application security are two notable types ripe for acquisition this year, for example. Service-focused businesses are looking to acquire "as-a-service" companies and wrap their services into their platforms, explains Jeff Pollard, Forrester vice president and principal analyst for security and risk professionals.

He calls this "a bit of an unconventional acquisition scenario, where services companies acquire intellectual properties they can build services around." An example of this can be seen in NTT Security's acquisition of WhiteHat Security, a deal confirmed in March. This acquisition also reflects a trend of companies investing in application security, which Pollard also has noticed.

"Applications generate revenue," he says. The applications companies are building, and the software they're making, go into products and services. "It's not that every company is a software company — it's that every company is making money with software now." Application security goes to the forefront of their priorities because this is technology they use to protect revenue-generating applications, websites, mobile apps, and other products, Pollard continues.

The cloud is a hot target for traditional and legacy vendors, which are still slow to embrace the cloud and adopt native cloud functionality. Vendors struggle to offer the same experience in the cloud as they do on-premises, a challenge that has led to increased activity in cloud-focused M&A, he adds.

These trends are evident in the cybersecurity acquisitions to take place so far this year. Here, we highlight 10 deals that stood out and discuss where the industry is headed. Any transactions you're not seeing? Feel free to share your thoughts in the Comments section, below.

 

Kelly Sheridan is the Staff Editor at Dark Reading, where she focuses on cybersecurity news and analysis. She is a business technology journalist who previously reported for InformationWeek, where she covered Microsoft, and Insurance & Technology, where she covered financial ... View Full Bio

Previous
1 of 12
Next
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
ksreiter
86%
14%
ksreiter,
User Rank: Strategist
6/17/2019 | 10:44:09 AM
Maybe focus on readership over ad revenue?
I'm not going to click through 12 pages to read a list of 10 things.  At some point, you should focus on ways to retain your readership numbers by not making them grumpy, instead of focusing on ad revenue.

I'll just read the information somewhere else that gets that - or just use Google if I really can't live without knowing what's on the list.
DevSecOps: The Answer to the Cloud Security Skills Gap
Lamont Orange, Chief Information Security Officer at Netskope,  11/15/2019
Attackers' Costs Increasing as Businesses Focus on Security
Robert Lemos, Contributing Writer,  11/15/2019
Human Nature vs. AI: A False Dichotomy?
John McClurg, Sr. VP & CISO, BlackBerry,  11/18/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: -when I told you that our cyber-defense was from another age
Current Issue
Navigating the Deluge of Security Data
In this Tech Digest, Dark Reading shares the experiences of some top security practitioners as they navigate volumes of security data. We examine some examples of how enterprises can cull this data to find the clues they need.
Flash Poll
Rethinking Enterprise Data Defense
Rethinking Enterprise Data Defense
Frustrated with recurring intrusions and breaches, cybersecurity professionals are questioning some of the industrys conventional wisdom. Heres a look at what theyre thinking about.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-15073
PUBLISHED: 2019-11-20
An Open Redirect vulnerability for all browsers in MAIL2000 through version 6.0 and 7.0, which will redirect to a malicious site without authentication. This vulnerability affects many mail system of governments, organizations, companies and universities.
CVE-2019-15072
PUBLISHED: 2019-11-20
The login feature in "/cgi-bin/portal" in MAIL2000 through version 6.0 and 7.0 has a cross-site scripting (XSS) vulnerability, allowing execution of arbitrary code via any parameter. This vulnerability affects many mail system of governments, organizations, companies and universities.
CVE-2019-15071
PUBLISHED: 2019-11-20
The "/cgi-bin/go" page in MAIL2000 through version 6.0 and 7.0 has a cross-site scripting (XSS) vulnerability, allowing execution of arbitrary code via ACTION parameter without authentication. The code can executed for any user accessing the page. This vulnerability affects many mail syste...
CVE-2019-6176
PUBLISHED: 2019-11-20
A potential vulnerability reported in ThinkPad USB-C Dock Firmware version 3.7.2 may allow a denial of service.
CVE-2019-6184
PUBLISHED: 2019-11-20
A potential vulnerability in the discontinued Customer Engagement Service (CCSDK) software version 2.0.21.1 may allow local privilege escalation.