The development and advancements and the unprecedented use of technologies have created a threat ground where organizations now need to leverage effective cybersecurity strategy. From securing networks and hardening systems to safeguarding data from cyberattacks, cybersecurity has become a bedside approach than ever. With the average cost of a data breach rising year over year, and estimates being close to US$4 million, it accentuates the significance of why cybersecurity needs to be taken seriously.
So, let’s rewind the significant developments that took place in the field of Cybersecurity in 2019.
Cybersecurity Mergers & Acquisitions
For successful delivery of business operations, network systems, data and their storage account for the most valuable digital assets. And such assets pose extreme threats causing significant business risks, in addition to the reliance of business on these augments potential vulnerability to cyber threats. Thus, to enhance the possibilities to create a risk-free atmosphere, companies are pouring a huge amount of their funds into cybersecurity mergers and acquisitions. These M&A deals not only benefit them financially but also assist them to secure their networks better.
The year 2019 has been a significant one from the M&A perspective in the cybersecurity space. As per the industry reports, over US$7 billion deals befell during the first quarter of 2019 alone, and over 150 deals totaling more than US$23 billion in value took place this whole year.
Here is the list of significant cybersecurity M&A deals in 2019.
Broadcom – Symantec Enterprise Security Business
Broadcom, a global tech leader, acquired Symantec’s enterprise security business for US$10.7 billion. With this acquisition, the Enterprise Security business of Symantec Corporation will now operate as the Symantec Enterprise division of Broadcom. The acquisition will also significantly expand Broadcom’s infrastructure software footprint as it continues to build one of the world’s leading infrastructure technology companies.
VMware – Carbon Black
VMware, a leading innovator in enterprise software, acquired a leader in cloud-native endpoint protection, Carbon Black, for US$2.1 billion. With this acquisition, VMware has become a full-blown security provider and Carbon Black will form the nucleus of VMware’s security offerings going forward. VMware will pay US$26 per share in cash for the company and expects the deal to close by the end of January 2020.
OpenText – Carbonite
OpenText, an enterprise information management software giant, acquired Carbonite, a leading provider of internet-based backup solutions, for US$1.42 billion. The acquisition will fortify OpenText as a leader in cloud platforms, complete endpoint security and protection. This deal should also enable OpenText to make use of Carbonite’s existing offerings and go-to-market channel, while potentially assisting the buyers to integrate data backup and endpoint-protection capabilities into its existing security offering.
Cisco – Sentryo
Cisco recently has acquired a Lyon, France-based company, Sentryo that provides asset visibility and cybersecurity solutions for industrial control systems (ICS). The acquisition reflects the market demand for systems that secure components of ICSes. Many of those devices, such as programmable logic controllers and remote terminal units, do not have security mechanisms capable of fending off modern-day hackers. With this acquisition, Cisco is now able to combine with its products to assists customers lock down ICS.
Palo Alto – Demisto
Palo Alto Networks, the global leader in cybersecurity, acquired Demisto, a leading cybersecurity company which specializes in security orchestration, automation and response (SOAR), for US$560 million. The acquisition expedites Palo Alto Networks Cortex™, and AI-based continuous security platform strategy and further advances the company’s ability to deliver automated threat prevention and response for security teams.
Robust and Strategic Cybersecurity Partnerships
Cybersecurity is a team effort. As criminal attacks that can range from merely annoying to devastating, it is significant for companies to provide complete protection to their customers. That is why key vendors in this space are increasingly forging strategic alliances to either deliver protection against a wide array of threat vectors or to address various phases in the cybersecurity life cycle.
Here are some key cybersecurity alliances established in 2019.
AppDome – VMware
Appdome, the mobile industry’s first mobile integration as a service company, partnered with VMware to assist customers to deliver Workspace ONE security, privacy and intelligent analytics capabilities. VMware Workspace ONE is a new no-code solution that will enable enterprise customers to quickly and easily deliver the complete Workspace ONE SDK into any mobile application, with full support for all modern frameworks, push notifications and Wkwebview.
Anomali – Symantec
Anomali, a leader in intelligence-driven cybersecurity solutions, established a strategic partnership with cybersecurity firm Symantec Corp. This partnership is intended to meet global demand for threat intelligence-driven solutions. The alliance also establishes a platform for sharing information on cyber threats and focuses on improving the methods of dealing with cyber threats. Both companies also expand the availability of threat data, information, and intelligence to drive effective cybersecurity decisions.
Canon – McAfee
Canon and McAfee, the device-to-cloud cybersecurity companies, in mid-2019 announced a strategic partnership to assist businesses with embedded protection against malware for applications running on Multi-Function Devices (MFDs). The alliance enables McAfee to integrate its Embedded Control platform as an additional security feature on the new Canon imageRUNNER ADVANCE Generation 3 MFDs, which aids businesses to bolster endpoint security.
AXA XL – Accenture
AXA XL, AXA’s property & casualty (P&C) and specialty risk division, teamed up with Accenture to provide cybersecurity services to AXA XL’s underwriters, brokers and clients. Through this partnership, AXA XL is now able to offer its clients globally additional bespoke services, delivered by Accenture, that will assist them to understand and ease cyber risks. Additionally, Accenture will provide post-breach security services to AXA XL clients outside the U.S., including incident management and IT forensics.
Kaspersky – INTERPOL
Cybersecurity giant, Kaspersky and INTERPOL have signed a new five-year agreement to strengthen their collaboration in the fight against cybercrime around the world. The agreement follows in the footsteps of the original deal made between the two parties back in 2014. Under the latest agreement, Kaspersky will provide human resources support, training, and threat intelligence data on the latest cybercriminal activities to INTERPOL, which will reinforce the organisation’s cyber threat hunting capabilities.
Investments in CyberSecurity
The cyber space is one of the crucial areas, where hackers just want to win once and businesses need to get it right every single time. The sector will likely continue to remain a perennial industry as long as the internet and its accompanying threats persist. Thus, to dodge the potential threats, funding is obviously a major component for organizations in the cybersecurity.
As per the industry reports, the global spending on information security products and services is anticipated to be valued at US$106.6 billion in 2019, which is up from 10.7 percent in 2018. The amount is also predicted to reach US$151.2 billion by 2023, with a CAGR of 9.4 percent.
Let’s have a look at the top cybersecurity investments/funding that took place in 2019.
Amount Funded: US$200 Million
Transaction Type: Series E
Lead Investor: SoftBank Group Corp
In June, Cybereason, an Antivirus startup, raised US$200 million in Series E investment from Japan’s SoftBank Group Corp. The funding round doubles the total investments raised by the company so far to about US$400 million. Cybereason has planned to use the capital to expand its global footprint and focus on developing its core offering, Endpoint Protection Platform (EPP), a suite of endpoint protection technologies like antivirus, data encryption, intrusion prevention and data loss prevention that detects and stops threats at the endpoint.
Amount Funded: US$147 Million
Transaction Type: Venture
Lead Investor: Goldman Sachs
Acronis, a global leader in cyber protection, in September, secured US$147 million investment round led by Goldman Sachs. With this venture round, Acronis’ valuation reached over US$1 billion, enabling the company to expand its engineering team in Singapore, Bulgaria and Arizona. Acronis plans to use the fresh capital to speed up the business growth in North America in partnership with Acronis SCS, an independent software vendor and distributor for the public sector.
Amount Funded: US$75 Million
Transaction Type: Series D
Lead Investor: J.P. Morgan Asset Management
Menlo Security, a leader in Internet isolation, raised US$75 million in Series D funding in July, led by clients advised by JP Morgan Asset Management. With this funding, Menlo Security’s total valuation has reached to US$235.5 million. The company provides a cloud-based isolation platform that safeguards organizations from cyberattacks by eradicating the threat of malware from websites, documents, and emails. It will use the latest funds to expand its global sales team to meet the growing industry demand for Internet Isolation.
Amount Funded: US$60 Million
Transaction Type: Investment
Invested In: AU10TIX
TPG Capital, a private equity firm, made a US$60 million investment in AU10TIX, an identity verification and biometric onboarding company, to pay down the company’s debt. The investment gives AU10TIX a post-money valuation of US$260 million. AU10TIX offers solutions for customer onboarding and KYC automation across a diverse set of verticals over the past decade, with the portfolio of its level ID authentication, identity verification, screening, and advanced biometrics. Its solutions cover the banking, payments, transportation, travel, and gaming industries.
Amount Funded: US$50 Million
Transaction Type: Series C
Lead Investor: Bessemer Venture Partners
The leader in data-centric personal data privacy and protection, BigID, in September, clinched US$50 million in Series C funding from lead investor Bessemer Venture Partners. The funding round is aimed to assist enterprises to comply with global privacy regulation and meet their data protection needs. BigID has raised nearly US$100 million in the last 18 months. And the new funds will help the company to meet the growing demand for its technology, expand global sales and engineering and launch new products for data privacy, data governance and protection.
Cybersecurity Breakthroughs & Innovations
Over the years, making sure cybersecurity has always been a challenge for businesses across the globe. And it is anticipated that the quantity of data theft by cybercriminals could rise by an enormous percentage over the next five years. In the current scenario, it has become the primary concern not only for protecting citizens’ data from cyberattacks but also to protect the corporate, public and private sectors data itself.
Though, the surging developments in technologies such as AI, IoT, and increasing clusters of connected devices have driven the adoption of cybersecurity solutions. Now companies worldwide are taking a step further to sort and check the integrity of data efficiency. Here are the list of top breakthrough and innovation took place in 2019.
Ransomware and Cryptojacking
With the evolution of cryptocurrency, cybercriminals now are increasingly turning to cryptojacking over ransomware for a bigger payday. These attacks require similar tactics to ransomware but entail less technical expertise. Cryptojacking is illegally mining cryptocurrencies, encompassing embezzlement by making use of the computer and graphics processing power from naive users’ devices to mine crypto, without their permission or consent.
Endpoint Detection and Response (EDR)
EDR is an emerging cybersecurity solution that collects, records, and stores a large amount of data from endpoint activities to provide a different capability to the security stack. It advances threat detection far beyond the capabilities of traditional EPP solutions and actively finds out anomalies using behavioral monitoring and AI tools. By leveraging EDR, security teams in an organization can continuously monitor access data points, which provide them with surveillance-like visibility that can be used to inspect a past incident or to proactively hunt for threats in their environment.
Deep Fake Videos
Mobile camera applications have become increasingly sophisticated now as users can easily modify their faces by removing pimples, add on animal ears and more. It has even reached a point where anyone can create false videos that look very real and this process called deep fake videos. Automated AI technologies have been built to both create and detect deep fake videos. These kinds of videos can be used to influence masses for bad activities by depicting a celebrity or politician engaged in illegal activity or making inflammatory comments with a head of state.
In today’s digital world, enterprises are progressively shifting their data to the cloud computing environment. But, with the increased use of cloud computing that has brought many benefits, it has also opened up new areas of risk. This is where cloud security technology comes in. It encompasses a set of policies, controls, processes, and technologies that work together to safeguard cloud-based systems, data and infrastructure.
IoT and Cybersecurity
For the last few years, the internet of things (IoT) has been increased by an unprecedented rate, making its way across all sectors. From smartwatches and Internet-connected washing machines to smart home appliances and electrical devices, all have grown by leaps and bounds in just a short period of time. However, with the growing demand for IoT devices, one of the primary challenges to securing it is a lack of comprehensive security standards.
Top Rising Cybersecurity Startups
The cybersecurity market is one of the promising areas for IT innovation and funding and has given rise to a huge ecosystem of security startups. Most up-and-coming security vendors are looking to leave their mark on everything, from identity protection and control to complying with new privacy regulations and securing cloud infrastructure and IoT devices.
Here we have accumulated top rising startups in the field of cybersecurity that have made themselves a more germane channel in 2019.
CEO: Nicole Eagan
Founded by mathematicians in 2013, Darktrace is an AI-driven company for cybersecurity. The company’s Enterprise Immune System leverages machine learning and AI algorithms to identify and retort to cyber threats across diverse digital environments, including cloud and virtualized networks, IoT and industrial control systems. By deploying its unique machine learning, Darktrace has acknowledged 63,500 previously unknown threats in over 5,000 networks, including zero-days, insider threats, and subtle, stealthy attacks.
Founder and CEO: Nir Perry
Founded by cyber risk experts and insurance actuaries, Cyberwrite delivers cyber insurance technologies and solutions for the huge SMB cyber insurance market. The company was established in 2016 to enable insurance companies with a technology that automates cyber risk underwriting for cyber insurance policies. Its technology integrates machine learning algorithms with proprietary cyber insurance algorithms to envisage the likelihood and impact of various types of insurance coverages like data destruction, stolen records, ransom events and more.
Founder: Amir Levintal, Miki Shifman
Cylus, an Israel-based cybersecurity company, which was founded in 2017 with an aim to help mainline and urban railway companies avoid safety incidents and service disruptions caused by cyberattacks. The company offers solutions designed to address the unique requirements and needs of the railway industry. It also enables companies in the sector to detect cyber threats in signaling and control networks, trackside and onboard, facilitating an effective response before any incident takes place.
Founder and CEO: Gaurav Banga
Founded in 2015, Balbix offers comprehensive and continuous measurement of enterprise breach risk and resilience, on premise and in the cloud, across hundreds of attack methods. The company leverages AI to analyze risks of various platforms on the web, focusing on providing solutions not just for apps but also for other assets in a network.
CEO and Co-Founder: OmriIluz
PerimeterX is a provider of scalable, behavior-based threat protection technology for the web, cloud, and mobile. Founded in 2014, the company leverages machine learning technologies for various threat identification methods. It has invested heavily in studying security threats that are not carried out by humans but by bots. By assessing the behavior of humans, applications, and networks, PerimeterX catches in real-time automated attacks with unparalleled accuracy.
Countries in Cybersecurity
Cybersecurity is not an issue limited in any specific area or region; it is a global issue. Cyber threats to any country represent an actual risk to governments, economies, organizations and people to that region. Now these risks have shifted beyond data breaches and privacy concerns to sophisticated schemes that are disrupting entire businesses, industries and nations as well. These are also costing billions of dollars and affecting governments and companies in all sectors.
However, taking a step further against cyber risks, governments as well as organizations are progressively putting resources into advancing their cyber security conventions. Everyone is now attempting to remain on track against the most potential cyber attacks, and there are a few nations committing most to cybersecurity.
Here are the top countries around the world committing most to cybersecurity, best prepared against cyber attacks, and made robust cybersecurity strategies in 2019.
United States of America
The United States of America is one of the countries across the globe that is encountering a large number of phishing or cyber attacks every year. That is why nearly 58 percent of the digital security organizations are located in the country and endeavor to ascertain better approaches to tackle against potential cyber attacks. The growth in Information Technology and eCommerce sector in the US has given rise to cyber crimes, resulting a huge loss to the government and people in the nation. Looking at the number of data breaches, the US government and companies are constantly ensuring transparency, productivity and development concerning data security. To do so, the country year over year is attempting consolidated endeavors with accomplices in implementing robust cybersecurity strategies, principles, and addressing cybercrime and securing susceptible framework from cyber threats.
With the million threats and cybercrimes that hit larger countries around the world, New Zealand has issued its Cyber Security Strategy 2019, which covers the country’s plans and priorities to create safe cyberspace for citizens. Since technology is a part of most households, and people’s lives, and around 90 percent of New Zealand’s population is hooked on the Internet that gives malicious actors more opportunity to steal germane data and defraud more people. However, with new strategy, every single device, including appliance, gadget, and even cars, can now be connected to the Internet, and annually updating the cybersecurity policy is a good measure to safe everyone from all the traps lurking on the Internet in the country.
India has also taken major steps toward securing the citizens data by clearing the paths to introduce the National Cybersecurity Strategy. Currently, the Information Act, 2000 is the primary law for dealing with cybercrime and digital commerce in the country. In an attempt to bolster the cybersecurity ecosystem, the Ministry of Electronics and Information Technology (MeitY) of India has launched Cyber Surakshit Bharat initiative, in association with the National e-Governance Division (NeGD). Also, many crucial steps have been taken against potential cyber attacks, including National Critical Information Infrastructure Protection Centre (NCIIPC), appointment of chief security officer, crisis management plan, training and mock drills, and more. Now the country is going to publish the National Cybersecurity Strategy in January 2020.