A fresh wave of cyber-vulnerabilities worldwide has Microsoft on a cyber-security spending spree as it strives to tighten up its security posture.
Cyber-attacks on individuals, companies, and governments breached all records in 2020. Data breaches cost corporations, cities, and governments billions of dollars. As Interpol assessed, Covid-19 has been a major inspiration for an increase in cybercrime affecting large businesses, governments, and critical infrastructure, as opposed to individuals and small businesses. Microsoft has taken on a cyber-security vendor acquisition spree in recent months in order to manage these scenarios and establish its presence as a security platform and hardware provider.
According to multiple high-end sources, Microsoft has confirmed that it is buying RiskIQ, a cyber-security company based in San Francisco that provides threat intelligence and cloud-based software as a service for organizations.
Despite “the increasing sophistication and frequency of cyber-attacks,” Microsoft said the acquisition will assist its customers in managing specific risks associated with working remotely over the Internet and using cloud computing.
How much did RiskIQ cost?
Microsoft did not disclose the terms of the deal, under which RiskIQ’s threat intelligence service will be integrated into Microsoft’s flagship security offerings, although Bloomberg previously reported it would pay more than $500 million in cash for RiskIQ. There was no confirmation from Microsoft about the reported figure.
With hybrid and remote working strategies becoming increasingly prevalent, organizations face a heightened security landscape.
With RiskIQ’s software, businesses can monitor their entire network – including those of various cloud providers – and the threat intelligence collects them and helps them determine their vulnerabilities and mitigate them. Founder and CEO Elias Manousos of RiskIQ said in a blog post: “We couldn’t be more enthusiastic about joining forces to empower the worldwide community to guard against the rising flow of cyber-attacks.”
In addition to scouting the web, RiskIQ reports on the details of websites and networks, DNS records, certificates, and other data, like WHOIS registration data, providing visibility into what assets, devices, and services may be accessed by devices outside of an organization’s firewall.
Thus, companies can protect their assets from malicious attacks and minimize their attack surfaces. This data was instrumental in enabling the company to understand who Magecart is, a group that injects credit card stealing malware into vulnerable websites.
What Is Microsoft Trying to Achieve?
Through Microsoft’s integration of RiskIQ’s technologies into its core products, its customers will have an expanded view of global threats to their companies, especially since the workers are increasingly working beyond office hours. Microsoft has also dealt with cybersecurity challenges this year: in March, an attempt was made to breach the company’s Exchange email service, compromising potentially tens of thousands of organizations such as the state as well as local governments, learning institutions, contagious disease researchers, and businesses.
The proliferation of cyber-attacks with wide-ranging effects has raised concerns about Internet vulnerabilities this year. Following a cyber-attack in May, the operator of the 5,500-mile Colonial Pipeline temporarily shut down the pipeline, resulting in gasoline shortages on the East Coast.
Furthermore, Microsoft says the deal will be used to keep tabs on supply-chain risks. Ransomware attacks on IT vendors and software companies are becoming increasingly common. A cyber-attack on software provider SolarWinds affected more than 18,000 of its customers last year, and an IT vendor was the victim of a ransomware attack spreading to more than 1,000 businesses today.
Educational institutes have been also on the verge of cyber-attacks as most educational institutes have been conducting sessions via the internet amid Covid-19. Vital information regarding institutes and students has become vulnerable. Most educational services like Law essay writing services and similar educational service providers were also on the brink of cyber-attacks.
Cyber-attacks against hospitals and municipalities have also hit the U.S. in recent weeks, emphasizing how dangerous cyber-attacks are. Christopher Wray, the director of the Federal Bureau of Investigation, spoke with The Wall Street Journal in June and said cyber-attacks that use ransomware have spread rapidly, calling for public and private sector efforts to prevent them.
Satya Nadella, CEO of Microsoft said on a conference call with analysts in April, “The threat landscape has never been a challenge or more complex. This has led to increased demand for end-to-end services spanning identity, security, compliance, and management.”
Why Did Microsoft Buy RiskIQ?
According to Eric Doerr, Microsoft’s vice president of cloud security, RiskIQ enables customers to assess the security of their entire enterprise attack surface, including their cloud infrastructure, AWS, on-premises, and supply chain. The RiskIQ team has been scanning the Internet and analyzing it for more than a decade, helping enterprises identify and remediate vulnerable assets before an attacker exploits them.”
Just before the acquisition, RiskIQ had earned more than $80 million just through investors. Last June, it raised $15 million in a Series D round aimed at helping integrate its solutions into critical infrastructure, including for protection against nation-state adversaries. RiskIQ claimed to be serving 30% of Fortune 500 companies and 6,000 organizations around the world at the time.
In total, RiskIQ has raised $83 million in four rounds of funding since its founding in 2009. RiskIQ Co-founder and CEO Elias Manousos said he was “thrilled” with the acquisition.
“The vision and mission of RiskIQ is to provide our customers and partners with unrivaled insights into and protection from the internet,” said Manousos. “Together, our capabilities will enable best-in-class threat protection, investigation, and response.”
Microsoft’s Recent Acquisition Spree
Microsoft has recently invested heavily in cyber-security with a series of acquisitions. It acquired Israeli security startup CyberX last year to boost its Azure IoT business, IoT networks in large industrial organizations and networks of large enterprises are target markets for CyberX. It specifically detects, stops, and predicts security breaches on these networks.
Microsoft in a blog posting said, “IoT devices used in industrial IoT, operational technology (OT) or infrastructure scenarios will be covered by CyberX,” Microsoft said in a blog post. CyberX will enable users to discover and manage their existing IoT assets, as well as enhance their security postures, the company said.
Only last month, Microsoft bought ReFirm Labs, an Internet of Things (IoT) device security technology company, for an undisclosed price to beef up its IoT security efforts. 350 employees work on security issues at Microsoft, according to the blog post that announced the deal.
Microsoft’s current security products to help commercial customers consists of security for its Azure cloud-computing service and its 365 Defender software and by expanding its security offerings, Microsoft would be better positioned to deal with an increase in high-profile attacks online.
Current Acquisition Strategy by Cybersecurity Firms
A report by Forrester released on June 29 calls for an intensive acquisition strategy by cybersecurity firms in 2020 as organizations and federal agencies struggle to secure an enlarging array of exposed endpoints for their networks.
Approximately 90% of the 120 publicly announced cyber acquisitions and mergers were strategic acquisitions, while only 10% were private equity buyouts. There were usually large acquisitions – of $1 billion or more – with private equity firms injecting approximately $15 billion into the cybersecurity industry. However, a large majority of the M&A activity in the field were firms seeking to support market demands for security services by expanding existing product offerings.
Security has become one of Microsoft’s most important business units, even though productivity software is most closely associated with the company. Earlier this year, the company reported $10 billion in revenues, a fact that prompted some analysts to call it a “cybersecurity behemoth.”
The addition of RiskIQ will be a significant benefit for Microsoft’s security offerings, as well as generating revenues from the unit.
