Mergers and acquisitions.
Accenture will acquire Symantec’s Cyber Security Services business from Broadcom for an undisclosed amount. Accenture's CEO Julie Sweet said in a press release that the acquisition will allow the professional services firm to "offer one of the most comprehensive managed services for global businesses to detect and manage cybersecurity threats aimed at their companies." GovCon Wire says the acquisition is expected to close in March. Symantec's Cyber Security Services were part of its Enterprise Security business, the entirety of which was purchased by Broadcom for $10.7 billion in August, ZDNet notes.
Cloudflare has acquired Kirkland, Washington-based browser isolation startup S2 Systems for an undisclosed sum, SiliconANGLE reports. Cloudflare's CEO Matthew Prince said in a blog post that the speed of S2's technology sets it apart from other browser isolation providers, and it will be integrated into Cloudflare Gateway Enterprise.
VMware has completed its $2.7 billion acquisition of San Francisco-based cloud hosting provider Pivotal, TechCrunch reports. VMware's executive vice president Ray O'Farrell stated that Pivotal's technology will be added to VMware Tanzu's product portfolio.
San Jose-based Broadcom acquired New York-based cyber risk analytics provider Bay Dynamics on December 19th, the Silicon Valley Business Journal reports. The Journal says neither company has commented on the acquisition, which was only revealed by an equity incentive plan Broadcom filed with the SEC.
Email security provider Mimecast has acquired Tel Aviv-based phishing prevention startup Segasec. The terms of the deal were not disclosed, but Calcalist, citing an anonymous source familiar with the deal, reports that it was around $40 million.
ARM and Gemalto are trying to sell their joint venture subsidiary Trustonic, Electronics Weekly says. The Telegraph notes that while the mobile device and application security company has hundreds of customers, including some major technology companies, Trustonic has consistently failed to turn a profit.
Mastercard is acquiring Utah-based risk assessment automation provider RiskRecon for an undisclosed sum, according to Silicon Republic. Mastercard's president of cyber and intelligence Ajay Bhalla stated that "[t]he innovations from the talented team at RiskRecon will further accelerate our suite of cyber solutions designed to help financial institutions, merchants and governments secure their digital assets."
Rockwell Automation is acquiring Israeli IT/OT cybersecurity company Avnet Data Security. Rockwell's Senior Vice President of Control Products & Solutions Frank Kulaszewicz said the acquisition "will enable us to service a much larger set of customers globally while also continuing to accelerate our portfolio development in this rapidly developing market."
PE Hub reports that Dell Technologies will try to sell RSA Security for at least $3 billion. Morgan Stanley has been retained to assist in the process, which will begin early this year, according to SDxCentral. Channel Futures quotes Eric Parizo, a senior analyst at Ovum, who explained that "[t]here is now quite a bit of solution overlap on cybersecurity within the Dell universe, with Dell’s own assets, SecureWorks, and VMware’s growing security division....Over time, it has been increasingly difficult to see where RSA fits within its broad matrix of security capabilities."
Investments and exits.
New York City-based data privacy and protection provider BigID has secured $50 million in funding from Tiger Global Management. The company will use the Series C extension "to deliver new products in privacy and protection of personal data along with expansion of go-to-market strategies across the globe." BigID's CEO Dimitri Sirota told TechCrunch that the company was founded at the right time, just as privacy regulations like GDPR and CCPA began to appear on the horizon.
C5 Capital is selling Mountain View, California-based fraud prevention company Shape Security to Seattle-based F5 Networks for $1 billion, according to AltAssets. TechCrunch quotes F5's president and CEO François Locoh-Donou as saying that "[w]ith Shape, we will deliver end-to-end application protection, which means revenue generating, brand-anchoring applications are protected from the point at which they are created through to the point where consumers interact with them—from code to customer."
Network security company ExtraHop has hired Sri Sundaralingam as vice president of product and solutions marketing and Phil Shigo as vice president of business development and strategic alliances, GeekWire notes.
Kaspersky has added Rob Cataldo as managing director of Kaspersky North America, MSSP Alert says. Cataldo most recently served as vice president for Kaspersky USA’s enterprise sales, and he's also held sales positions at Bromium and Sophos.
The IDF's Chief Censor, Brig. Gen. Ariella Ben-Avraham, is in discussions to take a position at Israel-based spyware provider NSO Group after she retires from the military in March 2020, Haaretz reports.
Radware has appointed Dan McLean as Managing Director of Australia and New Zealand, ARN reports. McLean previously spent fifteen years at VMware, where he most recently worked as senior director of cloud sales.
Security companies in the news.
Facebook's augmented and virtual-reality vice president Andrew Bosworth wrote a long memo, posted to Facebook's internal network and obtained by the New York Times, which addressed in part Facebook's political advertising policies. Bosworth said he believes Facebook was responsible for the election of Donald Trump, not because of Russian information operations or Cambridge Analytica, but because Trump "ran the single best digital ad campaign I’ve ever seen from any advertiser." Bosworth made it very clear that he did not want President Trump to be reelected, but argued that Facebook should not "use the tools available to us to change the outcome...or we will become that which we fear." The New York Times notes that the memo and its contentious comment section "provides an unusually candid glimpse of the debates raging within Facebook about the platform’s responsibilities as it heads into the 2020 election."
The London Stock Exchange has denied reports that a cyberattack caused a trading outage that occurred in August, Security Magazine reports. A spokesperson for the London Stock Exchange Group maintained that the outage was due to "a technical software configuration issue following an upgrade of functionality."
Where business is done.
The Honolulu Civil Beat notes that Hawaii possesses untapped potential for a local cybersecurity industry due to the presence of the National Security Agency's Cryptologic Center on Oahu. The private sector has capitalized on cybersecurity talent from NSA's locations in other parts of the country, including Georgia, Colorado, Texas, and of course Maryland, but Hawaii has lagged behind. Neale Rath, a senior manager at Deloitte Consulting, told Civil Beat that Hawaii's expensive and remote location presents unique obstacles for the state, but he doesn't believe these are insurmountable.
Francis Dinha, CEO and co-founder of OpenVPN, writes in Forbes that companies can bridge the talent gap by fostering a rewarding work environment, connecting with the open source community, and offering useful benefits to make employees' lives easier.
US Special Operations Command last month issued a Request for Information (an RFI, not yet a Request for Proposals) that asks about commercial-off-the-shelf software that could be used as a "prototype for use of understanding the information environment that can detect misinformation, disinformation and mal-information campaigns in near to real-time to directly support information operations within Special Operations Command. The resulting analysis will be surfaced on a user interface and contextualized by the relevant narratives and network of accounts. This software must leverage an intuitive cloud-hosted user interface software which provides processing and analyzing multi-modal social media and web data and has the programmatic ability to dissect and categorize information sectors. The government requires a prototype data pipeline that will identify viral and trending content for threat assessments and score data with a ranking system that highlights the likelihood of being fake or deceptive and display the information on the user interface." It checks many familiar blocks: "deep learning, natural language processing, and dynamic network analysis." In effect, Special Operations Command wants a tool that will recognize lies and the intent behind them, at scale and in near-real-time. This will be a tall order, and, by the way, you don't get paid for responding to an RFI.