At a glance.
- Netwrix merges with Stealthbits.
- iboss secures $145 million in funding.
- A look at the future of the cyber insurance industry.
Mergers and acquisitions.
Irvine, California-based data security company Netwrix has merged with New Jersey-headquartered data access governance provider Stealthbits. Netwrix's press release states, "The combined entity will continue to offer its complete portfolio of more than a half dozen security solutions aimed at identifying and detecting data security risk as well as protecting, responding and recovering from cybersecurity attacks....With over 500 employees and customers from more than 50 countries, the combined company will operate as Netwrix with Steve Dickson continuing to serve as its chief executive officer and on the company's Board of Directors. Steve Cochran, founder and chairman of Stealthbits, will be an investor in Netwrix and will serve on its Board of Directors." The company adds, "For the foreseeable future, customers, prospects and partners of each company will continue to interact with each company as they do today for sales, support and partner activity."
White Ops, a bot mitigation and ad fraud prevention firm based in New York, has been acquired by Goldman Sachs Merchant Banking Division, in partnership with ClearSky Security and NightDragon. The company says "The acquisition will support White Ops in its next phase of growth and further accelerate its expansion into new markets." Their press release adds, "In addition to representatives from Goldman Sachs, Jay Leek will join the Board of Directors representing ClearSky and Dave DeWalt will join the Board of Directors representing NightDragon and serve as Vice Chairman of the Company."
Arizona-based cybersecurity consultancy Cerberus Sentinel has acquired Alpine Security, a cybersecurity services firm headquartered in Missouri. The company's press release states, "Alpine will continue to be based in St. Louis, and its compliance team will add to the experienced Cerberus Sentinel team led by chief compliance officer Baan Alsinawi. The penetration testing team will be integrated into the existing capabilities crew at Cerberus Sentinel, and it will continue to specialize in medical devices, addressing the expanding demand from healthcare clients."
Aliso Viejo, California-based IT management and security firm Quest Software has acquired New York-headquartered data governance company erwin, Inc from Parallax Capital Partners. Quest stated, "Erwin's solutions strengthen Quest's market-leading data toolset, adding new capabilities to drive significant data initiatives and the deployment of modern applications while ensuring regulatory compliance."
Kaspersky has acquired a stake in Nexway, an e-commerce and online payment platform headquartered in Paris. Kaspersky's Chief Business Officer Alexander Moiseev stated, "Nexway will remain a separate company with its own management, processes, and reporting, in accordance with all European laws and regulations. We will limit our input to technological expertise and strategic direction." Moiseev says Kaspersky's goal is to help Nexway build "the safest, most ethical, and most open online trading ecosystem possible, optimized in particular for players in the field of cybersecurity."
Investments and exits.
Boston-based SASE cloud security provider iboss has raised $145 million in a funding round led by NightDragon and Francisco Partners. Iboss says the funding will be "used to support the company’s rapid growth." Dave DeWalt, founder of NightDragon and co-chairman of iboss, stated, "iboss has created the largest, most modern and comprehensive SASE security platform on the market and is the only platform that can fully transition organizations from on-prem security appliances to SaaS security delivered in the cloud. What makes this stronger is that iboss is an open security platform that allows organizations to apply the security engines and log analytics platforms of their choosing compared to existing closed SASE solutions that lack this flexibility and restrict better security due to lack of collaboration with top cybersecurity intelligence vendors."
O’Melveny has added data privacy lawyer Tod Cohen as a partner. Cohen most recently served as Twitter's Deputy General Counsel and Vice President, where he managed the company's Global Office of Data Protection. Cohen told Law.com that he "found that the issues that matter to clients, the most difficult, most challenging, most cutting-edge legal issues are handled by outside counsel."
Booz Allen Hamilton has hired Andrew Turner as Executive Vice President and Market Strategy Leader for its global commercial business. Turner most recently served as Chief Security Officer at Fidelity National Information Services (FIS).
Companies in the news: a coming growth in cyber insurance.
Crunchbase News cites investors who believe the cyber insurance market will see more activity as cyber incidents increase. Mark Sherman, managing director at Telstra Ventures, told the publication that "the number of risks and attacks has increased to a level such that it is so commonplace." Sherman says his firm is "likely to make another insurance-related investment." Matt Kinsella, managing director at Maverick Ventures, told Crunchbase, "It’s still a pretty young industry, so you have to give it time. It is growing fast, but it is in a sector like insurance that traditionally is slow to change."
Why might ransomware operators be interested in their victims' insurance policies?
And ransomware operators seem to be taking an interest in how their victims are indemnified. 2021's first new strain of ransomware, Babuk Locker, is out in the wild, according to BleepingComputer. It's assessed as "amateurish," but the hoods’ negotiating messages are interesting in two respects: they ask the victim if they’re covered by cyber insurance, and whether they're working with a ransomware recovery company. This would seem to suggest that the criminals are looking to insurance companies and security firms as, effectively, middlemen, presumably thinking that those third parties might be counted on to persuade the victim to pay up. That's increasingly looking unwise, as both law and sound practice are moving away from considering ransom payments as an acceptable option in these cases. By all means consider cyber insurance, but think twice about using it to pay ransom.
And security innovation.
The Startup Pill has compiled a list of 101 cybersecurity startups to keep an eye on in 2021. Topping the list are Beyond Identity, a passwordless identity management provider based in New York City; Cyble, a cyber intelligence firm headquartered in Atlanta, Georgia; Fast, a secure e-commerce platform provider based in San Francisco; Deduce, a New York City-based account takeover prevention company; and Cowbell Cyber, a cyber insurance and risk assessment firm headquartered in Pleasanton, California.