Last Tuesday, Google announced its plans to purchase Mandiant, one of the prominent players in the cybersecurity industry, for about 5.4 billion USD (1).
According to the deal, Google will acquire the US-based company for 23 USD per share in an all-cash deal likely to close by the end of the year (2). The price indicates a 2.3% premium over its closing stock price of 22.49 USD on Monday.
Some of the world’s largest companies frequently call upon Mandiant to investigate and build digital defenses amid the surge of data breaches. After the acquisition, the company will become a part of Google Cloud. Notably, until last year, it was called FireEye.
“In today’s increasingly hostile world, cybersecurity has never been more important,” said Phil Venables, Head of Information Security at Google Cloud (3).
Likewise, Kevin Mandia, the CEO of Mandaint (4), said, “the combination of Madiant’s automated defense technology and Google’s cybersecurity analytics will go a long way into boosting cloud security at a time when it is desperately needed.”
The deal has come in the wake of the Russia-Ukraine conflict. Experts in the cybersecurity industry have long predicted a rise of cyberattacks in case of any conflict between the two countries that could have a ripple effect worldwide. There are also speculations that if Russia feels threatened, it could directly target the US or other NATO countries (5).
Apart from the rising threat, governments, companies, and critical infrastructure continue to face increasing threats from bad actors with ransomware and other kinds of cyberattacks designed to shut their operations to extort millions of dollars.
These have heightened the demand for cybersecurity experts when the industry is already experiencing a skills gap. According to Mandia, increasing automation will help companies get the most out of their employees.
According to industry experts, additional investments and mergers like these could emerge in the future.
Wedbush analyst Daniel Ives wrote in a note to investors that the deal could be the start of a “massive phase of consolidation” for the cloud industry, with companies like Amazon and Microsoft now under pressure to “further bulk up” the security of their platforms, especially given the threat from Russia (6).
A Huge Surge in Cyberattacks
According to the 2022 Cyber Threat Report released last month by SonicWall, a cybersecurity company, governments across the globe witnessed a 1,885% increase in ransomware attacks, and the healthcare industry saw a 755% surge in 2021 (7). There has also been a 104% jump in ransomware attacks in North America, only under the 105% average increase globally.
It’s still a mystery why there was such a big jump. Last year, the Guardian noted that the growth in ransomware was connected to the rise in remote work and firm personnel operating outside their office networks (8). According to PBS, individual companies that pay ransomware demands may be contributing to the problem (9).
“Ransomware agents are profit-driven,” said Dmitriy Ayrapetov, SonicWall’s VP of platform design (10). “As long as there’s a profit, they’ll keep bringing in new players, actors, and so on.” And, of course, a safeguard or preparation also allows this to continue.
Overall, as the number of cyberattacks has increased, the onus of cybersecurity has shifted on tech giants. It has also resulted in high expenses for major cloud providers, who must now protect their larger data share. As big cloud providers look to safeguard their portfolios, Google’s purchase might spark an M&A frenzy.
Microsoft in Cybersecurity
To combat cyberattacks, Microsoft developed a 5 billion USD business and one of the world’s largest private cyber armies. However, the storm of cybersecurity threats continues to grow.
During the first six months of 2021, banks in the United States reported roughly 600 million USD in ransomware payments, with cybersecurity experts estimating the cost to be significantly higher (11).
The story is no stranger to corporate, and public networks are well since scammers look to extort their money and government-backed hackers also target them for surveillance purposes.
Microsoft is also uniquely positioned as the center to combat cybercrime as its productivity products are dominant in government and corporate networks. It is also one of the prominent cloud-computing service providers worldwide.
Over the past few years, Satya Nadella-led tech company has also been hit by a series of high-profile cyber attacks.
In December 2020, the company reported that it had been compromised by the hackers who were also behind the cyberattacks on SolarWinds Corporation – linked to Russia. Within a few months of that incident, Exchange, a widely used email product of Microsoft, was targeted by a cyberattack linked to the Chinese government.
It would be crucial for Microsoft to bring its security solutions to the clouds of different companies to solve cybersecurity issues. After all, today, most companies rely on several small security products that defend only parts of their data.
“Customers have been getting a Frankenstein solution when it comes to cybersecurity. However, the issue is that everywhere you glue things together, there will seams, which becomes places that people can attack,” explained Charlie Bell, Microsoft’s Security Chief (12).
Microsoft is consolidating its cybersecurity business’s lead in this highly fragmented market. Earlier this year, the company announced its cybersecurity business surpassing 15 billion USD in sales last year, up over 45% from the year before.
The increasing cybersecurity threats have created a tremendous opportunity for Microsoft. It is uniquely positioned to build better security walls to prevent bad actors, meaning it may profit big.
Today, Microsoft’s cybersecurity division is worth 15 billion USD, and it has committed 20 billion USD for the next five years to invest in cybersecurity. It has purchased more cybersecurity startups than any other big tech company since 2016 (the number is eight for those wondering) and was in talks to buy Mandiant until Google came in.
Google has pledged 10 billion USD to cybersecurity over the next five years and has invested in 33 companies, the most of any major technology giant.
Google, like Microsoft, has made significant investments in the cloud. It also established a Cybersecurity Action Team, which provides organizations with strategic advising services.
Mandiant, which runs advanced AI threat detection systems, will be able to give Google’s cloud products end-to-end protection (13).
“Mandiant is an extraordinary player in cybersecurity space. It would enable us to offer end-to-end solutions in this area, which goes into our cybersecurity commitment and what we are trying to achieve in the cloud.
“The focus and investments start with let’s ensure that we have the depth and breadth within the industry verticals so we can address the distinctive needs within each industry segment whether it is healthcare, finance, or retail,” said Ruth Porat, Alphabet’s finance chief (14).
She added that investments like Mandiant are needed to compete with prominent cloud players like AWS, Amazon Web Service, and Microsoft Azure.
“The way we look at it (investments), we’re certainly not battling with our peers at the scale they were then, but we’re competing at the scale they are today in an accelerating market,” Porat explained. “Of course, we’re still centered on the longer trajectory to profitability, but to be clear, we’re continuing to invest across the board to support cloud in the short term.”
Google Cloud reported a 45% year-over-year sales surge to 5.54 billion USD in the last quarter of 2021, with an operating loss of 890 million USD, down from 1.14 billion USD the year before. However, the unit’s loss increased over the previous quarter, when it lost 644 million USD (15).
Artificial intelligence and the capacity to automate data are two of the most common requests from cloud customers in both the public and private sectors, according to Porat. In terms of security, Google Cloud CEO Thomas Kurian stated in a blog post on Tuesday that this includes “quicker and more intelligent threat detection.”
Mandiant would fit in with the company’s products from Chronicle, which started as a separate company in Alphabet’s “Other Bets” until being incorporated into Google’s cloud division in 2019.
“Security operations technologies within Google Cloud’s Chronicle, Siemplify solutions, and Mandiant’s Automated Defense enable customers to evaluate, prioritize, and streamline attack response,” according to the blog post.
According to the company’s most recent annual report, leading US government agencies are among Mandiant’s customers (16). For example, in 2020, FireEye announced its collaboration with the Federal Bureau of Investigation on a cyberattack.
Amazon in Cybersecurity Market
While many businesses are apprehensive about putting sensitive data on the cloud, Amazon has created several encryptions. A network of its services protects Amazon’s cloud platform. Through its Security Hub, it also provides unified threat detection.
Amazon, together with Microsoft and Google, controls more than 61% of the 130 billion USD worth of cloud market. Therefore, their security measures matter (17).
Since Amazon has not made any notable acquisitions for cybersecurity, we can expect it to be next in line to do so (18). In addition, we can also expect a larger wave of cyber investments and M&A to continue as the cybersecurity industry offers an economic opportunity that is anticipated to grow from 165 billion USD to 366 billion USD by 2028 (19)