Microsoft has been on a cybersecurity splurge to fight mounting threats

• The software giant bought Israeli security startup CyberX in 2020, and just last month acquired IoT security firm ReFirm Labs
• Reports state that Microsoft will pay over US$500 million in cash to acquire San Francisco-based cybersecurity company RiskIQ
• The series of acquisitions comes amid a heightened global cyberthreat landscape

The year 2020 broke all records when it came to data lost in breaches and sheer volume of cyberattacks on companies, government, and individuals. In fact, an Interpol assessment of the impact of Covid-19 on cybercrime has shown a significant target shift from individuals and small businesses to major corporations, governments and critical infrastructure. To manage such scenarios and to establish its status as a secure platform and hardware provider, tech giant Microsoft has been on a cybersecurity vendor acquisition spree of late.

Till date, the American multinational firm has made two major cyber-related acquisitions since 2020 and a third one is reportedly underway. The company announced the deal earlier this week on its website but didn’t disclose terms. Bloomberg, citing people familiar with the matter, reported that Microsoft is paying in excess of US$500 million in cash for the company.

Its acquisition of security software maker RiskIQ is an effort to expand Microsoft’s products and better protect customers amid a rising tide of global cyberattacks. San Francisco-based RiskIQ makes cloud software for detecting security threats, helping clients understand where and how they can be attacked on complex webs of corporate networks and devices. According to the company’s website, RiskIQ customers include Facebook Inc., BMW AG, American Express Co. and the US Postal Service.

Microsoft has also acquired several companies to expand its security capabilities. Last month, Microsoft bought ReFirm Labs, a maker of technology to secure Internet of Things (IoT) devices, for an undisclosed amount. In a blog post announcing the deal, the company said it has 3,500 employees working on security at Microsoft and a mission to help protect customers “from the chip to the cloud.”

Prior to that, the software giant last year bought Israeli security startup CyberX in a bid to boost its Azure IoT business. CyberX focuses specifically on detecting, stopping, and predicting security breaches on IoT networks and the networks of large industrial organizations. Microsoft in a blog posting said,  “CyberX will complement the existing Azure IoT security capabilities, and extends to existing devices including those used in industrial IoT, operational technology (OT), and infrastructure scenarios”, and that “with CyberX, customers can discover their existing IoT assets, and both manage and improve the security posture of those devices.”

Experts reckon that Microsoft’s interest in the company touches on two key areas that the company has been working on building up over the last several years: IT services for large enterprises, and cybersecurity — specifically cybersecurity leveraging AI to identify and tackle next-generation challenges. The company is also betting big on IoT: the Windows OS maker has invested US$5 billion into the area in the last couple of years on a wider platform of building — vitally for its Azure cloud operations — IoT solutions as part of its larger enterprise push. 

Microsoft is not the only one acquiring cybersecurity assets

The influx of remote and hybrid work as well as increased need for organizations and federal agencies to shore up an expanded array of exposed endpoints for their networks, has led to an “acquisition spree” among cybersecurity firms in 2020, according to a Forrester report released June 29.

The report found that 90% of the 120 publicly announced cyber deals were strategic mergers and acquisitions, while only 10% were private equity buyouts. The buyouts tended to be large transactions — worth US$1 billion and above — with approximately US$15 billion injected in the cybersecurity industry by private equity firms. But the vast majority of M&A activity in the field were firms looking to augment existing product offerings to handle market demand for security services.

Initially driven by the pandemic, the report indicates high-profile cyberattackssuch as the SolarWinds intrusion that breached several federal agencies and the Colonial Pipeline ransomware attack that caused a brief surge in nationwide gas prices, “continue to fuel investment.”