In one of the biggest deals in the company’s history (second only to Motorola acquisition), Google has signed a definitive agreement to acquire cybersecurity firm Mandiant in an all-cash transaction valued at USD 5.4 billion. Post the acquisition–slated to close later this year– Mandiant will join Google Cloud.
“Together, we will deliver our expertise and intelligence at scale via the Mandiant Advantage SaaS platform, as part of the Google Cloud security portfolio. These efforts will help organisations to effectively, efficiently and continuously manage and configure their complex mix of security products,” said Kevin Mandia, CEO, Mandiant.
Claim to fame
Mandiant’s consultants respond to thousands of security breaches every year. Mandiant’s dynamic cyber defense solutions deliverred through the managed multi-vendor XDR platform, Mandiant Advantage, leverages the insights gaines from working in the cybersecurity trenches.
In 2013, Mandiant made headlines for exposing APT1’s enterprise-scale computer espionage campaign. The report carried evidence linking APT1 to China’s PLA and the timeline and details of over 40ATP1 malware families.
In 2020, FireEye (acquired Mandiant in 2013) discovered a supply chain attack trojanizing SolarWinds Orion business software updates to distribute malware.
In 2021, FireEye, Inc sold the FireEye Products business, including the FireEye name, to a consortium led by Symphony Technology Group (STG) for USD 1.2 billion. Post the acquisition, FireEye’s network, email, endpoint, and cloud security products, and the related security management and orchestration platform, was hived off from Mandiant’s controls-agnostic software and services.
Cloud wars
Reportedly, Microsoft was in discussion with Mandiant on a possible acquisition of the latter. Last year, the tech giant acquired a bunch of companies in the security space including CloudKnox ( working in Cloud Infrastructure Entitlement Management), RiskIQ, (global threat intelligence and attack surface management provider).
According to Synergy Research Group, Amazon boasts 33 percent of cloud infrastructure market share–more than the combined market share of Microsoft and Google.
Source: Statista
In Q4 2021, global cloud infrastructure service revenues surpassed $50 billion for the first time, bringing the industry total for the year to USD 178 billion. According to Sundar Pichai, a big chunk of Google Cloud’s revenue comes from GCP services and Google Workspace collaboration tools. GCP recorded more than 80% growth in total deal volume in 2021 year on year and 65 percent plus growth in the number of deals exceeding USD 1 billion.
Pichai believes Google Cloud’s security offering as a strong differentiator. In an earnings call last year, he said: “The increase cyber and ransomware attacks is a wake-up call for the industry. Over two decades, Google has built some of the most secure computing systems in the world and we are proud that our Google Cloud cuscustomers can benefit from our experience here. We pioneered the Zero Trust approach, an architecture that builds in multiple layers of defense against unauthorized access. This approach and the other security solutions help customers minimise the impact of cyber attacks and prevent them completely.”
Last January, Google acquire Siemplify, a leading security orchestration, automation and response (SOAR) provider to help companies better manage their threat response. Last year, Google Cloud and cloud-delivered endpoint and workload protection provider CrowdStrike announced a series of product integrations for in-depth security, comprehensive visibility and workload protection at scale across hybrid cloud environments. As part of the partnership, CrowdStrike Falcon platform was integrated with Google Cloud’s suite of security products such as Chronicle, Google Cloud Security Command Center (SCC) etc.
Mandiant acquisition
Mandiant will reinforce Google Cloud’s security offerings across cloud and on-premise environments. GCP offers capabilities such as BeyondCorp Enterprise for Zero Trust and VirusTotal to deal with malicious content and software vulnerabilities; Chronicle’s planet-scale security analytics and automation along with services such as Security Command Center to help organisations detect and avert cyber threats. Additionally, Google Cloud’s Cybersecurity Action Team offers advisory services.
The acquisition will power system integrators, resellers and managed security service providers to offer broader solutions to customers.
Mandiant has proven expertise in advisory services, threat detection and intelligence, testing and validation, automation and response tools, and managed defense.
“Organisations around the world are facing unprecedented cybersecurity challenges as the sophistication and severity of attacks that were previously used to target major governments are now being used to target companies in every industry,” said Thomas Kurian, CEO, Google Cloud. “We look forward to welcoming Mandiant to Google Cloud to further enhance our security operations suite and advisory services, and help customers address their most important security challenges.”
