Microsoft mulls deal for cybersecurity heavyweight Mandiant

Microsoft is in talks to acquire cybersecurity research and incident response firm Mandiant, according to people familiar with the talks, a deal that would bolster efforts to protect customers from hacks and breaches.

Deliberations may not result in an offer, said the people, who asked not to be identified because the talks are private. Mandiant and Microsoft declined to comment. Mandiant stock jumped 7% to $19.02 in New York on Wednesday, taking its market value to nearly $4.6 billion. Microsoft stock gained 2.2% to $311.21.

Adding Mandiant would bolster Microsoft’s product arsenal to protect customers and respond to cybersecurity threats. The software giant bought two smaller cybersecurity companies last year and said last month it amassed $15 billion in security software sales in 2021, up nearly 45% from the previous year. ‘last year. Last year, the Redmond-based company appointed former cloud chief Charlie Bell to oversee its security efforts, and said it had 3,500 employees working to protect customers.” from chip to cloud”.

“It would be a smart move for Microsoft,” said Bloomberg Intelligence’s Anurag Rana. “Going forward, the cloud with most security features would win.” A deal would allow Microsoft to better compete with companies focused solely on security and could also push cloud rivals and Alphabet’s Google to pursue similar acquisitions of their own, he said.

Mandiant became a standalone company again last year when FireEye – which acquired Mandiant in 2013 – sold its eponymous security products business for $1.2 billion to a consortium led by Symphony Technology Group. While FireEye’s products focus on network, email and cloud systems security, Milpitas, Calif.-based Mandiant’s work is primarily in incident response and cyber intelligence cases.

The potential deal would give Microsoft even deeper insight into back-to-back hacks. The ubiquity of Microsoft’s Windows operating system already provides the company with high-profile breach data. That, combined with Mandiant’s consultants, who are often called upon to investigate and triage hacks by advanced, state-backed criminal actors, would give the combined companies unparalleled cybersecurity knowledge.

Mandiant was founded nearly two decades ago by Kevin Mandia, a former US Air Force officer who eventually rose to fame for his incident response services.

FireEye acquired Mandiant in 2013, providing cybersecurity services including publishing a series of threat intelligence reports detailing allegations of state-sponsored hacking from countries including China and Russia.

FireEye has been involved in numerous major breach investigations, including the alleged North Korean intrusion at Sony Pictures Entertainment in 2014. Equifax also retained FireEye after the 2017 breach there.

Cyber ​​threats are increasingly serious on a global scale, with Microsoft products often in the crosshairs. In March 2021, China-linked attackers used flaws in Microsoft’s Exchange software code to break into tens of thousands of organizations. In a breach disclosed in December 2020, suspected Russian hackers compromised popular software from Texas-based company SolarWinds, by inserting malicious code into SolarWinds software updates, an attack that also affected Microsoft and many of its clients.

In October, Microsoft said the hackers behind the SolarWinds cyberattack were engaged in a new campaign to compromise global networks by targeting the technology supply chain, including resellers and cloud technology providers.

Microsoft Philanthropies supports select Seattle Times journalism projects.

Comments are closed.