BlackBerry is making its biggest acquisition ever.
The once-dominant smartphone maker known for producing mobile devices so addictive people used to call them “crackberries” said Friday it is plunking down $1.4 billion in cash to buy Cylance, a cybersecurity firm that specializes in machine learning-enabled threat detection. Pending regulatory approval, expected by February, the purchase will deplete more than half of BlackBerry’s cash pile.
The acquisition reflects BlackBerry CEO John Chen’s multiyear imperative: a shift from selling phones to enterprise software and services. He first laid out the strategy shortly after becoming CEO in 2013. (BlackBerry stopped making its own phones two years ago, though it continues to license its brand.)
Chen said in a statement that the addition of Cylance would “immediately complement our entire portfolio.” In particular, he said the business, set to run as an independent unit, would bolster BlackBerry’s “unified endpoint management” software, which helps businesses manage devices and applications, and QNX, an operating system used inside power plants and cars.
With Cylance, BlackBerry is seeking a greater slice of businesses’ information security spend, which market researcher Gartner estimates will exceed $114 billion this year. That BlackBerry is putting up triple the amount it paid for ex-rival Good Technology, its last biggest acquisition, made in 2015, demonstrates that it is fully committed to the pursuit of this new business model—best exemplified by BlackBerry Spark, a platform it is pitching as the secure, connective tissue for all sorts of connected devices.
If the deal goes through, BlackBerry’s purchase of Cylance will be the latest in a recent series of cybersecurity acquisitions including Cisco buying Duo for $2.4 billion and private equity firm Thoma Bravo taking over Veracode for $950 million. (Rumors are swirling, meanwhile, that Facebook, beset by propagandists, trolls, and privacy breaches, has been poking around for a major cybersecurity acquisition as well.)
Even as Cylance exits the “unicorn” club, a collection of startups privately valued at $1 billion or more, another company has stepped up to take its place. Earlier this week I broke the news that Netskope, a cloud security startup, had earned its unicorn horn after raising a new round of funding worth $170 million. But these mythical beasts are fleeing the stable quicker than their stock can be replenished.
Market consolidation will continue. Businesses are going to be spending more money on cybersecurity in the years to come, but it’s going to be with fewer vendors.
BlackBerry sure hopes it will be one of them.
Have a great weekend.
Robert Hackett
@rhhackett
Welcome to the Cyber Saturday edition of Data Sheet, Coins2Day’s daily tech newsletter. Coins2Day reporter Robert Hackett here. You may reach Robert Hackett via Twitter, Cryptocat, Jabber (see OTR fingerprint on my about.me), PGP encrypted email (see public key on my Keybase.io), Wickr, Signal, or however you (securely) prefer. Feedback welcome.
THREATS
Head in the Sand(berg). The New York Times published a deep, deep dive on Facebook's crisis management blunders over the past couple years. The paper claims that Facebook executives—particularly Sheryl Sandberg, the company's chief operating officer—sought to hinder investigations of Russian troll accounts and viral misinformation while minimizing disclosures to the public. Sandberg denied the allegations as "just plain wrong." (The official party line is here.)
WikiLeaks...leaks. U.S. Prosecutors seem to have inadvertently revealed that they have, under seal, charged Julian Assange, founder of secret-leaking website WikiLeaks. The telltale ink: Assistant U.S. Attorney Kellen S. Dwyer wrote that "Assange has been charged" in an unrelated court filing in the Eastern District of Virginia that was recently unsealed. (A spokesperson said the filing was "made in error.") The exact nature of the charges remains unknown, but experts expect they might involve the Espionage Act, which outlaws the disclosure of information related to national defense.
Assassin's creed. The Central Intelligence Agency has concluded with high confidence that Saudi Arabia's Crown Prince, Mohammed bin Salman, or "MBS," ordered last month's execution of Jamal Kashoggi, a Washington Post contributor. The Saudi government, whose statements about the incident have shifted for weeks, has continued to deny MBS's involvement. The country's public prosecutor has called for five people accused of involvement to receive the death penalty.
Internet entomology. A since-fixed Instagram bug related to its "download your data" feature accidentally compromised people's passwords. A database containing tens of millions of text message-based two-factor authentication codes was accidentally exposed to the public. And researchers discovered seven new variations of the Meltdown and Spectre computer chip attacks, which affect AMD, ARM and Intel.
"Cyber is, to a large extent, where it's at nowadays."
Share today's Cyber Saturday with a friend:
http://coins2day.com/newsletter/cybersaturday/
Looking for previous Data Sheets? Click here
ACCESS GRANTED
Practice makes perfect. The Foundation for Defense of Democracies, a Washington, D.C.-based think tank with a hawkish view on national security, held tabletop exercises that imagined how the U.S. Might respond to a digital assault from China. Participants were asked to consider what the government and private sector might ask each other amid such an onslaught, the result of an invented geopolitical crisis sparked by some "confrontation" in the Taiwan Strait, as reports CyberScoop, an information security news outlet.
The U.S. Financial and energy sectors are no strangers to foreign government hackers, from Iranian denial-of-service attacks on American banks to Russian reconnaissance of industrial control systems. Less-familiar territory, however, is how companies would work with the U.S. Government to respond to a cross-sector cyberattack during a geopolitical crisis.
About 20 private-sector executives and former government officials gathered last month in Washington, D.C., to take a stab at that question.
FORTUNE RECON
Amazon Announces a Security Change That May Help Companies Using AWS to Avoid Data Breaches by Glenn Fleishman
Wealthy Home Buyers Can No Longer Conceal Their Identities In These Cities by Renae Reints
Republicans and Democrats Make a Rare Show of Unity—Against Robocalls by Laura Stampler
Exclusive: Dragos Raises $37 Million to Secure Industrial Systems by Robert Hackett
China or Russia Could Defeat “Eroded” U.S. Military, Congress Warns in Alarming Bipartisan Report by David Meyer
Bitcoin Scammers Hijack Twitter Accounts to Run 'Elon Musk' Ads by Jeff John Roberts
'Distinctly Uncomfortable:' U.K. Companies' Plans to Microchip Employees Face Fierce Pushback by Hallie Detrick
ONE MORE THING
Give this guy a hand. The first line to this Vice Motherboard story instantly hooks: "It was just before midnight when I made the impulsive decision that would transform me into the world’s most useless cyborg." Reporter Daniel Oberhaus tells the tale of a chip implant he had injected into his hand which would take a year to unlock. "If I had a single piece of advice for anyone thinking about getting an NFC chip implant it would be to do it sober," Oberhaus cautions. Thanks for the tip.
