At a time when global businesses are becoming increasingly wary of cyberthreats after a string of ransomware attacks that brought operations at many leading companies to a grinding halt, Microsoft has announced that it is buying RiskIQ, a San Francisco-based cybersecurity firm.
Microsoft said the acquisition will help its customers address the risks created by remote work.
While Microsoft did not disclose the financial terms, Bloomberg had earlier reported that it paid more than USD500 million in cash for the purchase.
The deal will also help organisations keep an eye on supply-chain risks. This is a growing priority for many companies. An attack on software provider SolarWinds last year affected at least 18,000 customers, and earlier this month, a ransomware attack on Kaseya spread to more than 1,000 businesses.
In the past couple of months, there were two other high-profile ransomware attacks – on Colonial Pipelines, who agreed to pay USD4 million, and on meat suppliers JBS, who reportedly paid USD11 million.
In a company blog post, Eric Doerr, Vice President, Cloud Security at Microsoft, wrote: “Microsoft is announcing that we have entered into a definitive agreement to acquire RiskIQ, a leader in global threat intelligence and attack surface management, to help our shared customers build a more comprehensive view of the global threats to their businesses, better understand vulnerable internet-facing assets, and build world-class threat intelligence.
“RiskIQ helps customers discover and assess the security of their entire enterprise attack surface – in the Microsoft cloud, AWS, other clouds, on-premises, and from their supply chain. With more than a decade of experience scanning and analysing the internet, RiskIQ can help enterprises identify and remediate vulnerable assets before an attacker can capitalise on them.”
RiskIQ was founded in 2009 and has raised a total of $83 million over four rounds of funding, including a $15 million Series D round last June.
Elias Manousos, co-founder and CEO of RiskIQ, said: “The vision and mission of RiskIQ is to provide unmatched internet visibility and insights to better protect and inform our customers and partners’ security programs. Our combined capabilities will enable best-in-class protection, investigations, and response against today’s threats.
“We are joining Microsoft to extend and accelerate our reach and impact and are more committed than ever to executing our mission. We’ll work closely with our customers as we integrate RiskIQ’s complementary data and solutions with Microsoft’s Security portfolio to enable best-in-class solution attack surface visibility, threat detection, and response.”
The acquisition is one of many Microsoft has made recently in the cybersecurity space. Last year, they bought Israeli security startup CyberX, followed Internet of Things security firm ReFirm Labs last month.
