The 10 Biggest Security Stories Of 2016

The Year That Was In Security

Every year, cybersecurity continues to play an even bigger role in both business and consumer decisions. In 2016, new issues around the election, public-private tug of wars over encryption technologies and major attacks brought security even further into the forefront than in years past. For partners, the heightened security problems and growing awareness mean an expanding opportunity to grow their security practices going into the next year. However, the security industry is also evolving, with new markets emerging and a shift in venture capital funding patterns. With that opportunity and change in mind, take a look back at the ten biggest security stories of 2016.

(For more of our 2016 retrospective, check out 'CRN's 2016 Tech Year In Review.')

10. Startup Funding Shift

While headlines last year touted funding wins for a seemingly endless line of security startups, 2016 brought the irrationality in the security startup market partially back down to Earth. According to CB Insights, private investors put about $3.3 billion into 229 security startups last year. This year so far, the industry has seen $745 million in Q1 and $802 million in Q2 of investments in startups, or $1.5 million for the first half, according to CB Insights. While more money was funneled into security startups in the first half of 2016 compared to the first half of 2015, which saw $1.2 million in funding for security companies, executives at startups and venture capital firms say by the time it's over, 2016 will prove to be a more selective investing environment for security than the previous year. The number of mega-investment rounds was also down, with five deals well over $100 million in funding in 2015 and only three so far in 2016 (for Cylance, Mobi Magic and LogicMonitor). Analysts and venture capital investors interviewed by CRN expect this shift to continue into 2017, as companies become more rational about their security spending and startup exit opportunities continue to be slower due to a lagging tech IPO market.

9. Major Changes At FireEye

2016 has been a year of big news at FireEye. The company announced a CEO transition in May, bringing in former company President Kevin Mandia as CEO and moving Dave DeWalt to serve as executive chairman. Since coming on board, Mandia has driven a strategy that focuses on balancing innovation and growth around MVX, HX and FireEye-as-a-Service with a push towards profitability. Towards that end, FireEye announced a restructuring in August that involved 10 percent layoffs, or around 400 employees. In its most recent earnings call, CFO Michael Berry said those restructuring efforts are now complete. In November, FireEye also named former Symantec executive Bill Robbins as its new head of worldwide sales.

8. Security Spinouts

Several companies saw the value of creating a standalone security vendor, announcing the spinout of their security divisions into independent companies. Dell was the first company to do that, announcing the sale of its Dell Software division, which includes SMB network security business SonicWall, to private equity in June as it worked to finalize its acquisition of EMC. The deal closed in November, at which time SonicWall announced the appointment of Bill Conner as CEO. Intel followed shortly afterwards, announcing the spinout of Intel Security to private equity in September. After the deal is closed, Intel Security will once again take on its McAfee name and will be led by current GM and senior vice president Chris Young, who will then be CEO.

7. Rise Of The Endpoint

The pendulum has swung leading up to 2016 from a market focused on network security to one that is looking to innovate around the endpoint. That shift reached a critical inflection point this year, with startups in next-generation endpoint security reaching market maturity and most of the larger, legacy security vendors jumping in to grab share. As the market became more crowded, competition started to heat up and vendors became more outspoken about who had the best portfolio in the market. In particular, some of the legacy security vendors, including Sophos and Symantec, took shots at Cylance, which has gained particular traction as a startup in the space.

6. Optiv Closes 2016 With A Bang

Optiv Security closed out the year with a blockbuster acquisition, announcing private equity firm KKR & Co. planned to acquire a majority stake in the security solution provider, with current owner Blackstone Group maintaining a minority stake. One report put the purchase price at nearly $2 billion. CEO Dan Burns told CRN at the time that Optiv was looking to leverage the experience and resources of its new private equity ownership to build out its cloud security portfolio, as well as drive an aggressive international expansion strategy, which would include acquisitions in regions around the world. The deal is expected to close in the first quarter of 2017.

5. Symantec Buys Blue Coat Systems, LifeLock

Two of the biggest security acquisitions of the year came from the same company: Symantec. In June, Symantec disclosed plans to acquire Blue Coat Systems for a blockbuster $4.65 billion, closing the deal in August. The acquisition bolstered the company's capabilities around cloud and web security, and gave it an entirely new executive lineup, including new CEO Greg Clark. Then, in November, Symantec moved to acquire LifeLock for $2.3 billion to boost its consumer security business with identity protection and remediation services. That deal is expected to close in the first calendar quarter of 2017. Both acquisitions come as Symantec looks to re-establish itself as a standalone security vendor with a full platform of security offerings, following its sale of storage business Veritas in January.

4. The Presidential Election

While the 2016 presidential election touched many areas inside and outside technology, cybersecurity took a seat front and center, both in the debates and public discussion. Fears over hacking of the voting systems themselves also arose. The discussion brought cybersecurity once again to the forefront of the collective consciousness, with both candidates rolling out cybersecurity-specific platforms that addressed their policies on nation state attackers, cyberwarfare, privacy, and more. Those issues came to a head after hackers stole thousands of emails from the Democratic National Committee and published the contents on WikiLeaks. Election machine hacking concerns, while ultimately unfounded, were also an important discussion point, with multiple security vendors proving its possibility and lots of speculation on if a state-sponsored attack would take down the election process.

3. Yahoo Breach

In September, Yahoo confirmed reports of a breach that affected 500 million of its users, the largest number of users impacted by a single data breach to date. Yahoo said at the time it believed the hack was carried out by a state-sponsored actor. The data breach, which occurred in late 2014, has exposed certain user account information, which could include names, email addresses, telephone numbers, birthdays, hashed passwords, and in some cases, encrypted or unencrypted security questions and answers. The company added that it doesn't believe that payment card data and bank account information was among the stolen data. The timing for Yahoo was less than ideal, coming shortly after the announcement that Verizon intended to acquire the company for $4.83 billion. It is not yet clear whether the data breach will affect the acquisition or the acquisition price.

2. Dyn Attack

Internet performance management company Dyn was hit by a distributed denial-of-service (DDoS) attack in October that affected its Managed Domain Name Servers (DNS) customers and caused widespread internet outages across the East Coast, impacting prominent sites such as Amazon.com, Twitter and Spotify. The attack came largely from devices infected by the Mirai botnet – malware that spreads to vulnerable devices by continuously scanning the Internet for IoT systems protected by factory default or hard-coded usernames and passwords. Solution providers at the time said the DDoS attack validated and deepened the industry's concerns over the security risk posed by the Internet of Things.

1. Apple Vs. The FBI

The beginning of the year was dominated by a standoff between Apple and the FBI over an encrypted iPhone tied to the San Bernardino terrorist attack late last year. The law enforcement agency argued in court that it needed Apple to help open the encrypted iPhone, which would have required the creation of a new operating system and would be a task that Apple argued would create dangerous access into its customers' devices. The case ultimately came to a close when the FBI filed court papers saying it had successfully hacked into the iPhone using a third-party vendor. However, the standoff re-ignited a debate around encryption and government access to private data that will extend into next year and beyond.