10 Security Companies To Watch In 2018

Changing Of The Seasons

Many of the cybersecurity industry's most prominent vendors will have their hands full in 2018 integrating major acquisitions, adjusting to a new private equity owner, or managing through a major turnover in personnel.

The coming year will bring continued scrutiny to Kaspersky Labs over alleged ties to the Russian government, provide McAfee with a golden opportunity to move full-bore into cloud security, and leave companies like Netskope, Carbon Black and Tanium with major decisions around an initial public offering.

From Barracuda returning to private ownership to Optiv attempting to find its footing under new private equity owners, here is CRN's look at what solution providers can expect for security firms in the coming year.

Amazon Web Services

Yes, Amazon Web Services is now a cybersecurity company.

AWS in late November launched Amazon GuardDuty, an intelligent threat detection service focused on protecting AWS accounts and workloads. Customers using GuardDuty already include GE, Netflix, Autodesk, Twillo, Webroot and Mapbox, Amazon said.

Amazon was reported in December to be in talks to acquire cybersecurity software company Sqrrl Data for just over $40 million, according to Axios. Sqrrl was founded by ex-NSA employees, and analyzes big data to hunt cyberthreats, helping companies identify and address them faster.

AWS is today a Sqrrl technology partner, and Sqrrl's technology could provide a major boost to Amazon's new threat detection service if the deal goes through.

Barracuda Networks

Barracuda Networks will return to private ownership in winter 2018 when private equity powerhouse Thoma Bravo purchases the company for $1.6 billion. Thoma Bravo said it had been impressed by Barracuda's ability to bring comprehensive offerings to customers in an increasingly hostile and complex threat environment.

Barracuda filed for an initial public offering in November 2013, just one year after landing BJ Jenkins as its CEO. The company was founded as a security appliance vendor in 2003, and expanded its offerings into the storage market in 2009 with the acquisition of Yosemite Technologies.

One of Barracuda's final moves as a publicly traded company was its November acquisition of public cloud archiving provider Sonian. The deal will help customers meet increased demand for compliance, analytics, and email security and management capabilities, according to Barracuda.

Carbon Black

Rumors continue to swirl around an initial public offering from Caron Black, with the Boston Business Journal reporting in November that the company plans to go public in 2018.

The company landed some key executives late in the year, tapping Microsoft veteran Victor Gureghian Baez in November to lead its channel operations as the company looks to strengthen its international footprint and better leverage IT distribution.

One month later, Carbon Black brought over Cate Lochead over from MariaDB to serve as senior vice president of marketing, where she'll support the company's global expansion and drive awareness around Carbon Black's converged endpoint protection platform.


In its second year after launching into the market, Forcepoint made a pair of acquisitions, purchasing the cloud access security broker division of Imperva in February and security analytics company RedOwl in August.

Forcepoint in early 2017 rolled out a new strategy that focuses on intellectual property and asset protection rather than security infrastructure, and realigned its business into four units: cloud security, network security, data and insider threat security, and global governments.

The company's growth has not been without a few bumps in the road, though. Sources told CRN in February that the company's reorganization included layoffs in the regional sales teams as Forcepoint moved to a model more focused on inside sales reps based in Texas.

Kaspersky Lab

No cybersecurity vendor came under more scrutiny in 2017 than Kaspersky Lab, which in December had its software banned from the U.S. government's civilian and military networks. The bill came after months of pushback against Kaspersky over alleged ties to the Russian government, which the company has vehemently denied.

Kaspersky has in recent months launched a full-scale counterattack, filing a lawsuit against the Trump administration in late December alleging that the company wasn't provided with adequate due process to rebut the allegations, and challenging the ban as unconstitutional and dependent on subjective, non-technical sources.

The month before, Kaspersky said an internal investigation found its servers received confidential National Security Agency files from an employee's computer, but said that had happened as part of an investigation into malicious code on the machine and wasn't a result of collusion with Russia. CEO Eugene Kaspersky ordered that the classified data be deleted from the computer, the company said.


McAfee re-emerged as a stand-alone vendor in 2017 and placed a huge bet on cloud security. The split from Intel essentially undid the vendor's $7.7 billion acquisition in 2010, and has resulted in a 51 percent stake of the company being owned by private equity firm TPG Capital.

Sources told CRN in August that McAfee carried out a round of layoffs across the company that included cuts to the firm's channel team. A McAfee spokesperson confirmed the reductions, and said they affected less than 10 percent of the company's overall workforce.

One of McAfee's most vital challenges in 2018 will be figuring out how to most effectively harness the capabilities of leading cloud access security broker Skyhigh Networks, which it agreed to acquire in November. The combined company will enable customers to modernize their cybersecurity environments while protecting data as it moves into the cloud, said McAfee CEO Chris Young.


The stand-alone cloud access security broker (CASB) has been disappearing at a rapid clip, with Cisco, Oracle, Proofpoint, Forcepoint and McAfee gobbling up CloudLock, Palerra, FireLayers, Imperva's Skyfence division and Skyhigh Networks over the past 18 months.

These acquisitions have left Netskope as one of the largest pure-play CASBs still standing. But Netskope CEO Sanjay Beri was insisting to CRN as recently as this summer that they "have never wanted and will never want to be acquired."

Remaining independent has in no way curtailed Netskope's access to capital, with the company in June announcing $100 million of Series E money in what the company said is likely to be its final venture funding round. Beri told TechCrunch in June that the company "wants to remain stand-alone and on the IPO path."


Optiv leveraged the deep pockets of new private equity owner KKR & Co. to make two acquisitions in mid-November, buying Conexsys to expand its geographic reach into Canada and purchasing Decision Lab to bolster its capabilities around big data, automation and orchestration services.

But the ownership transition has also resulted in executive turnover and layoffs at the company, No. 27 on the 2017 CRN Solution Provider 500. At least nine vice president-level executives left Optiv in the first half of 2017, with sources telling CRN the departures were due to factors including recent compensation changes for the executive staff and increased pressure for higher sales targets.

In November, Optiv laid off around 40 people, or 2 percent of its total workforce, and saw its Executive Vice President of Worldwide Client Solutions Tim Hoffman step down, according to The Information.


Symantec has put more chips on the table since acquiring Blue Coat Systems in late 2016, purchasing secure virtual private network maker SurfEasy in November for $38.5 million. SurfEasy had already been powering Symantec's Norton Wi-Fi VPN product, and will become part of Symantec's Consumer Business Unit.

The company has also seen a number of leadership transitions, with executives from the Blue Coat business increasingly taking control over more and more of the combined company's functions. To wit, Blue Coat executives have assumed the CEO, president, COO, CFO, head of worldwide sales, head of sales for the Americas, head of Americas channels, and head of global partner sales roles in the firm.

The latest departure occurred in December when John Sorensen, a 12-year Symantec veteran and senior vice president of worldwide SMB sales and global cloud channel, left the company. A legacy Blue Coat executive has been tapped to fill Sorensen's role as well, according to a source familiar with the situation.


Tanium has also been rumored to be a prime candidate for an initial public offering, but the company instead in May moved ahead with secondary share sales, allowing its co-founder, early investors and employees to cash out $100 million worth of stock.

The largest buyer of stock was private equity firm TPG, with late-stage venture firm IVP and others buying in at smaller amounts. Half of the sale proceeds will go to David Hindawi, Tanium’s co-founder, executive chairman and father of CEO Orion Hindawi, who said he wants the money for charity.

Hindawi told City A.M. in September that the secondary share sales were an interim solution for liquidity, not a long-term one, and that going public will eventually be the right thing for the company to do.