Top 10 Biggest Cybersecurity News Stories Of 2018 (So Far)

IPOs, New Execs, and Vulnerabilities Abound

2018 has thus far been a year of regulatory changes and challenges, executive and channel leadership transitions, and heavy private and public funding for cybersecurity vendors.

Money continued to flow into the industry to address the proliferating threat vectors, with five cybersecurity vendors filing for an IPO, four leading technology providers making cybersecurity acquisitions, three next-generation endpoint vendors receiving infusions of private equity, and one private equity firm acquiring a majority stake in three prominent cybersecurity firms.

The regulatory sands have also continued to shift, with new data governance rules taking effect in Europe, one vendor reporting an internal accounting probe to the U.S. Securities and Exchange Commission, and another vendor losing a lawsuit against the U.S. government.

Keep on reading to relive the biggest cybersecurity news stories of 2018.

10. Thoma Bravo Goes All In On Cybersecurity

Thoma Bravo carried out three massive cybersecurity acquisitions in the first half of 2018 alone.

The Chicago-based private equity giant kicked off the year by purchasing Campbell, Calif.-based storage and security player Barracuda Networks for $1.6 billion in February. Three months later, Thoma Bravo purchased a majority stake in LogRhythm to accelerate the Boulder, Colo.-based security information and event management vendor's operational and product development road map.

Then in July, Thoma Bravo agreed to buy from early investors a majority stake in Centrify to help the Santa Clara, Calif.-based identity management vendor expand its product capabilities both organically and through acquisitions.

9. Three Leading Endpoint Security Vendors Hold Off On IPOs -- For Now

Three late-stage next-generation endpoint security powerhouses pushed back expected public offerings by hauling in massive infusions of private funding.

TPG Growth kicked things off in May with another $175 million investment in Tanium, with proceeds to be used to buy the stock of early employees, Reuters reported at the time. The Emeryville, Calif.-based company has raised $582.8 million in nine funding rounds since its founding 11 years ago.

A month later, Sunnyvale, Calif.-based CrowdStrike received an additional $200 million in private equity funding to further accelerate global demand for the company's endpoint protection platform. CrowdStrike has hauled in $481 million in six funding rounds since being established seven years ago.

Later than same day, Irvine, Calif.-based Cylance landed an additional $120 million of outside funding to continue its global expansion and grow its portfolio of offerings. Cylance has raised $297 million in five rounds since its founding six years ago.

8. Technology Titans Make Deals To Gain Foothold In Cybersecurity

Four of the industry's leading technology providers have clawed their way into the cybersecurity ecosystem via tuck-in acquisitions.

Amazon Web Services kicked things off in January, giving its new threat detection service a shot in the arm with the $40 million purchase of Cambridge, Mass.-based cybersecurity software startup Sqrrl. Two months later, VMware bought Redwood City, Calif.-based startup E8 Security, taking hold of a technology intended to bolster recent upgrades to its Workspace ONE endpoint management platform.

Also in March, Oracle boosted the application and network protection around its cloud services by purchasing Aventura, Fla.-based security startup Zenedge. And in July, AT&T announced plans to acquire San Mateo, Calif.-based cybersecurity provider AlienVault to help the carrier expand the reach of enterprise-grade security offerings to smaller businesses.

7. Five Cybersecurity Vendors Take The Plunge And File For An IPO

The public markets have been kind to cybersecurity vendors in 2018, with five companies making plans for an IPO.

San Jose, Calif.-based rising cloud security star Zscaler kicked things off in March, raising $192 million in a Nasdaq public offering. Two months later, Waltham, Mass.-based next-generation endpoint security vendor Carbon Black hauled in $152 million in a Nasdaq public offering.

That same month, Prague, Czech Republic-based endpoint security vendor Avast raised $194.7 million in gross primary proceeds from an IPO on the London Stock Exchange. In late June, Columbia, Md.-based security and cyber-risk vendor Tenable filed to raise an expected $209 million in a Nasdaq IPO.

The following week, Herzliya, Israel-based software defined access provider Safe-T Group filed to raise an expected $8.45 million in an initial public offering.

6. McAfee Lays Off Global Channel Chief, Restructures Go-To-Market Engine

McAfee global channel chief Richard Steranka (pictured) left the company in July as part of a broader set of layoffs affecting the Santa Clara, Calif.-based organization, sources told CRN.

Steranka was one of between 12 and 15 McAfee executives let go, sources said. The layoffs impacted several people in McAfee's channel organization as well as a few people from other divisions, according to one source.

The following week, McAfee announced it was promoting consumer business leader John Giamatteo to president and chief revenue officer, where he's responsible for corporate sales, corporate marketing and customer success. The company said Giamatteo is expected to modernize McAfee's corporate go-to-market engine and improve the customer experience across all routes to market.

5. Kaspersky Moves Processes To Switzerland, Loses Lawsuit Against Feds

Kaspersky Lab in May announced plans to move a number of its core processes from Russia to Switzerland, including software assembly, threat detection updates, and customer data storage and processing for most regions.

The Moscow-based company said it will relocate to Zurich its programming tools used to assemble ready-to-use software out of source code. By the end of this year, Kaspersky's products and anti-virus databases will start to be assembled and signed with a digital signature in Switzerland before being distributed to customer endpoints worldwide.

Later that month, a federal judge dismissed Kaspersky's lawsuit challenging the U.S. government's ban on its products, meaning that the prohibition will remain in effect. The judge said the dismissal was due to a lack of standing and the fact that the government's actions don't determine guilt and inflict punishment.

4. Symantec Launches Accounting Probe After Ex-Employee Raises Concerns

Symantec in May retained independent counsel and other advisers to help investigate concerns raised by a former employee.

The Mountain View, Calif.-based platform security company said the probe concerns Symantec's reporting of some non-GAAP measures, including those that could impact executive compensation programs. The investigation comes in response to issues raised by an ex-employee, and is also looking at concerns around commentary on historical financial results, stock trading plans and retaliation.

All discretionary and performance-based compensation for the company's named executive officers is on hold pending the outcome of the Audit Committee investigation. In addition, Symantec said it doesn't expect to repurchase any of its shares during the course of the investigation.

3. Palo Alto Networks Gets New CEO, Reshuffles Channel Leadership

Palo Alto Networks selected the man who helped grow Google's search business from $2 billion to $60 billion to be its next top executive.

The Santa Clara, Calif.-based platform security giant announced in June that Nikesh Arora (pictured) would become chairman and CEO of Palo Alto Networks. Arora will replace Mark McLaughlin, who had held the CEO title for nearly seven years and moved from being chairman of the board to being vice chairman.

The following week, Palo Alto Networks announced that global channel leader Ron Myers would leave the company in August and be replaced by Americas channel chief Karl Soderlund. Soderlund joined Palo Alto Networks as vice president, Americas channels a year ago after serving as Imperva's global channel chief for one and a half years.

2. After Two Years Of Waiting, GDPR Enforcement Finally Takes Effect

Citizens and residents of the European Union obtained greater control over how their personal data is being used when the EU's General Data Protection Regulation (GDPR) rules started being enforced in late May.

The new GDPR requirements are considered to be the toughest in the world, with violators subject to fines of up to 4 percent of global revenue or 20 million euros – whichever is higher – for non-compliance. EU citizens and residents can also ask technology firms, banks, retailers or other businesses what information they hold about them, and then request for it to be deleted.

Many technology companies are rolling out GDPR-related changes beyond Europe since it's hard to determine the citizenship of people logging in to use services, extending both clearer explanations as well as new protections to U.S. citizens. However, citizens outside the European Union don't have any recourse if they still have a problem with a company's practices.

1. Spectre, Meltdown Vulnerabilities Drive Heavier Security Spending

Solution providers are witnessing customers invest in everything from endpoint detection and response to hardening production environments to combat the Meltdown and Spectre microprocessor flaws.

Sixty percent of partners expect to see an increase in their security business over the next year as a result of Spectre and Meltdown, according to an exclusive CRN survey.

Meltdown and Spectre have heightened demand for endpoint detection and response (EDR) services as clients seek to gain a better understanding of what their exposure is, as well as how to address it, according to partners. Customer interest in incident response services has peaked as many clients realize they lack the staff or capability to respond on their own if they're hit.

Businesses have also been looking to harden and isolate production environments from the server to eliminate the need for immediate patching and avoid the associated instability or performance degradation.