The 10 Biggest Cybersecurity News Stories Of 2018

The security industry has in 2018 seen an infusion of capital to address continuing problems, with vendors tapping into the deep pockets of private equity and IPOs, and data breaches shaking two major American companies to the core.


More Money, More Problems

The cybersecurity industry has in 2018 grappled with regulatory changes and challenges, massive data breaches, executive and channel leadership transitions, and heavy private and public funding for fast-growing vendors.

Money continued to flow into the industry to address the proliferating threat vectors, with five cybersecurity vendors filing for an IPO, five up-and-coming vendors receiving at least $100 million of private equity each, three leading technology providers making major cybersecurity acquisitions, and one private equity firm acquiring a majority stake in six prominent cybersecurity firms.

The regulatory sands have also continued to shift, with new data governance rules taking effect in Europe, one vendor reporting an internal accounting probe to the U.S. Securities and Exchange Commission, another vendor losing a lawsuit against the U.S. government, and two blue-chip American companies dealing with the fallout from major data breaches.

Sponsored post

Keep on reading to relive the biggest cybersecurity news stories of 2018.

10. Kaspersky Moves Processes To Switzerland, Loses Lawsuit Against Feds

Kaspersky Lab in May announced plans to move a number of its core processes from Russia to Switzerland, including software assembly, threat detection updates, and customer data storage and processing for most regions.

The Moscow-based company said in November that all threat-related data shared by European users is now being processed in two data centers located in Zurich, Switzerland. Kaspersky also opened its first Transparency Center in Zurich, enabling governments and partners to access reviews of the company’s code, software updates and threat detection rules.

In late May, a federal district court judge dismissed Kaspersky's lawsuit challenging the U.S. government's ban on its products due to a lack of standing and the fact that the government's actions don't determine guilt and inflict punishment. A federal appeals court judge upheld the ruling in favor of the U.S. government on Nov. 30.

9. Cybersecurity IPOs Abound In 2018, With More Possibly To Come

San Jose, Calif.-based rising cloud security star Zscaler kicked off the IPO spree in March, raising $192 million in a Nasdaq public offering. Two months later, Waltham, Mass.-based next-generation endpoint security vendor Carbon Black hauled in $152 million in a Nasdaq public offering.

That same month, Prague, Czech Republic-based endpoint security vendor Avast raised $194.7 million in gross primary proceeds from an IPO on the London Stock Exchange. In late June, Columbia, Md.-based security and cyber-risk vendor Tenable filed to raise an expected $209 million in a Nasdaq IPO. And in August, Herzliya, Israel-based software defined access provider Safe-T Group raised $7.3 million in a Nasdaq public offering.

Two months later, Reuters reported that Sunnyvale, Calif.-based endpoint security vendor CrowdStrike had hired Goldman Sachs to prepare for an IPO in the first half of 2019 with a valuation in excess of $3 billion. The following week, Reuters said San Francisco-based web performance and security vendor Cloudflare has brought in Goldman Sachs to lead an H1 2019 IPO with a valuation exceeding $3.5 billion.

8. Five Cybersecurity Vendors Secure Six-Figure Funding Rounds

Tanium kicked off the major funding activity in May with a $175 million round led by TPG Growth, and followed that up in October with a $200 million funding round led by Wellington Capital, bringing the Emeryville, Calif.-based company's overall haul to $782.8 million since being founded 11 years ago.

In June, CrowdStrike received an additional $200 million in private equity funding, bringing the Sunnyvale, Calif.-based company's overall haul to $481 million since being established seven years ago. Later that same day, Cylance got an additional $120 million from Blackstone Tactical Opportunities, bringing the Irvine, Calif.-based company's overall haul to $297 million since being founded six years ago.

Five months later, Netskope landed $168.7 million in a round led by Lightspeed Venture Partners, bringing the Santa Clara, Calif.-based vendor's haul to $400.1 million since being established six years ago. And later in November, Venafi received $100 million in a round led by TCV, bringing the Salt Lake City -based company's overall haul to $167.2 million since being founded 14 years ago.

7. Thoma Bravo Takes Majority Stake In Six Cybersecurity Vendors

Thoma Bravo started its year by acquiring Campbell, Calif.-based storage and security player Barracuda Networks for $1.6 billion in February. Three months later, Thoma Bravo purchased a majority stake in LogRhythm to accelerate the Boulder, Colo.-based security information and event management vendor's operational and product development road map.

In July, Thoma Bravo agreed to buy from early investors a majority stake in Centrify to help the Santa Clara, Calif.-based identity management vendor expand its product capabilities both organically and through acquisitions. Three months later, Centrify agreed to spin off its Identity-as-a-Service business into a stand-alone company called Idaptive, which will also be owned by Thoma Bravo.

The following day, Thoma Bravo agreed to acquire Redwood Shores, Calif.-based application and data protection vendor Imperva for $2.1 billion. Then in November, Thoma Bravo announced its intent to buy Burlington, Mass.-based application security testing vendor Veracode from Broadcom for $950 million.

But the biggest move could still be to come, with Reuters reporting in November that Thoma Bravo has approached Symantec to express interested in purchasing the Mountain View, Calif.-based platform security behemoth.

6. Technology Titans Make Three Big Cybersecurity Buys

Three major technology players made moves to gain more of a foothold in cybersecurity in 2018 by undertaking significant acquisitions. AT&T kicked things off in July when it unveiled plans to acquire San Mateo, Calif.-based cybersecurity provider AlienVault to help the carrier expand the reach of enterprise-grade security offerings to smaller businesses.

A month later, Cisco Systems agree to acquire Duo Security for $2.35 billion to help the networking behemoth obtain a presence in the fast-growing unified access security and multifactor authentication markets. Cisco wants to integrate Ann Arbor, Mich.-based Duo's offering with its cloud security platform to help customers connect securely to any application over any networked device.

Then in November, BlackBerry agreed to purchase Irvine, Calif.-based endpoint security startup Cylance for $1.4 billion to better predict and prevent known and unknown threats to endpoints. The deal will provide BlackBerry with access to a pioneer in applying artificial intelligence, algorithmic science, and machine learning to cybersecurity scenarios.

5. Palo Alto Networks Gets New CEO, President, Global Channel Chief

Palo Alto Networks in June selected Nikesh Arora (pictured)—who helped grow Google's search business from $2 billion to $60 billion—to be its next chairman and CEO. Arora replaced Mark McLaughlin, who had held the CEO title for nearly seven years.

The following week, Palo Alto Networks announced that global channel leader Ron Myers would leave the company in August and be replaced by Americas channel chief Karl Soderlund. Soderlund joined Palo Alto Networks as vice president, Americas channels in 2017 after serving as Imperva's global channel chief for one and a half years.

Four months later, Palo Alto Networks brought in Amit Singh–the leader responsible for growing Google Cloud into a multibillion-dollar business–to be its next president. Singh replaced Mark Anderson, who had been with the company for six and a half years and served as president since August 2016.

4. Symantec Grapples With Exec Departures, Accounting Probe, Activist Investor

Symantec in August announced plans to cut its 11,000-person staff by up to 8 percent as part of a $50 million restructuring plan. In November, the company said that President and COO Michael Fey had resigned from his post, with Bloomberg reporting that CMO Michael Williams and Bradon Rogers, senior vice president of the go-to-market team, had also left the firm. Symantec declined to comment on the report.

The Mountain View, Calif.-based platform security vendor in September finished its internal probe into concerns raised by a former employee and deferred $12 million of revenue that had been recognized in the quarter ended March 2018. The probe identified certain behavior inconsistent with the company's code of conduct, and referred the matter to Symantec for appropriate action.

Also in September, Symantec reached an agreement with activist investor Starboard Value to name three new independent members to its board of directors. Starboard said in an August regulatory filing that it believes that shares of Symantec were undervalued at the time of purchase, and that it hopes to change the makeup of Symantec's board to unlock more value.

3. Spectre, Meltdown Vulnerabilities Drive Heavier Security Spending

Solution providers are witnessing customers invest in everything from endpoint detection and response to hardening production environments to combat the Meltdown and Spectre microprocessor flaws.

Sixty percent of solution providers expect to see an increase in their security business over the next year as a result of Spectre and Meltdown, according to an exclusive CRN survey.

Meltdown and Spectre have heightened demand for endpoint detection and response (EDR) services as customers seek to gain a better understanding of what their exposure is, as well as how to address it, according to solution providers. Customer interest in incident response services has peaked as many businesses realize they lack the staff or capability to respond on their own if they're hit.

Businesses have also been looking to harden and isolate production environments from the server to eliminate the need for immediate patching and avoid the associated instability or performance degradation.

2. After Two Years Of Waiting, GDPR Enforcement Finally Takes Effect

Citizens and residents of the European Union obtained greater control over how their personal data is being used when the EU's General Data Protection Regulation (GDPR) rules started being enforced in late May.

The new GDPR requirements are considered to be the toughest in the world, with violators subject to fines of up to 4 percent of global revenue or 20 million euros–whichever is higher–for noncompliance. EU citizens and residents can also ask technology firms, banks, retailers or other businesses what information they hold about them, and then request for it to be deleted.

Many technology companies are rolling out GDPR-related changes beyond Europe since it's hard to determine the citizenship of people logging in to use services, extending both clearer explanations as well as new protections to U.S. citizens. However, citizens outside the European Union don't have any recourse if they still have a problem with a company's practices.

1. Massive Data Breaches At Facebook, Marriott Unnerve Industry

Facebook disclosed in September that hackers had exploited a vulnerability in the social media giant's code to potentially take over nearly 50 million people's accounts. The Menlo Park, Calif.-based company said the vulnerability allowed threat actors to steal Facebook access tokens, which they could use to take over people's accounts.

Two months later, Marriott International disclosed that password numbers and payment card information have been compromised due to a breach of the Starwood guest reservation database. The hotel chain determined that the information accessed includes data on as many as 500 million guests who had made a reservation at a Starwood property.

Reuters reported in December that hackers behind the breach left clues suggesting they were working for a Chinese government intelligence gathering operation. A Chinese foreign affairs spokesman said relevant departments will carry out investigations into the matter if they are offered evidence.