Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Cloud

11/16/2018
03:30 PM
Connect Directly
Twitter
LinkedIn
Google+
RSS
E-Mail
50%
50%

BlackBerry Doubles Down on Security in $1.4B Acquisition of Cylance

BlackBerry aims to bring Cylance artificial intelligence and security tools into its software portfolio.

BlackBerry has agreed to buy endpoint security firm Cylance for $1.4 billion cash in a deal expected to close before February 2019, the two companies announced today.

Once famous for its keyboarded smartphones, BlackBerry has since pivoted to enterprise software. The acquisition of artificial intelligence-based threat prevention firm Cylance is BlackBerry's largest buy in seven years, according to Bloomberg data, and it signifies BlackBerry is pushing further to add security and AI to its portfolio. Execs indicate Cylance will also help BlackBerry with IoT security as it focuses on connected devices.

Cylance was founded in 2012 by co-founders Stuart McClure, chairman and CEO, and Ryan Permeh, chief scientist. The Irvine, Calif.-based company applies artificial intelligence, algorithms, and machine learning to proactively identify threats without using signatures. Its idea is to detect "unknown unknowns" at the endpoint before they cause damage.

This year has been a busy one for Cylance, which announced a $120 million Series E funding round in June 2018 and reported annual revenues exceeding $130 million for the 2018 fiscal year. The company has raised a total of $297 million in funding over five rounds and reportedly has 3,500 active enterprise customers, including more than 20% of the Fortune 500.

Cylance was headed for an IPO before BlackBerry swooped in to make an offer, executives reported on a media conference call today. McClure said the reason behind its decision lay in BlackBerry's application of security into embedded and mobile technology. He sees an intersection between Cylance, which focuses on detection and prevention for endpoints and servers, and BlackBerry, which aims to secure a broad range of devices.

When looking at the company's mission and discuss where cyberattacks go, McClure said, they target cloud, mobile, endpoint, IoT, and embedded systems. "Wherever there is a target for an adversary … you're going to have an adversary," he noted. The BlackBerry acquisition will bring Cylance's technology to a wide range of devices and platforms.

John Chen, BlackBerry's executive chairman and CEO, expects Cylance will complement several aspects of its portfolio, most notably Unified Endpoint Management (UEM) and QNX, an operating system intended for embedded systems, particularly connected and self-driving cars.

"One area I think we're going to have a strong influence [in] is transportation," said Chen on the call, adding that 120M cars today use BlackBerry's embedded technology. He explained how UEM and Cylance tech will both be introduced into the connected vehicle space.

Chen also pointed to opportunities within the enterprise of things (EoT) and said Cylance's capabilities will be a "big, big help to making this platform a reality." It seems BlackBerry plans to integrate AI and machine learning into BlackBerry Spark, its platform for connecting the EoT.

In terms of cross-selling opportunities for BlackBerry, Chen said the company would like to get into the Cylance customer base by providing security solutions for device management and application management in the mobile world – a shift from Cylance's focus on PCs and laptops.

Following the deal's close, BlackBerry expects Cylance will operate as a separate business unit within BlackBerry Limited. Read more details in its press release on the news.

Related Content:

 

Black Hat Europe returns to London Dec 3-6 2018  with hands-on technical Trainings, cutting-edge Briefings, Arsenal open-source tool demonstrations, top-tier security solutions and service providers in the Business Hall. Click for information on the conference and to register.

Kelly Sheridan is the Staff Editor at Dark Reading, where she focuses on cybersecurity news and analysis. She is a business technology journalist who previously reported for InformationWeek, where she covered Microsoft, and Insurance & Technology, where she covered financial ... View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
7 Truths About BEC Scams
Ericka Chickowski, Contributing Writer,  6/13/2019
DNS Firewalls Could Prevent Billions in Losses to Cybercrime
Curtis Franklin Jr., Senior Editor at Dark Reading,  6/13/2019
Can Your Patching Strategy Keep Up with the Demands of Open Source?
Tim Mackey, Principal Security Strategist, CyRC, at Synopsys,  6/18/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Building and Managing an IT Security Operations Program
As cyber threats grow, many organizations are building security operations centers (SOCs) to improve their defenses. In this Tech Digest you will learn tips on how to get the most out of a SOC in your organization - and what to do if you can't afford to build one.
Flash Poll
The State of IT Operations and Cybersecurity Operations
The State of IT Operations and Cybersecurity Operations
Your enterprise's cyber risk may depend upon the relationship between the IT team and the security team. Heres some insight on what's working and what isn't in the data center.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-3896
PUBLISHED: 2019-06-19
A double-free can happen in idr_remove_all() in lib/idr.c in the Linux kernel 2.6 branch. An unprivileged local attacker can use this flaw for a privilege escalation or for a system crash and a denial of service (DoS).
CVE-2019-3954
PUBLISHED: 2019-06-19
Stack-based buffer overflow in Advantech WebAccess/SCADA 8.4.0 allows a remote, unauthenticated attacker to execute arbitrary code by sending a crafted IOCTL 81024 RPC call.
CVE-2019-10085
PUBLISHED: 2019-06-19
In Apache Allura prior to 1.11.0, a vulnerability exists for stored XSS on the user dropdown selector when creating or editing tickets. The XSS executes when a user engages with that dropdown on that page.
CVE-2019-11038
PUBLISHED: 2019-06-19
When using gdImageCreateFromXbm() function of gd extension in versions 7.1.x below 7.1.30, 7.2.x below 7.2.19 and 7.3.x below 7.3.6, it is possible to supply data that will cause the function to use the value of uninitialized variable. This may lead to disclosing contents of the stack that has been ...
CVE-2019-11039
PUBLISHED: 2019-06-19
Function iconv_mime_decode_headers() in versions 7.1.x below 7.1.30, 7.2.x below 7.2.19 and 7.3.x below 7.3.6 may perform out-of-buffer read due to integer overflow when parsing MIME headers. This may lead to information disclosure or crash.