Friday, 20 December 2013

36 Cyber Security Acquisitions and Investments from the Last Quarter of 2013!

Merry Xmas and a Happy New Year!

Wednesday, 27 November 2013

Acquisition follows series A for PasswordBox

Password management software company PasswordBox appears to have quickly spent some of its recent $6M funding on acquiring a complementary offering. 'Legacy Locker' is a digital afterlife service that – should you pass on without passing on your passwords – grants access to your online assets to friends and loved ones.

And not long after PasswordBox reached the million user landmark too. Definitely one worth tracking.

Friday, 8 November 2013

HyTrust buys High Cloud for ... Cloud Security

Or as GigaOm puts it - the land grab for cyber security rages on. HyTrust, a provider of products to secure virtual environments, has bought HighCloud Security, a specialist in encryption and key management. HyTrust has previously received some $29m dollars in VC.

Friday, 1 November 2013

Intellectual Ventures demands $310m for Cyber Security patent fees

Intellectual Ventures, the notable patent troll, is demanding $310m from Symantec and Trend Micro for the use of patents it has the rights to, according to Computer Business Review . I should imagine this will strke fear in a lot of cyber security companies.

I am not sure about their defence though, based on the idea that a patent acquired for less than a million dollars could not be worth so much. Until the legal process is resolved this may, however, raise the price of cyber security patents on the market.

Thursday, 24 October 2013

Bromium raises $40m for secure micro virtual machines

According to my database this is the largest startup investment in cyber security since FireEye raised $50m back in January.

Sunday, 15 September 2013

Cyber Security Start-up Accelerator Launched

The MACH37™ Cyber Accelerator has been set up at the Centre for Innovative Technology at Virginia Tech. It is modelled on existing accelerators, such as Y Combinator, TechStars and 500 Startups, but specializes in cyber security start-ups. A number of new companies were announced as the first intake, and benefiting from a $2.5m investment.

Wednesday, 4 September 2013

Software and Network Security Patent Portfolio Acquisition Opportunities

Security related patent portfolios for sale from ICAP patent brokerage. The assets available for sale disclose innovations including:
•Message Authentication
•Gesture Recognition System
•Secure Data Access
•and more
Read more:

Friday, 23 August 2013

A universal client-based identity management tool?

Royal Holloway has announced that their Information Systems Security Group (ISSG, as it is widely known) has launched new technology to protect against password theft and phishing attacks. The technology is dubbed Uni-IDM but the only real information about it is provided through a link to a paper on one of the author's personal web site. However, the paper, by Chris Mitchell and Haitham Al-Sinani, does seem to have been peer reviewed, having been published at EuroPKI 2011. In an interview on slashdot, "Digital IDs Designed to be More Secure Than Passwords", Professor Mitchell is reported to be aiming to develop an open source prototype, though he offered no schedule for when that might happen.

Let's hope it's soon. The rationale for the work looks spot on - it does not involve proposing any new cryptographic protocols or inrastructures, but wants to make existing systems resistant to phishing, as well as privacy-enhancing through an explicit user consent procedure. They propose 'IDSpace' as an architecture for a client-based ID management tool that operates in conjunction with a client web browser. The paper is worth a read if you are interested in ID management.

Wednesday, 7 August 2013

APT fighter FireEye files for $175M IPO

FireEye, a Californian company that was started up in 2004 by a former Sun Microsystems engineer, has raised around $100 million from venture firms, including $50 million earlier this year. Its SEC filing reveals that it has more than 900 employees. It seems quite rare to see an IPO for a cyber security company, especially one that is 9 years old. I think FireEye have hit the big time with their focus on Advanced Persistent Threats. The fight against APTs required a radical re-think of optimal security measures.

Friday, 14 June 2013

Accumuli accumulates another cyber security company

Accumuli, a serial acquirer of early stage cyber security companies, has announced another UK acquisition, Cambridge-based Signify Solution. Signify is a managed service provider of hosted two factor authentication solutions.

Accumuli announces acquisition of Signify Solutions
Also see:
Signify win 'Best Remote Access Security' at SC Awards 2013

Tuesday, 21 May 2013

Vasco acquires Cronto for secure online transactions

There's a coincidence! In my post before last I commented on the release by Cronto of a new system to combat online banking fraud. Barely a month later and Cronto, a Cambridge University spin-out, has been acquired by Vasco.

Friday, 3 May 2013

Cassidian Acquires Another Network Security Company

It seems there is a race on. Which big defence company can hoover up the right cyber security SMBs?

Cassidian Acquires Cyber Expert Arkoon Network Security - Defense World:

Thursday, 18 April 2013

Cambridge uni spinout technology to combat online banking trojans

New system to combat online banking fraud: A security solution from a Cambridge University spin-out which protects against 'man-in-the-browser' trojans is being rolled-out by two German banks. The system works with the bank web site sending a 2d barcode-style picture that contains the transaction information. The user decodes it with a mobile app, or dedicated device, which also generates a transaction authentication code for the user to enter to confirm the transaction.

I've long thought that smartphones would be the route to secure transactions over the internet. Using them as out-of-band communication routes for passcodes, or validation checks, has security potential but means the user must have a mobile connection. Attacks on this mode have already been developed.

You can try out the CrontoSign technology by downloading the CrontoSign mobile app for iOS or Android devices and try it with a demo account at

Friday, 12 April 2013

Inside Adastral: BT's Belgium-sized broadband boffinry base

An interesting report from 'The Register' about BT's Adastral Park - where our security futures practice, in BT Research and Technology, is based. BT is working on plans to create 2,000 new jobs and provision for up to 2,000 homes by 2025, by opening up areas of Adastral Park as a science campus. The idea is to create a Suffolk research centre - a regenerated research and development facility that encourages the growth of an ICT cluster in Suffolk.

Wednesday, 6 March 2013

Latest security investments benefit SMEs and parents

Spanish startup, Qustodio, raises $1m to allow parents to monitor Facebook chats and searches, as well as view browsing histories and which applications have been opened in a given session on their childrens devices. There is one dashboard for parents to control all devices, which may include tablets, smartphones, and home computers per child.

And Quorum pulls in $11M to help small businesses recover from hardware failure.

Saturday, 2 March 2013

HyTrust Wins Major Patents For Automated Cloud Security And Virtual Infrastructure Management

HyTrust Awarded Patents For Automated Cloud Security And Virtual Infrastructure Management: Patents relate to automated risk mitigation and compliance in virtualized infrastructure, and the adoption of multi-tenant clouds. I see a battle looming over cloud patents - everyone wants to carve out a piece of the action.

Wednesday, 27 February 2013

Remotium Wins Most Innovative Security Company at RSA Conference

Startup Remotium was named the Most Innovative Company at the start of the RSA Conference on Monday. Unsurprisingly it's a security technology for mobiles addressing the bring-your-own-device (BYOD) trend. It runs mobile applications on public or private clouds, and streams the visualization elements to the device so that enterprise data is never stored on it. Return of the thin-client?

The company has apparently not yet raised any venture funding.

Thursday, 21 February 2013

Startup Red Balloon Security to Protect Printers and Other Devices

The MIT review reports on a startup aiming to protect printers, phones, and other devices from hackers. It will announce the first device running its defensive code this week. This is an important development. Embedded devices are typically poorly protected, run legacy software and are rarely designed to be patched. They are inviting targets for advanced persistent threats, as we saw with Stuxnet.

Tuesday, 12 February 2013

Nok Nok! Who's there? No more passwords!

Yet another startup, Nok Nok Labs, is hoping to sway users away from insecure passwords. It has developed a security protocol that asks end users to substitute stronger authentication tools such as fingerprints and voice recognition, for usernames and passwords.
Named after the classic knock-knock joke, Nok Nok Labs' CEO was a founder of well respected encryption company PGP. Nok Nok has apparently taken $15 million in venture capital.

Monday, 21 January 2013

New approach to CAPTCHA - with ads!

Minteye, an Israeli start-up has come up with a new form of CAPTCHA - those annoying squiggly alphanumeric patterns that supposedly allow a web site to be sure that the user is human. What's more it has a business model attached to it. Minteye's variant is known as SLIDING CAPTCHA. The user adjusts a slider until a distorted image looks like something recognisable. The business angle is to include adverts in the human resolved image. Whether it is taken up will probably depend a lot on how well it can discriminate the human user but sometimes a good business model will trump security in the market. However, only last week it seems a short Python script was concocted to defeat it. But these things can never be perfect. And if a machine ever passes the Turing test how can CAPTCHAs hope to work?

Friday, 11 January 2013

10 Signs You’ve Been Working In Information Security Too Long

10 Signs You’ve Been Working In Information Security Too Long
When your mum calls you ask her three security questions to verify her identity;
Your pet’s name consists of at least 20 characters, and contains a mix of numbers, uppercase letters, and at least one special character;
Sometimes you can’t understand your own thoughts because they are encrypted.

You get the idea!

Wednesday, 9 January 2013

12 Must-Watch Security Startups for 2013 from

12 Must-Watch Security Startups for 2013 - an interesting selection of mainly cloud-based security and security monitoring technologies. Some, although still in stealth mode, have already picked up significant investment.