36 Cyber Security Acquisitions and Investments from the Last Quarter of 2013!

Merry Xmas and a Happy New Year!

1.       Datacard Group to Acquire Entrust Inc.

2.       Blue Coat snaps up anti-malware firm Norman Shark

3.       LifeLock Acquires Mobile Wallet Platform Lemon For $42.6 Million

4.       Mocana Receives Strategic Investment from GE Ventures

5.       Babcock International Group PLC Acquires Context Information Security

6.       Finjan to invest millions in new Israeli cyberfund

7.       Ixia Set To Expand Network Visibility Business With Acquisition Of Net Optics

8.       Cloud Security and App Ventures sign asset purchase agreement

9.       InsiderSpyder to Commercialize MITRE 'insider threat' technology  

10.   Openwave Messaging Acquires Critical Path

11.   Brazilian Antivirus Startup PSafe Raises $30M Series C From China’s Qihoo 360 And Redpoint e.ventures | TechCrunch

12.   Akamai buys DDOS protection company Prolexic

13.   After Passing 1M+ Users, PasswordBox Closes $6M Series A To Scale Its Team & Hook Into Biometrics | TechCrunch

14.   Israeli Checkmarx raises $8M | GeekTime

15.   Box acquires dLoop for data security and analytics

16.   Oracle ehances BYOD capabilities with Bitzer Mobile acquisition - 18 Nov 2013 - Computing News  

17.   Traklight Receives Loan From the Arizona Innovation Accelerator Fund

18.   Trend Micro acquires advanced persistent threat defender Broadweb

19.   Acquisition of NanoSight LTD | Spectris Plc

20.   IBM to Acquire Fiberlink Communications - Mobile Management and Security

21.   Trustwave Acquires Application Security Inc

22.   Chicago data security firm Trustwave buys Application Security - chicagotribune.com

23.   HyTrust buys HighCloud as security land grab rages on — Tech News and Analysis

24.   AccessData Raises $45M for First Investment in its 25 Year History

25.   j2 Global(R) , Inc. Acquires UK Email Security and Management Business EPA Cloud - WSJ.com

26.   Verint to acquire Victrio - SecurityInfoWatch.com

27.   PhishMe Raises $2.5M Series A Funding

28.   Wisekey raises further investment for mobile security

29.   Thetaray gets investment from GE

30.   Cloud Data Protection Startup PerspecSys Lands $12M - Datamation

31.   Security startup Bromium raises $40 million - Silicon Valley Business Journal  

32.   Project A backs encryption startup ZenGuard

33.   The Daily Startup: Sqrrl Nabs Funding for NSA-Secure Database  

34.   F5 on its acquisition of 'natural fit' Versafe: Clientless security is the way forward | ZDNet

35.   Untangle acquires network security firm

36.   OneLogin secures $13m to expand in US, Europe and Asia-Pacific - Computer Business Review

Acquisition follows series A for PasswordBox

Password management software company PasswordBox appears to have quickly spent some of its recent $6M funding on acquiring a complementary offering. 'Legacy Locker' is a digital afterlife service that – should you pass on without passing on your passwords – grants access to your online assets to friends and loved ones.

And not long after PasswordBox reached the million user landmark too. Definitely one worth tracking.

HyTrust buys High Cloud for ... Cloud Security

Or as GigaOm puts it - the land grab for cyber security rages on. HyTrust, a provider of products to secure virtual environments, has bought HighCloud Security, a specialist in encryption and key management. HyTrust has previously received some $29m dollars in VC.

Intellectual Ventures demands $310m for Cyber Security patent fees

Intellectual Ventures, the notable patent troll, is demanding $310m from Symantec and Trend Micro for the use of patents it has the rights to, according to Computer Business Review . I should imagine this will strke fear in a lot of cyber security companies.

I am not sure about their defence though, based on the idea that a patent acquired for less than a million dollars could not be worth so much. Until the legal process is resolved this may, however, raise the price of cyber security patents on the market.

Bromium raises $40m for secure micro virtual machines

According to my database this is the largest startup investment in cyber security since FireEye raised $50m back in January.

Cyber Security Start-up Accelerator Launched

The MACH37™ Cyber Accelerator has been set up at the Centre for Innovative Technology at Virginia Tech. It is modelled on existing accelerators, such as Y Combinator, TechStars and 500 Startups, but specializes in cyber security start-ups. A number of new companies were announced as the first intake, and benefiting from a $2.5m investment.

Software and Network Security Patent Portfolio Acquisition Opportunities

Security related patent portfolios for sale from ICAP patent brokerage. The assets available for sale disclose innovations including:
•Message Authentication
•Gesture Recognition System
•Secure Data Access
•and more
Read more: http://www.digitaljournal.com/pr/1448042#ixzz2dvVsESYD

A universal client-based identity management tool?

Royal Holloway has announced that their Information Systems Security Group (ISSG, as it is widely known) has launched new technology to protect against password theft and phishing attacks. The technology is dubbed Uni-IDM but the only real information about it is provided through a link to a paper on one of the author's personal web site. However, the paper, by Chris Mitchell and Haitham Al-Sinani, does seem to have been peer reviewed, having been published at EuroPKI 2011. In an interview on slashdot, "Digital IDs Designed to be More Secure Than Passwords", Professor Mitchell is reported to be aiming to develop an open source prototype, though he offered no schedule for when that might happen.

Let's hope it's soon. The rationale for the work looks spot on - it does not involve proposing any new cryptographic protocols or inrastructures, but wants to make existing systems resistant to phishing, as well as privacy-enhancing through an explicit user consent procedure. They propose 'IDSpace' as an architecture for a client-based ID management tool that operates in conjunction with a client web browser. The paper is worth a read if you are interested in ID management.

 

APT fighter FireEye files for $175M IPO

FireEye, a Californian company that was started up in 2004 by a former Sun Microsystems engineer, has raised around $100 million from venture firms, including $50 million earlier this year. Its SEC filing reveals that it has more than 900 employees. It seems quite rare to see an IPO for a cyber security company, especially one that is 9 years old. I think FireEye have hit the big time with their focus on Advanced Persistent Threats. The fight against APTs required a radical re-think of optimal security measures.

This Month's Cyber Security Investments and Acquisitions

Acquisitions, and several start-ups raising significant funds - here are the ones I came across this month:

'MobileSpaces' raises $8.6m for Enterprise security for mobiles

RiskIQ raises $10m for web security

Facebook acquires UK software testing firm

Cisco acquires Sourcefire

Seculert Raises $10M For Anti-Botnet Cure

RSA acquires Aveksa

Symantec snaps up Spanish single sign-on provider PasswordBank

Ping Identity Raises $44 Million For Next-Gen Identity Management

Accumuli accumulates another cyber security company

Accumuli, a serial acquirer of early stage cyber security companies, has announced another UK acquisition, Cambridge-based Signify Solution. Signify is a managed service provider of hosted two factor authentication solutions.

Accumuli announces acquisition of Signify Solutions
Also see:
Signify win 'Best Remote Access Security' at SC Awards 2013

Vasco acquires Cronto for secure online transactions

There's a coincidence! In my post before last I commented on the release by Cronto of a new system to combat online banking fraud. Barely a month later and Cronto, a Cambridge University spin-out, has been acquired by Vasco.

Cassidian Acquires Another Network Security Company

It seems there is a race on. Which big defence company can hoover up the right cyber security SMBs?

Cassidian Acquires Cyber Expert Arkoon Network Security - Defense World:

Cambridge uni spinout technology to combat online banking trojans

New system to combat online banking fraud: A security solution from a Cambridge University spin-out which protects against 'man-in-the-browser' trojans is being rolled-out by two German banks. The system works with the bank web site sending a 2d barcode-style picture that contains the transaction information. The user decodes it with a mobile app, or dedicated device, which also generates a transaction authentication code for the user to enter to confirm the transaction.

I've long thought that smartphones would be the route to secure transactions over the internet. Using them as out-of-band communication routes for passcodes, or validation checks, has security potential but means the user must have a mobile connection. Attacks on this mode have already been developed.

You can try out the CrontoSign technology by downloading the CrontoSign mobile app for iOS or Android devices and try it with a demo account at www.crontosign.com.

Inside Adastral: BT's Belgium-sized broadband boffinry base

An interesting report from 'The Register' about BT's Adastral Park - where our security futures practice, in BT Research and Technology, is based. BT is working on plans to create 2,000 new jobs and provision for up to 2,000 homes by 2025, by opening up areas of Adastral Park as a science campus. The idea is to create a Suffolk research centre - a regenerated research and development facility that encourages the growth of an ICT cluster in Suffolk.

Latest security investments benefit SMEs and parents

Spanish startup, Qustodio, raises $1m to allow parents to monitor Facebook chats and searches, as well as view browsing histories and which applications have been opened in a given session on their childrens devices. There is one dashboard for parents to control all devices, which may include tablets, smartphones, and home computers per child.

And Quorum pulls in $11M to help small businesses recover from hardware failure.

HyTrust Wins Major Patents For Automated Cloud Security And Virtual Infrastructure Management

HyTrust Awarded Patents For Automated Cloud Security And Virtual Infrastructure Management: Patents relate to automated risk mitigation and compliance in virtualized infrastructure, and the adoption of multi-tenant clouds. I see a battle looming over cloud patents - everyone wants to carve out a piece of the action.

Remotium Wins Most Innovative Security Company at RSA Conference

Startup Remotium was named the Most Innovative Company at the start of the RSA Conference on Monday. Unsurprisingly it's a security technology for mobiles addressing the bring-your-own-device (BYOD) trend. It runs mobile applications on public or private clouds, and streams the visualization elements to the device so that enterprise data is never stored on it. Return of the thin-client?

The company has apparently not yet raised any venture funding.

Startup Red Balloon Security to Protect Printers and Other Devices

The MIT review reports on a startup aiming to protect printers, phones, and other devices from hackers. It will announce the first device running its defensive code this week. This is an important development. Embedded devices are typically poorly protected, run legacy software and are rarely designed to be patched. They are inviting targets for advanced persistent threats, as we saw with Stuxnet.

Nok Nok! Who's there? No more passwords!

Yet another startup, Nok Nok Labs, is hoping to sway users away from insecure passwords. It has developed a security protocol that asks end users to substitute stronger authentication tools such as fingerprints and voice recognition, for usernames and passwords.
Named after the classic knock-knock joke, Nok Nok Labs' CEO was a founder of well respected encryption company PGP. Nok Nok has apparently taken $15 million in venture capital.

New approach to CAPTCHA - with ads!

Minteye, an Israeli start-up has come up with a new form of CAPTCHA - those annoying squiggly alphanumeric patterns that supposedly allow a web site to be sure that the user is human. What's more it has a business model attached to it. Minteye's variant is known as SLIDING CAPTCHA. The user adjusts a slider until a distorted image looks like something recognisable. The business angle is to include adverts in the human resolved image. Whether it is taken up will probably depend a lot on how well it can discriminate the human user but sometimes a good business model will trump security in the market. However, only last week it seems a short Python script was concocted to defeat it. But these things can never be perfect. And if a machine ever passes the Turing test how can CAPTCHAs hope to work?

10 Signs You’ve Been Working In Information Security Too Long

10 Signs You’ve Been Working In Information Security Too Long
e.g.
When your mum calls you ask her three security questions to verify her identity;
Your pet’s name consists of at least 20 characters, and contains a mix of numbers, uppercase letters, and at least one special character;
Sometimes you can’t understand your own thoughts because they are encrypted.

You get the idea!

12 Must-Watch Security Startups for 2013 from cio.com

12 Must-Watch Security Startups for 2013 - an interesting selection of mainly cloud-based security and security monitoring technologies. Some, although still in stealth mode, have already picked up significant investment.