Enterprise Mergers & Acquisitions

Cisco adds CloudLock security arsenal for cloud defense

It’s safe to say Cisco has spent somewhere in the region of $4 billion in the space of just three years solely on buying up security companies – and it will soon be adding $293 million to that sum as it plans to acquire cloud-based security start up CloudLock.

CloudLock’s technology uses APIs to monitor the operations of data and content stored on cloud applications such as Office365, Google Drive, Dropbox, AWS, Slack and Salesforce, or alternatively, an on-premises server – it calls this cloud access security broker (CASB) technology.

Employees using their own devices to access company documents, data or content in various settings on unsecured networks brings with it a wave of security and privacy issues. So CloudLock provides location-based controls to tackle potential data sharing breaches and cybersecurity attacks – it offers companies analytics on user behavior and their storied data in whichever cloud services they have opted for. This covers Software as a Service, Infrastructure as a Service, and Platform as a Service.

Cisco spent even more when it acquired internet security service provider OpenDNS in July 2015, paying $635 million in cash plus other considerations. OpenDNS is best known for a cloud service that prevents customers from connecting to dangerous IP addresses, but Cisco said at the time its biggest assets are its predictive threat intelligence, and its ability to view mobile and embedded devices which may not be directly connected to the corporate network.

Cisco acquired a similar company in Lancope last year, for $453 million, whose main product is StealthWatch, and back in 2014 it also bought ThreatGrid, a US anti-malware and threat intelligence firm, which was integrated with Cisco’s Advanced Malware Protection (AMP) suite, based on the mammoth $2.7 billion purchase of Sourcefire in 2013.

Acquisitions such as these initially seemed to fit into traditional Cisco enterprise markets, but will in fact be important starting points for bigger efforts in IoT and SDN and will feed into a far broader platform. The addition of such companies to Cisco’s footprint has not only bolstered its own security systems, but has provided a wealth of well controlled applications and partners for its ecosystem.

Cisco is also a member of the Secure Content Storage Association (SCSA), which was founded by 20th Century Fox, Warner, SanDisk and Western Digital, but now includes Samsung, Qualcomm, LG, Xiaomi, Comcast, Intel, Sky, Sprint, Broadcom, ARM, TP Vision, Seagate, Akamai, Marvell, DTS and Dolby, Pace, MStar, DivX, ST Micro, MediaTek, Realtek Walmart and Cryptography Research (CRI).

The SCSA recently formed the consumer brand Vidity, which is a specification built around a secure key placed inside either flash memory or on a disk drive – inaccessible from the OS. The key forms the basis of the decryption for premium content, which will increasingly be UHD content.

CloudLock says HBO, Motorola, DreamWorks Studios, National Geographic, the Financial Times, and Nasa are customers. Rivals offering similar security technology include Microsoft with its Adallom subsidiary, Skyhigh Networks, CipherCloud, and Netskope.

Since CloudLock’s founding in 2007 it went on to raise $35 million in backing from Bessemer Venture Partners, Salesforce’s venture funds and Boston-based Ascent Venture Partners.

Earlier this year, CloudLock formed partnerships with cybersecurity firms FireEye, Zscaler, and OneLogin, to deliver cloud and on-premise security services. CloudLock and its 145 employees will go on to Cisco’s Networking and Security Business Group, and the acquisition is expected to close in the first quarter of 2017.

“As companies are migrating to the cloud, they need a technology partner that can accelerate that transition and deliver critical security capabilities for all their users, apps and data in a seamless way. CloudLock brings a unique cloud-native, platform and API-based approach to cloud security which allows them to build powerful security solutions that are easy to deploy and simple to manage,” said Rob Salvagno, vice president of Cisco Corporate Development.

“CloudLock rose to leadership in the cloud security sector with a pure play approach of being cloud-native while leveraging other cloud platform APIs in a collaborative fashion. They were a trailblazer of this approach while the competition often focused their efforts on extending legacy methods,” said Luke Burns, a general partner at VC firm Ascent Venture Partners, one of CloudLock’s investors.

VPS hosting