Security Roundup: World Password Day, Qualys, Infosec, Innovation via Aquisition
… innovation is being acquired as opposed to developed in-house through R&D.
The firm pulled the cash and short-term investment balances of more than 30 publicly-traded cybersecurity companies over a five-year period, excluding businesses that are divisions of major firms such as Microsoft, Cisco and IBM, and private equity firms that have invested heavily in cybersecurity. This balance has nearly doubled since heading into RSA 2019 and is on a steep upward trajectory.
“This trend is great news for cybersecurity startups and investors alike, as it is potentially indicative of many more acquisitions in the future,” it said.
SCV calculated R&D spending as a percentage of revenue for 30 publicly-traded companies over a 10-year period and found that R&D as a percentage of revenue increased during this period, demonstrating that some of the largest cybersecurity companies are actually spending more on R&D over time. Some of the companies are top performers in public markets such as Okta and Rapid7, while others, such as Carbon Black, are considered the next generation of cybersecurity companies by industry experts.
Those spending less on R&D appear to be larger publicly-traded cybersecurity companies that thrived in previous generations of cybersecurity products such as firewall, intrusion detection systems and antivirus, according to SCV.
“After reviewing the data, it appears, and now makes sense, that these strategies are not mutually exclusive,” it said. “In a constantly evolving and competitive space, these companies have opted to take a dual-pronged approach, both acquiring innovation as well as developing new technologies in-house. However, I still believe that startups are more scrappy, nimble, and will be responsible for the truly game-changing technologies in this space and will be plucked up by larger cybersecurity companies.”
Infosec Expands Channel Program
Infosec has enhanced its partner program for MSPs, MSSPs, VARs and OEMs. In addition to its security awareness and training solution Infosec IQ, the program now includes both Infosec Skills and Infosec Flex to provide across-the-board, full-spectrum training needs for the clients of channel partners.
“Organizations face two primary security training issues today: Their employees are not trained properly about cybersecurity and their security and IT staff are undertrained,” said Mike Nobers, Infosec’s director of global channel sales. “This is due to ever-changing security techniques and employees being recruited away to other companies because of the qualified security pro shortage. Infosec partners can now speak to this bigger issue across their client’s organization with Infosec IQ for employee security awareness training, plus Infosec Skills and Infosec Flex to address retaining and growing their security and IT teams,.”
With Infosec IQ, partners can help clients build a cyber-alert workforce equipped to recognize, avoid and report suspicious activity, such as phishing. The Infosec Skills and Infosec Flex platforms are designed to ensure the client’s IT and security team’s skills are scaled to outsmart the latest threats and build defenses to counter tomorrow’s threats.
The partner program offers: automation tools to make it easy to build security awareness training programs to deliver the right content to the right learner at the right time; delegated administration that allows management of multiple clients’ security awareness programs from one platform; automatic report generation to make it easy to track and share training performance; and customizable learning experiences via more than 300 modules, including critical training in phishing, suspicious hosts, ransomware and password security.