Get all your news in one place.
100’s of premium titles.
One app.
Start reading
Investors Business Daily
Investors Business Daily
Technology
REINHARDT KRAUSE

How Mandiant Deal Turbocharged Google's Cybersecurity Push

Mandiant founder Kevin Mandia's decision to step down as CEO of the cybersecurity firm that Alphabet acquired two years ago marked a twist in a deal that won high grades for Google stock. But Mandia's sudden departure isn't expected to derail the acquisition goal to boost Google's cybersecurity business versus Amazon and Microsoft.

"What Mandiant has brought to the table, even though we had large customers of our own, is true board-level visibility and presence," Sunil Potti, general manager and VP of Google Cloud Security, told Investor's Business Daily. "Security continues to be a top-of-mind priority."

Google Stock: An Elite Cybersecurity Player?

Mandia, a U.S. Air Force veteran who founded Mandiant in 2004, will stay on in an advisory role. Two of his top lieutenants, Sandra Joyce and Jurgen Kutscher, will run the Mandiant business at Google Cloud. Analysts expect Google to stick with its strategy. It will leverage Mandiant's managed services and consulting business to boost demand for its cloud-based cybersecurity products.

"While Kevin is an important figure within Mandiant, my view is that the transition was anticipated and that there is unlikely to be significant disruption," William Blair analyst Jonathan Ho told IBD.

With the $5.4 billion deal in September 2022, Google gained an elite cybersecurity firm. Mandiant is recognized worldwide for its prowess in detecting and responding to state sponsored (China, Russia, North Korea) computer hacking attacks.

Mandiant sells pricey incident response and remediation services that help companies identify how data breaches occur and recover from them. Forrester Research annually ranks Mandiant's threat detection services as among the industry's best.

In the first half of 2024, Google touted its growing cybersecurity portfolio, making announcements at its cloud computing conference in April and at the RSA security conference in May. Also, Google rebranded its Chronicle cybersecurity unit to Google Security Operations.

Google Stock: Mandiant Boost

Google showcased Mandiant's tools integrated with its Chronicle security command center operations. In addition, Google debuted new generative artificial intelligence tools integrated into its cybersecurity platform.

Many Mandiant customers had been government agencies and large companies. After its recent ransomware attack, for example, UnitedHealth Group brought in Mandiant.

For Google stock, one question has been whether Mandiant could boost Google's cloud computing business amid stiff competition with Amazon and Microsoft.

With some 2,600 employees, human expertise has been a Mandiant strength. Mandiant also has close ties with the U.S. national security community.

Potti said Mandiant has been evolving from being a services-first company to also providing technology.

Google is "now able to connect more explicitly with fundamental security transformation technologies, whether it's in the form of Chronicle security operations or other capabilities," Potti said. He made the comments in an interview before Mandia's exit as Mandiant's CEO.

Ghostbusters Of Cybersecurity

Potti sees an opportunity for Mandiant to boost Google Cloud in the midmarket, medium-size businesses that also face serious cybersecurity challenges.

"It's not just global brands or government agencies at risk," he said. "What we're seeing is that nation-state attackers are moving downstream. It could be a bank in the Midwest or a hospital system."

Ho of William Blair says Mandiant's professional services serve as a sales lead generator. Mandiant's incident responders and security consultants handle about 1,100 breach investigations every year.

"When a breach happens, Mandiant gets called in similar to Ghostbusters," he said. "The data they collect is extremely valuable in making security products better. And when they're called in, they provide opinions to customers in terms of what they should buy to improve cybersecurity. That was a lead generator for FireEye and now for Google."

Like Amazon and Microsoft, Google's access to vast amounts of internet data gives it an edge in monitoring computer networks for suspicious activity. The company collects cybersecurity data to protect its own websites and network services as well as users of Chrome and Gmail. Google also says it protects some 4 billion devices worldwide.

Acquisitions Push Cloud-based Security

In 2019, Google moved its Chronicle-branded, threat-detection cybersecurity business to the cloud computing unit. Aside from Mandiant, Google in 2022 also bought Siemplify, a threat detection and automated response company, for $500 million.

Google says it is building an advanced, cloud-based security operations center. It integrates Chronicle's data sets, Mandiant's managed detection and response platform and artificial intelligence tools.

"Ultimately security is a data problem," Potti said. "Like Google itself, we know how to process very large amounts of data at scale. That allows us to train AI models for security use cases better than anyone else on the planet. And we can be the data lake for any security app out there, whether it's our own or a third-party partner app."

Also, Google acquired a dozen cybersecurity firms since 2007, including malware database VirusTotal in 2012.

"When you combine the Mandiant intelligence feed with VirusTotal and all the telemetry Chronicle pulls in from the Google platform, it's pretty cool," said Mark Ehr, analyst at S&P Global. "And, with Gemini they're baking that into all their products, command center and operations."

Google likely isn't done making cybersecurity acquisitions, added Ehr.

He says one area to watch is the cloud-native application protection platform, or CNAPP, market. It's full of feisty startups, including well-funded Wiz, Aqua Security, Cybereason, Lacework and Snyk.

Pioneer In Zero Trust Security

While Google has been a buyer of security technology, it's also an innovator, Needham analyst Alex Henderson said in an email.

In 2016, Google's BeyondCorp initiative introduced the Zero Trust security model, now widely adopted across corporate America. The security measures focus on validating the credentials of a user, device or application and do not assume users within a network perimeter can be trusted.

Needham's Henderson says Google's cybersecurity business has been gaining traction since 2022.

"It seemed too little and odd to go with managed services (Mandiant) without a platform," he said in an email. "However, they appear to be driving it and we are now surprised by how often they are coming up in our field checks."

Google's cloud unit also has partnered with technology services companies such as Accenture.
According to market research firm Gartner, the cybersecurity consulting market will jump to $44.99 billion in 2025, up from $34.69 billion in 2023.

Also, Google stock has advanced 24% in 2024.

In the first quarter of 2024, Google's cloud-computing revenue rose 28% to $9.574 billion, above estimates of $9.4 billion. It doesn't break out cybersecurity revenue within the cloud business.

Microsoft Cloud Security Competition

Meanwhile, Microsoft in early 2023 boasted that its cybersecurity division had a $20 billion run-rate with annual growth over 30%.

However, Microsoft is now on the defensive. A recent report from the U.S. Cyber Safety Review Board was critical of Microsoft's security practices in the wake of Chinese and Russian hacking incidents.

With its new Secure Future Initiative, Microsoft aims to improve cloud computing security. However, Google and others see an opening. In May, Google launched a campaign pitching its Workplace enterprise software and email as a safer alternative to Microsoft Office 365.

Further, Google positions itself within the cybersecurity industry as an ally while Microsoft competes with many companies.

At the RSA conference in May, Google and CrowdStrike Holding expanded a strategic partnership. CrowdStrike initially partnered with Mandiant in 2022.

At the Google Cloud Next event in April, the company announced cybersecurity firm Palo Alto Networks expanded their alliance.

"We didn't go after every market," said Potti. "We provide the portion of the platform that is most valuable and hardest to build and also allows best of class (endpoint, identity, network products) to plug in. Customers do not have to compromise. With security, there's no way a one-size-fits-all platform approach works. Smart integrations can go a long way in bringing delight to customers while not burdening them with complexity."

Follow Reinhardt Krause on Twitter @reinhardtk_tech for updates on artificial intelligence, cybersecurity and cloud computing.

Sign up to read this article
Read news from 100’s of titles, curated specifically for you.
Already a member? Sign in here
Related Stories
Top stories on inkl right now
Our Picks
Fourteen days free
Download the app
One app. One membership.
100+ trusted global sources.