Microsoft is considering making a bid for cybersecurity research and incident response company Mandiant, according to a person familiar with the discussions, a deal that would bolster efforts to protect customers from hacks and breaches.
The deliberations may not result in an offer, said the person, who asked not to be identified because the discussions are private. Mandiant and Microsoft declined to comment. Mandiant shares jumped as much as 22% to US$18.37 in New York following the report, while Microsoft stock gained about 1% to $303.83.
Adding Mandiant, with a market value of about $3.7-billion, would build up Microsoft’s arsenal of products for protecting clients and responding to cybersecurity threats. The software giant bought two smaller cybersecurity companies last year, and said last month that it had amassed $15-billion in security software sales in 2021, up almost 45% from a year earlier. The company last year named former Amazon.com cloud executive Charlie Bell to oversee its security efforts, and said it had 3 500 employees working to safeguard customers “from the chip to the cloud”.
Adding Mandiant would build up Microsoft’s arsenal of products for protecting clients and responding to cybersecurity threats
Mandiant became a standalone company again last year when FireEye — which had acquired Mandiant in 2013 — sold its eponymous security product business for $1.2-billion to a consortium led by Symphony Technology Group. While FireEye’s products focus on security for networks, e-mail and cloud systems, Milpitas, California-based Mandiant’s work is primarily in incident response and cyber intelligence cases.
Cyberthreats have been rising in severity globally, with Microsoft’s products often in the crosshairs. In March 2021, attackers linked to China used flaws in the code of Microsoft’s Exchange software to break into tens of thousands of organisations. In a breach disclosed in December 2020, suspected Russian hackers compromised popular software from Texas-based firm SolarWinds, inserting malicious code into updates for SolarWinds software, an attack that also impacted Microsoft and many of its customers.
In October, Microsoft said the hackers behind the SolarWinds cyberattack were engaged in a fresh campaign to compromise global networks by targeting the technology supply chain, including resellers and providers of cloud technology. — William Turton, Liana Baker and Dina Bass, (c) 2022 Bloomberg LP