Google is in talks to buy cybersecurity consultancy Mandiant

Google’s talks with publicly traded Mandiant could still fall through, according to the person. Microsoft is also making a move to acquire Mandiant, Bloomberg reported early last month. Bids for Mandiant were due at the end of February, the person said. The potential deal value couldn’t be learned, but Mandiant has a market capitalization of just under $4.5 billion.

Any deal involving Microsoft or Google is likely to get a close look from competition regulators, which have become increasingly wary of acquisitions made by the biggest tech companies.

The centerpiece of Google Cloud’s security strategy is Chronicle, a product that monitors the flow of data across PCs, devices and networks to detect signs of stealthy cyberattacks. Chronicle started out as an independent company within Alphabet but was moved into Google Cloud in mid-2019. In January, Google upgraded Chronicle by acquiring Siemplify, an Israeli startup whose software helps security teams respond quickly to threats, for a reported $500 million.

“Right now Google wants to buy [software] that companies are regularly and repeatedly buying,” said a former Google Cloud manager who didn’t have knowledge of any acquisition talks. Google Cloud CEO Thomas Kurian, a former longtime Oracle executive, “just wants more transaction volume on his books,” this person said.

While Google Cloud has disclosed $51 billion in contractual commitments from customers to spend money on its services, “customers are saying, ‘Gimme more [products] I can buy,’” the former manager said. Plus, those initial commitments may not always translate to revenue, as The Information has reported, and Google Cloud faces a host of costs and business challenges that its rivals do not have.

Forensics Expertise

Kevin Mandia, a former U.S. Air Force officer, founded Mandiant in 2004 as a cybersecurity consultancy that helped companies and government organizations protect their networks from attacks. In some cases, Mandiant’s researchers would deliberately hack customers’ computers to find security holes, while in others they would conduct investigations to understand the cause of breaches.

Mandiant’s profile grew over the years after it was able to trace the origin of several cyberattacks on U.S. companies to state-sponsored hackers based in China. In 2013, cybersecurity firm FireEye acquired Mandiant for $1 billion to serve as the security threat research arm of the company. Mandia was named CEO of FireEye three years later. But FireEye struggled under Mandia’s leadership and last June sold its products unit—which includes software that protects PCs, servers, email systems and cloud services—to a private equity consortium led by Symphony Technology Group, leaving Mandiant as the publicly traded piece that was left over (and with Mandia still at the helm).

Mandiant sells a subscription-based product that depicts security threat data in charts and graphs to help security operations teams respond quickly to threats. But Mandiant’s chief strength is its in-house cybersecurity research and forensics expertise and its ability to handle investigations when attacks happen, according to Andrew Plato, founder and CEO of Zenaciti, a cybersecurity consulting firm.

In late 2020, Mandiant (then called FireEye) discovered and announced the breach of network systems management firm SolarWinds, which attackers subsequently used to gain access to the networks of dozens of private companies and government agencies. Mandiant has also set up a task force to track cybersecurity threats tied to Russia’s war against Ukraine.

“They’re pretty much the go-to company that most law firms recommend to their corporate clients when they’re breached,” Plato said. “And they also have a lot of experience tracking state-sponsored hackers.”

In addition to adding top-notch cybersecurity research talent to the buyer’s portfolio, Mandiant would also bring in some revenue. Mandiant’s sales grew 21% to $483 million last year while its annual recurring revenue—which represents customer commitments to buy its subscription software in the next 12 months—grew 23% to $279 million. Mandiant generates a small amount of cash from its operations.

Antitrust Scrutiny

Google and Microsoft are bitter rivals, dating back to the earliest days of the search giant. The Department of Justice’s antitrust case against Microsoft, which it settled in 2001, is widely believed to have slowed the company’s progress, paving the way for Google’s rapid growth. And in recent years Microsoft has played a key role in lobbying antitrust officials and lawmakers to go after rivals including Google and Apple.

Mandiant is not the first company Google and Microsoft have competed for. In 2018 the two companies were both looking to buy open-source code repository GitHub, which Microsoft ultimately acquired for $7.5 billion, as a way to buttress their respective cloud software businesses. And more than a decade earlier, the companies competed to buy online display-advertising firm DoubleClick, which Google bought for $3.1 billion en route to becoming a top seller of display ads.

A deal by either company to buy Mandiant is likely to elicit a double take from competition regulators. Google is facing multiple lawsuits from antitrust enforcers around the world. U.S. and European antitrust officials reviewed Google’s last large acquisition, a $2.1 billion purchase of smartwatch maker Fitbit in 2019, for more than a year before clearing it. However, Google’s $2.6 billion acquisition of data analytics firm Looker Data Sciences in 2019, also aimed at helping the Google Cloud unit, didn’t face regulatory obstacles.

A Microsoft-Mandiant deal would likely get an even closer look than a deal involving Google because Microsoft has a substantial position in the cybersecurity software market.

“The odds are pretty good that the [U.S. Department of Justice or Federal Trade Commission]…will try to come up with a theory for why it should block the deal,” said Doug Ross, a lecturer at the University of Washington School of Law and a longtime antitrust defense attorney.

While its rivals have faced more antitrust heat, Microsoft has been among the biggest and most active acquirers of tech companies in recent years. Microsoft’s recent $69 billion deal to buy games developer Activision Blizzard is expected to draw antitrust reviews around the world well into 2023. Separately, Microsoft breezed through reviews for its $19 billion acquisition of speech recognition company Nuance Communications, which closed last week after regulators in the U.S., EU and U.K. raised no objections.

Antitrust authorities would likely examine whether the companies would limit access to competitors or customers of the acquired company, Ross said. He pointed to Nvidia’s failed takeover of Arm, which the FTC recently challenged over similar concerns.

Among the three major cloud providers, Microsoft has the biggest security business, though its major software products have been among the biggest targets for hackers. Still, a senior manager at a major customer of both Microsoft and AWS told The Information that Microsoft has long had an advantage in bundling security products with its broader cloud computing services, such as storage, computing and productivity apps.