Google is spending $5.4 billion to acquire cyber security firm Mandiant in a bid to bolster the company’s in-house cyber security resources. The deal, announced on 8 March 2022, is subject to regulatory approval – but the company expects to close on the purchase before the end of the year.
Google’s acquisition of this platform and the consulting services that Mandiant can offer may have a major impact on the cloud security landscape.
Mandiant set to bolster Google’s existing cloud security
Mandiant, founded in 2004, is best known for its security platform – the “Mandiant Advantage Platform” – and its role in researching some of the most significant security events of the past decade.
According to Google’s announcement of the deal, Mandiant combined with existing “Google Cloud’s cloud-native security offerings” will help Google Cloud customers stay protected by extending Google’s cloud security offerings in five key areas: “advisory services, threat detection and intelligence, automation and response tools, testing and validation and managed defense.”
Both Mandiant’s existing cyber security platform and the consulting services Mandiant offers will be made available to Google Cloud customers, with Mandiant services acting as a “seamless extension of customers’ security teams.”
If successful, the Mandiant deal will be Google’s second most expensive acquisition to date, behind the $12.5 billion purchase of Motorola Mobility and ahead of the $3.2 billion purchase of Nest. Mandiant will become part of the Google Cloud division.
Wider impact on cloud security
The Mandiant acquisition is, in some ways, an unusual move from Google. Google has invested in other cloud security products in the past, like the company’s partnership with Lookout that produced a zero trust solution for Google Workspace.
However, the size of the Mandiant cyber security deal is much bigger than any of these previous investments. The value of the deal also seems significant in light of Google Cloud’s disappointing performance over the past few years.
Right now, Google’s cloud division accounts for just 7% of the global market, significantly behind both Microsoft Azure (17%) and Amazon Web Services (32%).
Google Cloud is growing fast. According to Google’s parent company, Alphabet, during the Q3 2021 earnings call division revenue jumped by 45% in the quarter to $4.99 billion, up from $3.44 billion in Q3 2020. Despite this growth, Google Cloud failed to turn a profit. The division was able to cut operating losses by half compared to losses the year before, down from $1.2 billion to $644 million.
Much of Google Cloud’s growth has come from the expansion of the broader cloud market, and the division has struggled to secure cloud share from Microsoft or Amazon. As a result, when cloud growth slowed in 2021, Google Cloud’s growth slowed as well.
Part of the plan
Investing in cyber security is probably part of Google’s larger plan to beat Amazon and Microsoft in the cloud.
Data breaches and ransomware attacks are becoming more frequent and more expensive to manage. At the same time, cyber security professionals are in short supply. Businesses that want to bolster their cyber security talent pool need talent acquisition teams with the skills necessary for tech recruiting and the resources for a long and difficult talent search.
As cyber security becomes an increasingly important topic for major enterprises, Google may use security offerings as a selling point to differentiate Google Cloud from its competition.
The Mandiant cyber security purchase could signal a shift in the overall cloud landscape. Major cloud providers may ramp up investment in security products and consulting services. Expanding security offerings can help providers keep their networks secure and prevent attacks.
Google and Mandiant coming together will help bolster the security of Google Cloud customers. In the long term, the purchase could also have a serious impact on cloud providers in general.
As cyber security becomes more important to businesses, cloud security may become a more critical feature, encouraging providers to invest in and promote security offerings.