Facebook announced that they are looking to acquire a cybersecurity firm by the end of the year. The news reports are connecting this move as a result from the ‘breach’ Facebook suffered this year and the privacy fiasco from last year. I am not aligned with that connection. Companies have security problems all the time and the follow-up from a breach is to make investments in security solutions, not buy an entire company. That doesn’t make sense from any viewpoint from strategy to financial impacts. Also a cybersecurity firm is going to be more focused on an area of cybersecurity than an overall one-stop solution. The other reason this connection is wrong is any cybersecurity company is going to have corporate and potentially individual customers of that firm’s products and/or services.

Facebook’s biggest problem isn’t security of their platform, yes they had one bug that leaked quite a bit, but overall Facebook’s biggest problem is more privacy and user trust. In order to boost that back Facebook will have user facing security features.

In my opinion Facebook is looking to invest in a cybersecurity company to save face with their users and have this investment be forward facing rather than an internal move. By looking at this announcement with that in mind there are several companies that stand out as a smart move and an acquisition that makes sense for Facebook.

If you are looking at a forward facing security posture where the billions of users, the users Facebook’s life depends on, it needs to service them. The cybersecurity areas that would best fit would be in the Identity and Access Management, Endpoint security and personal security services area if they are making a user facing acquisition or internally I am all in with threat detection.

Here are a list of companies that I think Facebook would benefit from most by acquiring them:

The first one is purely user a facing acquisition but doesn’t do much to protect the internal workings of Facebook’s network security.

Okta. A innovating leader in cloud based Single Sign On and Account Management Space. They fall into the category of Identity Management but their services and ability to control the authentication of user’s accounts would make sense for Facebook. Facebook’s underlying ability to allow connectivity between services and users to use Facebook to authenticate to other services would be significantly strengthened by Okta’s services. Plus all user’s would benefit from strengthened account security. Others in this area would be OneLogin, LastPass, 1Password, etc… These make sense at some level to help control user’s accounts connectivity around the Internet but I think Facebook’s short-term will be to directly address the issues around the privacy and breach incidents.

If Facebook acquires for internal improvements I think it would have to be a company that is very minimal in the hardware space.

DarkTrace. This one makes the most sense. DarkTrace is an AI based internal threat monitoring and detection service. Continually monitoring and learning from the internal behavior of a network it can determine anomalies and react to them automatically. This would fit perfectly to prevent such abuse of access like the Cambridge Analytica and to detect the breach that occurred with the URL access. I would put DarkTrace at the top of my list.

Rapid7. In the same area as DarkTrace, Rapid7 focuses on threat detection and securing the SecOps flows for an organization. Rapid7 has acquired several other companies over the years to bolster web application security capabilities as well.

FireEye. This also makes sense and may be ahead of DarkTrace. FireEye is well established and proven as a leader in cybersecurity. There is no question FireEye is excellent at what they do. The other aspect that makes this very possible is FireEye’s business has began to level off over the years and they may be very open to an acquisition.

LogRythm. Another threat intelligence product in the SIEM space this also could be a possibility. With AT&T acquiring AlienVault earlier, other SIEM companies with deep threat intelligence capabilities are ripe for the picking.

These are the top candidates of ‘major’ cybersecurity firms that Facebook could benefit from. I don’t think a startup is in their sights it would have to be an establish, trusted company that has been around for a while to fend off any PR backlash on a risky purchase. I have no idea, this is just what I think makes sense. Obviously there are many other candidates out there in each category so it’s up in the air.

The bigger question is with any cybersecurity acquisition and Facebook’s history of collecting any and all data through their security products… how are they going to keep the acquired customer’s. I know if I were a customer of any Facebook acquisition… I would cut and run at the first opportunity.

End of line.

Binary Blogger has spent 20 years in the Information Security space currently providing security solutions and evangelism to clients. From early web application programming, system administration, senior management to enterprise consulting I provide practical security analysis and solutions to help companies and individuals figure out HOW to be secure every day. Subscribe

Facebook Page

Follow Me On Twitter

contactme@binaryblogger.com