Microsoft to Buy Cybersecurity Firm RiskIQ

Microsoft Corp.

MSFT -0.22%

agreed to buy cybersecurity provider RiskIQ Inc., the companies said Monday, a deal that would add to Microsoft’s portfolio of security services amid a rise in high-profile online attacks.

San Francisco-based RiskIQ, founded in 2009, helps companies track their vulnerability to digital threats. That has become more important and more complicated as companies shift a growing share of their work online, both to reach customers and to connect employees remotely, Microsoft security executive Eric Doerr said in a blog post on Monday about the acquisition.

For companies that use cloud computing, “it’s increasingly critical to understand the full scope of their assets to reduce their attack surface,” Mr. Doerr wrote.

Microsoft didn’t disclose the deal’s terms. Representatives for Microsoft and RiskIQ didn’t immediately respond to inquiries.

Internet vulnerabilities have drawn mounting concern this year as examples proliferate of cyberattacks with wide-ranging effects. In May, the 5,500-mile Colonial Pipeline, crucial to the East Coast’s energy infrastructure, was temporarily shut down by its operator after a cyberattack, leading to gasoline shortages in some places.

A month later, meat processor

JBS SA

said it was hit with a cyberattack that sent a portion of its beef and pork processing offline, a stoppage that reverberated through the supply chain for food.

Hospitals and municipal services have also fallen victim to recent cyberattacks in the U.S., emphasizing the threat they can pose to public safety. In a June interview with The Wall Street Journal, Federal Bureau of Investigation Director Christopher Wray said cyberattacks that use ransomware have proliferated quickly, and that prevention demands more public- and private-sector attention.

“The threat landscape has never been more complex or challenging, and security has never been more critical to our customers,” Microsoft Chief Executive

Satya Nadella

said on a conference call with analysts in April. “This is driving increased demand for our end-to-end capabilities across identity, security, compliance and management.”

Mr. Doerr said that the addition of RiskIQ will expand on Microsoft’s existing security products for commercial customers, which include security for Microsoft’s Azure cloud-computing service and its 365 Defender software.

Write to Matt Grossman at matt.grossman@wsj.com

Copyright ©2020 Dow Jones & Company, Inc. All Rights Reserved. 87990cbe856818d5eddac44c7b1cdeb8

Latest Posts