Mandiant is a $5.4 billion bet by Google that security will be a competitive edge in the cloud

Mandiant’s enterprise security detection and response tech will give Google a “full-service” approach to cloud security and could set off a deal-making spree.

Thomas Kurian

“This is an opportunity to deliver an end-to-end security operations suite and extend one of the best consulting organizations in the world,” Google Cloud CEO Thomas Kurian said.

Photo: Michael Short/Bloomberg via Getty Images

Google’s proposed $5.4 billion acquisition of Mandiant will help boost Google Cloud’s security posture as it pushes for more enterprise customers amid an increasingly challenging environment.

Reston, Virginia-based Mandiant, which sells an extended detection and response SaaS platform called Mandiant Advantage, will fill gaps in Google Cloud’s security technology stack that aren’t covered by its own first-party products. Those currently include Google Cloud Armor, its network security service that provides defenses against DDoS and application attacks; Chronicle, its security analytics platform; and BeyondCorp Enterprise, its zero-trust identity and security platform.

“The critical piece for [Google Cloud] is really being able to get closer to feeling like a full-service entity across the whole broad landscape of security tech,” said Miles Ward, chief technology officer for SADA, a business and technology consultancy, in an interview after Google’s announcement.

“Security now is not one category, it's like 20. Google has built some great individual products and bought a couple of others, but Mandiant is just much more full-service. It has a real breadth from across different parts of the technology stack,” he said. “It lets a Google seller and partners like us approach a customer and be able to say that you can get everything that you need effectively from Google at this point.”

Mandiant CEO Kevin Mandia will join Google Cloud in an unspecified role. The company currently has 2,200 employees, including 600 consultants and 300 intelligence analysts who respond to security breaches.

“One of the advantages for the Mandiant setup is that [it] includes advisory services,” Ward said. “They’re there to do a level of consultative support that has been beyond Google professional services until now.”

Cloud computing providers have been doubling down on their security efforts in the wake of mounting and evolving cyberattacks, such as the recent Log4j exploit, ransomware demands, the SolarWinds hack by suspected Russian intelligence attackers and the attacks on Microsoft’s on-premises Exchange Server platform pinned to Chinese nation-state hackers. Cyber threat activity by alleged state-sponsored Russian organizations also has been increasing during Russia’s ongoing invasion of Ukraine.

“The Mandiant brand is synonymous with unmatched insights for organizations seeking to keep themselves secure in a constantly changing environment,” Google Cloud CEO Thomas Kurian said in a statement. “This is an opportunity to deliver an end-to-end security operations suite and extend one of the best consulting organizations in the world.”

The Mandiant acquisition will bolster Google Cloud’s defense in the race with competitors AWS and Microsoft. Bloomberg reported last month that Microsoft had also been pursuing Mandiant. AWS has a worldwide cloud market share of 33% compared to Microsoft’s 21% and Google Cloud’s 10%, according to Synergy Research.

“This deal is all about Mandiant being further integrated into Google Cloud with more cyber threats facing enterprises/governments on the transformational shift to cloud and Mandiant establishing itself as ‘the Navy Seals of cyber security’ over the last decade,” Wedbush Securities analyst Dan Ives wrote in a research note today.

The deal follows Google’s January purchase of Israeli cybersecurity startup Siemplify, a security orchestration, automation and response provider, for a reported $500 million. Google Cloud plans to plug in Siemplify with its other security tooling apparatus later this year.

Google Cloud has boasted that one of its selling points is infrastructure designed from the start with built-in security based on so-called zero-trust principles, rather than security that’s “bolted on,” with its own security chips on its servers and data encrypted by default at rest and in transit. That “security by design” gets pushed up through its products and underpins the services that it runs for customers, according to the cloud provider.

Google’s proposed all-cash acquisition of Mandiant requires regulatory and Mandiant stockholder approvals, and is expected to close later this year. Mandiant, which had been acquired by FireEye in 2013, again became a standalone company last year when FireEye sold its product business and name to Symphony Technology Group under a $1.2 billion deal that closed in October. Mandiant reported $483 million in revenue for the year that ended Dec. 31, 2021, a 21% increase from 2020, and net income of $919 million, following a $207 million loss the prior year.

Its deal with Google is expected to have a major ripple effect across the cybersecurity space as AWS and Microsoft now will be pressured into mergers and acquisition to further bolster their cloud platforms, according to Ives. He cited CyberArk, Ping, Qualys, Rapid7, SailPoint, Tenable and Varonis as possible targets given their focus on cloud workload protection.

“In a massive growth backdrop for cybersecurity and further tailwinds seen during this Ukraine invasion from Russia[n] bad actors/nation-state attacks, we believe today's deal is the tip of the iceberg to a massive phase of consolidation potentially ahead for the cloud space,” Ives said.


An IPO may soon be in Notion’s future

Notion COO Akshay Kothari says there’s room to grow, aided by a new CFO who knows how to take a company public.

Notion has hired its first chief financial officer: Rama Katkar.

Photo: Courtesy of Notion

It’s been a year since Notion’s triumphant $275 million funding round and $10 billion valuation. Since then the landscape for productivity startups trying to make it on their own has completely changed, especially for those pandemic darlings that flourished in the all-remote world.

As recession looms, companies looking to cut costs are less likely to spend money on tools outside of their Microsoft or Google workplace bundles. Enterprise platforms are bulking up and it could spell trouble for the productivity startups trying to unseat them. But Notion COO Akshay Kothari says the company is still aiming to build the next Microsoft, not be the next Microsoft. And in a move signaling a new chapter of maturity, Notion has hired its first chief financial officer: Rama Katkar, Instacart’s former VP of finance.

Keep Reading Show less
Lizzy Lawrence

Lizzy Lawrence ( @LizzyLaw_) is a reporter at Protocol, covering tools and productivity in the workplace. She's a recent graduate of the University of Michigan, where she studied sociology and international studies. She served as editor in chief of The Michigan Daily, her school's independent newspaper. She's based in D.C., and can be reached at llawrence@protocol.com.

Sponsored Content

Great products are built on strong patents

Experts say robust intellectual property protection is essential to ensure the long-term R&D required to innovate and maintain America's technology leadership.

Every great tech product that you rely on each day, from the smartphone in your pocket to your music streaming service and navigational system in the car, shares one important thing: part of its innovative design is protected by intellectual property (IP) laws.

From 5G to artificial intelligence, IP protection offers a powerful incentive for researchers to create ground-breaking products, and governmental leaders say its protection is an essential part of maintaining US technology leadership. To quote Secretary of Commerce Gina Raimondo: "intellectual property protection is vital for American innovation and entrepreneurship.”

Keep Reading Show less
James Daly
James Daly has a deep knowledge of creating brand voice identity, including understanding various audiences and targeting messaging accordingly. He enjoys commissioning, editing, writing, and business development, particularly in launching new ventures and building passionate audiences. Daly has led teams large and small to multiple awards and quantifiable success through a strategy built on teamwork, passion, fact-checking, intelligence, analytics, and audience growth while meeting budget goals and production deadlines in fast-paced environments. Daly is the Editorial Director of 2030 Media and a contributor at Wired.
Securing the Enterprise

Securing the enterprise

There’s no let-up in the surge of cyberattacks against businesses. But shutting down the hackers will require many enterprises to evolve their strategy.

In today’s enterprise, “identity and security are very merged.”

Illustration: iStock/Getty Images Plus; Protocol
the Protocol team
Protocol focuses on the people, power and politics of tech, with no agenda and just one goal: to arm decision-makers in tech, business and public policy with the unbiased, fact-based news and analysis they need to navigate a world in rapid change.

How neobanks are helping consumers game credit scoring

The CFPB says it is closely monitoring secured credit cards offered by neobanks.

Regulators are scrutinizing neobanks' card offerings.

Photo: Oscar Wong/Moment/Getty Images

About one in six Americans has a credit score below 619, according to the CFPB. Another 23% have too thin a credit file to score or no file at all. That puts them in a credit trap: To build credit, these consumers need someone to give them a line of credit with which they can demonstrate good financial habits. But with scores that low, few lenders are prepared to offer them anything.

Neobanks say they can solve the problem through a new twist on secured credit cards. But regulators are already scrutinizing their offerings.

Keep Reading Show less
Veronica Irwin

Veronica Irwin (@vronirwin) is a San Francisco-based reporter at Protocol covering fintech. Previously she was at the San Francisco Examiner, covering tech from a hyper-local angle. Before that, her byline was featured in SF Weekly, The Nation, Techworker, Ms. Magazine and The Frisc.


Steel decided World War II. Chips will decide whatever is next.

“Chip War: The Fight for the World’s Most Critical Technology” foreshadows the coming battle between nations over semiconductors.

“Chip War” outlines the nature of the coming battle over semiconductors, showing how the power to produce leading-edge chips fell into the hands of just five companies.

Image: Scribner; Protocol

“World War II was decided by steel and aluminum, and followed shortly thereafter by the Cold War, which was defined by atomic weapons,” Chris Miller, a professor at Tufts University’s Fletcher School of Law and Diplomacy, writes in the introduction to his latest book. So what’s next? According to Miller, the next era, including the rivalry between the U.S. and China, is all about computing power.

That tech rivalry and the story of how the chip industry got from four to 11.8 billion transistors are all part of Miller’s book, “Chip War: The Fight for the World’s Most Critical Technology,” which comes out Oct. 4. “Chip War” outlines the nature of the coming battle over semiconductors, showing how the power to produce leading-edge chips fell into the hands of just five companies: three from the U.S., one from Japan, and one from the Netherlands.

Keep Reading Show less
Hirsh Chitkara

Hirsh Chitkara ( @HirshChitkara) is a reporter at Protocol focused on the intersection of politics, technology and society. Before joining Protocol, he helped write a daily newsletter at Insider that covered all things Big Tech. He's based in New York and can be reached at hchitkara@protocol.com.

Latest Stories