Blackberry Acquires Cylance to Apply AI to IoT Cybersecurity

Blackberry today announced it is spending $1.4 billion to acquire Cylance, a provider of cybersecurity software based on mathematical models, to extend the reach of its security portfolio into the realm of the internet of things (IoT).

Blackberry CEO John Chen said the company opted to acquire Cylance before it had a chance to go public because the Cylance approach to IoT security is the most lightweight available. The acquisition is expected to close sometime before February 2019, which is the close of the Blackberry fiscal year. Cylance already has more than 3,500 enterprise customers, including more than 20 percent of the Fortune 500, the companies noted.

Chen said there is not enough memory and bandwidth available on IoT endpoints, which means traditional agent-based approaches to applying security policies will not work. At the same time, network firewalls don’t do enough to protect IoT devices, he added, noting Cylance provides a way to secure IoT endpoints in way that doesn’t add processing overhead.

Blackberry plans apply the technologies developed by Cylance to mobile computing and embedded systems also. In total, Chen said with the addition of Cylance Blackberry is on target to generate more than $1 billion in software and service revenue.

Cylance chairman and CEO Stuart McLure said that as the attack surface that needs to be defended continues to expand, the only logical approach is to apply predictive models that enable cybersecurity teams to better anticipate and respond to attacks. The acquisition of Cylance by Blackberry will serve to make Cylance AI software more broadly accessible, he said.

As cybersecurity continues to evolve it’s clear there is no hope of leveling the playing field against increasingly sophisticated attacks without relying more on various forms of AI. The AI frameworks being developed are not capable of replacing cybersecurity specialists. But they do serve to augment of the capabilities of cybersecurity professionals, at a time when there are thousands of open cybersecurity job postings. Most organizations have no hope of applying security policies to IoT devices without relying more on automation infused by various types of algorithms.

At the same time, however, cybersecurity concerns are hampering rollouts of IoT projects. Most organizations have multiple IoT initiatives underway, but very few of them have made it into a production environment. Gartner’s 2016 “Internet of Things Backbone Survey” found security was the top barrier to IoT success (35 percent), followed by privacy concerns (25 percent) and potential risks and liabilities (25 percent).

Most cybersecurity professionals are still coming to terms with the implications of AI. Anything that provides them an advantage over attackers is always welcome. But many cybersecurity professionals have expressed concerns about lack of visibility into how AI offerings function. While there’s certainly plenty of room for improvement, cybersecurity professionals know it’s now only a matter of time before cybercriminals start to apply AI themselves more aggressively.

Featured eBook
The Next Generation of Application Security

The Next Generation of Application Security

Application security is usually done by finding, fixing and preventing vulnerabilities, with an emphasis on finding solutions to prevent cybersecurity events in the future. However, many of the breaches we’re seeing are caused by a vulnerability related to the application, often because developers move so quickly to push out new code. AppSec promises to become ... Read More
Security Boulevard
Michael Vizard

Michael Vizard

Mike Vizard is a seasoned IT journalist with over 25 years of experience. He also contributed to IT Business Edge, Channel Insider, Baseline and a variety of other IT titles. Previously, Vizard was the editorial director for Ziff-Davis Enterprise as well as Editor-in-Chief for CRN and InfoWorld.

mike-vizard has 137 posts and counting.See all posts by mike-vizard