Another exit for an Israeli enterprise startup and a deeper move into Israel by one of the world’s tech titans: IBM today announced the acquisition of Trusteer, a specialist in cybersecurity primarily for financial services. Terms of the deal have not been disclosed, but we have been digging and heard from a source that it’s $1 billion, after Israeli financial paper Calcalist (in Hebrew) earlier reported the deal in the range of between $800 million and $1 billion. If correct, that’s a huge exit: the company had only raised $10.1 million from angels and U.S. Venture Partners.
(We have reached out to one of Trusteer’s founding investors and to IBM to try to confirm the price, and are continuing to look elsewhere. IBM declined to comment on the price and Trusteer’s investor has not responded.)
The sale is a sign not only of the growing awareness and issue around cybersecurity, but also of IBM’s ambition to make this a bigger part of its own business. Existing enterprise security services from IBM include counter-fraud software and services such as QRadar, i2, SPSS, InfoSphere and Enterprise Content Management. IBM’s most recent quarterly earnings, from July, where it reported sales of $25.7 billion, showed a decline in services revenue but a rise within those focused on the cloud. In that regard, the Trusteer acquisition is an indication of how moving into more, next-generation services like cybersecurity is part of IBM’s bigger strategy to evolve.
As part of the deal, IBM will establish a security R&D lab in Tel Aviv, where 200 Trusteer and IBM employees will work on mobile and application security solutions, as well as advanced threat, malware, counter-fraud, and financial crimes solutions. Establishing local operations out of Israeli acquisitions is an oft-treaded route (some believe that this was one of the key tipping points for why Israeli social mapping startup Waze never got bought by Facebook; the social network wanted Waze in Menlo Park while Google, who did end up buying it for over $1 billion, has let Waze keep its dual California-Israel operations.) IBM already had other R&D operations in the country, but this will be their first focused on security specifically. Trusteer had a second headquarters in Boston.
Since first opening for business in 2006, Trusteer has picked up some 300 banking customers, including seven of the top 10 in the U.S. and nine in the UK. Calcalist reports that at the current rate of growth — adding some 25 enterprises each month at the moment — Trusteer projects that it will have 700 customers in two years’ time.
The rise of networked services, and the growth of connected devices to use with those networked services, has seen a corresponding rise in cyber security threats. Malicious hackers grow in number, and get more creative with how they infiltrate systems. That’s leading some security companies (Cyvera is one example I wrote about this week) to think outside the box for how to tackle problems specifically around zero-day (that is, never before identified and solved) attacks. And Trusteer is also among those trying to think creatively about how best to protect its customers. One example: for mobile banking security, it focuses on endpoints in the system — that is, mobile devices — to detect malware that could make its way from a device into the network.
This is one of the areas that most attracted IBM. “Trusteer’s expertise and superior technology in enterprise endpoint defense and advanced malware prevention will help our clients across all industries address the constantly evolving threats they are facing,” said Brendan Hannigan, GM, Security Systems Division, IBM, in a statement.
And just as malicious hackers are getting more creative, so are enterprises — another area that Trusteer is trying to tap into. “The way organizations protect data is quickly evolving,” said Mickey Boodaei, CEO, Trusteer, in a statement. “As attacks become more sophisticated, traditional approaches to securing enterprise and mobile data are no longer valid. Trusteer has helped hundreds of large banks and organizations around the world defeat thousands of sophisticated attacks using innovative solutions that combine intelligence, cloud, mobile, and desktop technologies.” Trusteer notes that other areas that will get covered in the acquisition will include cloud-based “security as a service,” (the other SaaS).