Microsoft Corporation (MSFT) has acquired cybersecurity firm RiskIQ for an undisclosed sum to bolster its security credentials. The Redmond, Washington-based company did not disclose the acquisition's terms, but Bloomberg pegs the deal's price at $500 million in cash. 

Key Takeaways

  • Microsoft has acquired security software firm RiskIQ for an undisclosed sum.
  • The acquisition is intended to bolster Microsoft's security business, which boasted revenues of $10 billion in January.
  • Microsoft's purchase will enhance its security offerings to customers and protect its cloud applications from hacks.

"With the acquisition of RiskIQ, we will continue our mission to help customers defend their growing digital real estate against increasing cyber threats," stated Eric Doerr, senior vice president of cloud security at Microsoft, in a blog on the company's website.

Founded in 2009, RiskIQ has raised $83 million from investors. It specializes in cloud security, meaning its solutions monitor operations and security across cloud applications. "We're thrilled to add RiskIQ's Attack Surface and Threat Intelligence solutions to the Microsoft Security portfolio, extending and accelerating our impact. Our combined capabilities will enable best-in-class protection, investigations, and response against today's threats," stated Elias Manousos, RiskIQ cofounder and CEO.

This is Microsoft's second acquisition of security software in as many months. Last month, the company purchased ReFirm Labs, a maker of open-source software for Internet of Things devices. ReFirm Labs' solutions focus on firmware – the code that links a system's hardware and its operating system.

Why Did Microsoft Buy RiskIQ? 

While Microsoft is best known for its productivity software, its security unit has become an increasingly important component of its business. It reported $10 billion in revenues in January this year, leading some analysts to refer to the company as a "cybersecurity behemoth."

The unit has a diverse range of offerings that span the security spectrum, from on-premise software to solutions that protect data in the cloud, and employs 3,500 people. It also has a threat intelligence center that uses data signals and analytics to prevent and analyze cyberattacks. The RiskIQ acquisition will add to the company's portfolio of security offerings and generate additional revenue from the unit.

It will also help strengthen the suite of services at Azure – Microsoft's cloud solution, which contributed 42.4%  to the company's total revenue figures in Q3 2021. "I think we are going to see increased cloud adoption. We’re going to see increased usage of end-to-end security suites like what we offer," Microsoft CEO Satya Nadella told analysts during the company's April earnings call.

The RiskIQ acquisition will also help counter the threat of hacks into Microsoft's cloud applications. In March, the company said that Chinese hackers had accessed servers for Microsoft Exchange and gained email addresses for personnel from corporate and government entities that used its product.