More consolidation is afoot in the world of cybersecurity, particularly round providers to assist organizations handle identity and access. Today, One Identity — which gives instruments for managing “zero trust” access to programs, in addition to operating log management and different governance providers for enterprises — introduced that it has acquired OneLogin, a rival to corporations like Okta, Ping and others in the world of safe sign-on providers for finish customers.
Terms of the acquisition — which formally closed final week, on October 1 — should not being disclosed, however we are attempting to discover out. For some background, One Identity at the moment it’s a part of Quest Software, which is privately held by PE agency Francisco Partners. Before that it was a a part of Dell. Francisco initially partnered with Elliott to purchase Quest and associated property from Dell back in 2016 as a part of the latter’s streamlining efforts, in a deal that on the time was reportedly value about $2 billion. The firm has some 7,500 enterprise clients and says that it manages some 250 million identities.
OneLogin, in the meantime, final disclosed funding in 2019 — a $100 million Series D that valued it at $330 million, in accordance to PitchBook data. (Note: you’ll discover that PItchBook lists one other fundraise after this, however it doesn’t specify a date, or an quantity.) OneLogin has some 5,500 clients together with the likes of Airbus, Stitch Fix, the AAA, and Pandora. Together, the businesses will deal with some 290 million identities below management, Quest CEO Patrick Nichols advised TechCrunch in an interview. This determine consists of not simply “people” however M2M-style nodes on programs, he added.
The M&A comes amid a greater shift in the safety business. In the intervening years since each Dell bought off its property, and OneIdentity raised cash, cybersecurity threats have solely grown, fueled by the continuing shift to extra cloud providers and folks and organizations doing extra enterprise digitally. (OneLogin, citing information from IBM, estimates that the typical price of breach now stands at $3.86 million, though that additionally doesn’t embrace the numerous price to a company’s fame and belief with its customers.)
Within that greater pattern, identity management — and usually extra doubtless mis-management — has been an particularly susceptible space, with malicious hackers utilizing a number of methods relying each on refined expertise and human error to crack into programs.
When contemplating the completely different menace vectors in the market at the moment, “70% of them are a direct result of poor identity management,” Nichols stated, citing analysis from Verizon. And the menace is especially acute in half as a result of the variety of finish factors are rising quickly, not due to extra folks approaching to networks, however due to extra related gadgets. Half of the endpoints on a system are usually gadgets slightly than particular people, he stated, “and once they get breached, it is just like stealing a password.”
And on the similar time, after years of utilizing point-solutions for various points of their cybersecurity methods, enterprises are more and more in search of platforms and greater toolsets that may deal with a number of features to have a extra unified image of system exercise, and to guarantee that there’s much less threat of two completely different cybersecurity instruments inadvertently conflicting.
All of this factors to extra consolidation. In the precise case of One Identity, the corporate sees a chance in offering a fuller set of providers to clients past these to assist them handle networks internally, by including on extra end-user dealing with instruments. Similarly, the considering goes that clients of OneLogin may also have an interest in bringing extra of their cyber technique on to a single platform.
“Right now, organizations see a twofold gain from consolidating around a platform player in cybersecurity,” Nichols stated. The first is, “to increase efficiency” however the different, he identified, is laws. With extra regulatory oversight in how corporations are dealing with their cybersecurity challenges, the strain is on them to make their programs extra resilient, and having too many elements turns into a problem to handle for that purpose, too.
“Joining One Identity provides us with the ability to further accelerate our growth and provide additional value for both of our customers,” added Brad Brooks, CEO of OneLogin, in a assertion. “With OneLogin’s robust unified platform for both workforce and CIAM, combining forces with One Identity’s suite of products including their PAM solution, will allow new and existing customers, on a global scale, to tap into the market’s only unified identity security platform.”
It will likely be fascinating to see how and if we proceed to see extra M&A strikes in the house. Okta has been a very acquisitive participant to date, and there are nonetheless a variety of corporations available on the market overlaying completely different points of the identity problem which are nonetheless unbiased. (Jumio being one instance.)
The mixed firm will cowl a variety of providers, together with Privileged Access Management (PAM); Identity Governance and Administration (IGA); Active Directory Management and Security; and now Identity & Access Management (IAM).
“With the proliferation of human and machine identities, the race to the cloud and the rise of remote working, identity is quickly becoming the new edge – and protecting identity in an end-to-end manner has never been more important,” stated Bhagwat Swaroop, president and basic supervisor of One Identity, in a assertion. “By adding OneLogin to our portfolio, and incorporating it into our cloud-first Unified Identity Security Platform, we can help customers holistically correlate all identities, verify everything before granting access to critical assets and provide real-time visibility into suspicious login activity. With identity at the core, customers can now implement an adaptive zero trust strategy and dramatically improve their overall cybersecurity posture.”