Blackberry announced a strategic acquisition earlier this month that will boost its ability in securing end-point devices. The purchase of cybersecurity and artificial intelligence company Cylance for $1.4 billion in cashOpens a new window , confirms that, with the iconic handset no longer ubiquitous in the business community, Blackberry is determined to consolidate a now decade-long shift into mobile and autonomous car software.
California-based Cylance makes machine learning-based products designed to prevent cyberattacks on companies. It was founded in 2012 and claims to generate strong revenue streams from more than 3,500 enterprise customers, which make up over 20% of the Fortune 500.
The company has pioneered the application of artificial intelligence, algorithmic science and machine learning to cybersecurity software to predict and prevent both known and unknown threats to fixed endpoints. Its software is hosted on the endpoint deviceOpens a new window , continues to work when the device is offline and consumes minimal power.
Canada-based BlackBerry is planning to use Cylance’s embeddable AI technology to push forward the development of the recently-launched BlackBerry SparkOpens a new window “Enterprise of Things†communications platform, which enables Internet of Things devices used by businesses to securely connect with each other. The new addition to the stable should also complement existing products including the Unified Endpoint Management and its QNX embedded operating system.
Cylance Aquisition to Boost Spark
In a recent earnings report, BlackBerry said it now generates about 90% of its revenues from software and services. The company shifted focus from mobile handsets to software when their popularity began to decline as smartphones from Apple and Samsung, among others, began to dominate the market.
“Cylance’s leadership in artificial intelligence and cybersecurity will immediately complement our entire portfolio, UEM and QNX in particular,†John Chen, BlackBerry executive chairman and chief executive, said in a statement. “We are very excited to onboard their team and leverage our newly-combined expertise. We believe adding Cylance’s capabilities to our trusted advantages in privacy, secure mobility, and embedded systems will make BlackBerry Spark indispensable to realizing the Enterprise of Things.â€
As well as the cash component, the transaction will include the assumption of Cylance’s unvested employee incentives. The deal is expected to be completed before BlackBerry’s financial year ends in February 2019, pending regulatory approvals. Cylance will operate as a separate unit within the wider company.
“Our highly skilled cybersecurity workforce and market leadership in next-generation endpoint solutions will be a perfect fit within BlackBerry where our customers, teams and technologies will gain immediate benefits from BlackBerry’s global reach,†says Stuart McClure, Cylance’s co-founder, chairman and CEO in the statement. “We are eager to leverage BlackBerry’s mobility and security strengths to adapt our advanced AI technology to deliver a single platform.â€
Who Gets the Encryption Key?
Some cybersecurity experts have questioned the sense of the tie-up, given BlackBerry’s policy of ‘lawful access’ to its data. In 2010, at a time when its handset business was thriving, the company is thought to have given up details of its global encryption key to Canadian federal police.
In 2016, CEO Chen was critical of Apple for standing in the way of US law enforcement’s demands for access to its user data.
However, he later made clear in a blog post that “BlackBerry’s products do not have backdoors, because at the end of the day, what we sell is trust. Our customers, some of the most powerful organizations in the world, trust us to keep their data private and safe from bad actors, and that’s what we do.â€
He told Forbes last year that his company would only break its encryption if requested to do so by a court order, and pointed out that encryption was an increasingly difficult thing to crack.
The company has insisted that none of its enterprise software products have a universal decryption key, but there is nevertheless a concern that if a ‘golden key’ exists to allow law enforcement to decode messages, there is always a risk it could be infiltrated or stolen by hackers.
“Anyone that whitelists malware of any type runs the risk of weakening critical infrastructure for everyone, including governments and citizens,†said Harry Halpin, a security researcher at French computer science research institute Inria and at the Massachusetts Institute of Technology. No malware should ever be whitelisted.
The security of connected devices is becoming an increasingly hot area, with 20 billion devices expected to be connected to the internet by 2020.