Cyber-Security Firm FireEye Announces Layoffs

Cyber-Security Firm FireEye Announces Layoffs

Cyber security firm FireEye Inc said on Thursday it planned to lay off 300 to 400 of its 3,400 workers as it announced quarterly sales below its own forecast, due to a slowdown in demand for its services helping businesses respond to hacking attacks.

FireEye’s shares were down 16.2 percent at $14.02 in extended trading.

The Milpitas, California-based company also cut its full-year sales outlook.

Chief Financial Officer Michael Berry told Reuters that the job cuts were part of a restructuring effort that will reduce annual costs by about $80 million (roughly Rs. 534 crores).

Chief Executive Kevin Mandia said the company is now responding more frequently to financially driven cyber criminals, who engage in crimes such as ransomware, which are relatively simple to clean up.

“The size and scope have changed. The whole remediation was more complex” when the company was responding to large numbers of state-sponsored hacks from China, he said.

FireEye cut its full-year revenue forecast to $716 million-$728 million (roughly Rs. 4,783 crores – Rs. 4,864 crores) from $780 million-$810 million (roughly Rs. 5,211 crores – Rs. 5,412 crores).

The company is still targeting non-GAAP profitability by the end of 2017 and expect to generate positive free-cash flow in 2017, Berry said on a conference call.

It reported second-quarter revenue of $175 million (roughly Rs. 1,169 crores) , missing its own projection of $178 million to $185 million (roughly Rs. 1,189 crores to Rs. 1,236 crores).

Executives blamed much of the trouble on a slowdown in its services business, including its high-profile Mandiant forensics unit that helps organizations respond to cyber-attacks.

That division’s revenue rose just 2 percent in the second quarter, compared to a 40 percent increase in the first quarter. Its total number of engagements rose, but average revenue from each one fell dramatically because work performed was less extensive.

Mandia said that was due to a shift away from previous years where there were large numbers of state-sponsored espionage hackers from China attacking customers in the United States.

FireEye and other cyber-security firms said in June that cyber-espionage attacks from China appeared to have dropped this year as the Chinese government made good on a pledge with the United States to stop supporting the digital theft of US trade secrets.

The company reported lower-than-expected billings, a closely watched indicator of future business.

FireEye posted second-quarter billings of 196.4 million, below its forecast of $200 million to $215 million.

It also cut its full-year billings forecast to a range of $835 million to $855 million, from its previous range of $975 million to $1.055 billion.

In contrast, peer Symantec Corp reported second-quarter revenue and adjusted profit above the average analyst estimates, helped by strong enterprise demand for its security products.

Up to Thursday’s close, FireEye shares had fallen more than 62 percent in the last 12 months.

© Thomson Reuters 2016

Tags: Cyber Security, FireEye, Internet, Job Cuts, Layoffs



IBM to Purchase Cyber-Security Firm Resilient Systems

IBM to Purchase Cyber-Security Firm Resilient Systems

IBM Security plans to acquire private cyber-security firm Resilient Systems, the computing giant said Monday, as part of a move to expand its role in the incident response market.

The sale comes amid a consolidation in the cyber-sector and a decline in valuations of public and private cyber-firms. Some investors believe the companies were overvalued after a host of headline-grabbing hacks against the US government and major corporations increased interest in the market.

Terms of the deal were not disclosed. The acquisition is being announced during the RSA security conference in San Francisco and expected to close later this year subject to regulatory review.

IBM said it intends to retain the roughly 100 employees working at Resilient Systems, including Chief Executive Officer John Bruce, a former vice president at Symantec, and Chief Technology Officer Bruce Schneier, a prominent cryptographer, security blogger and author.

“Our intent is all these guys are going to come on board,” said Marc van Zadelhoff, general manager of IBM Security, told Reuters. “You acquire technology, but you really want to acquire people.”

Known as Co3 Systems when it was founded in 2010, Resilient Systems has become a leading player in the high-demand field of incident response by helping private and government customers prepare for, detect and mitigate cyber-breaches, said Jon Oltsik, senior principal analyst at Enterprise Strategy Group.

Incident response is “hot in the market,” Oltsik said. “Customers are spending a lot of money on cyber-security to address their shortcomings.”

The acquisition comes against the backdrop of a US cyber-security market slogging through a funding slump, forcing some startups to sell themselves or cut spending.

IBM also said on Monday it is creating X-Force Incident Response Services, which will leverage Resilient Systems’ technology and talent to help clients identify and respond to cyber-threats.

The X-Force service will also rely on a new partnership with cyber-firm Carbon Black, which IBM said will help its analysts conduct security forensics on compromised endpoint devices and discover where a breach first occurred.

© Thomson Reuters 2016

Download the Gadgets 360 app for Android and iOS to stay up to date with the latest tech news, product reviews, and exclusive deals on the popular mobiles.

Tags: IBM, Internet

US Cyber-Security Experts Test Skills in Exercise Meant to Stop Attacks

US Cyber-Security Experts Test Skills in Exercise Meant to Stop Attacks

The moment a US official pressed a computer key Tuesday, dozens of security experts who gathered in an underground control room girded themselves for a cyber-attack – a drill meant to thwart the kinds of intrusions that have recently crippled health networks and retail giants.

The weeklong event run by the Homeland Security Department and hosted by the US Secret Service is now a decade old. But officials say this week’s exercises are becoming more important as both the government and private sector have reeled from breaches of personal data.

More than 1,000 US cyber-security professionals are participating in – and testing how well they respond to – a mock attack, said Gregory Touhill, a Homeland Security Department deputy assistant secretary for cyber-security protection. They’ll be working together for three days in Washington and across the nation.

“Retail and health care have been in the headlines – and, frankly, in the crosshairs for a lot of criminals,” Touhill said. Household names like Target Corp., The Home Depot, UCLA Health Systems and AnthemInc. have all faced recent cyber-attacks that compromised millions of their customers’ data.

(Also see:  Anthem Hit by Massive Cyber-Security breach)

US officials wouldn’t detail the attack scenarios unfolding this week because they said it would tip off the drill’s participants. But they said their event has one, overarching scenario, with roughly 1,000 smaller events – spurred by a phone call, an email or a news article – that could be indicators of an looming cyber-attack.

Suzanne Spaulding, a top Homeland Security cyber official, said the “challenge is here and now.” She pointed to a “nightmare” scenario last December, in which hackers attacked the Ukrainian electrical grid and cut power to about a quarter-million people.

During previous US-led tests, officials found what they called areas for improvement. Touhill said at least two areas from a previous test are still being addressed, including ensuring people have and follow protocols, and security personnel share information effectively.

Secret Service Director Joseph Clancy described the event Tuesday as a way to stay one step ahead of criminals who’ve taken advantage of new and changing technology, and who have changed their own tactics.

In addition to eight participating state governments – Wyoming, Missouri, Mississippi, Georgia, Maine, Nevada, Oklahoma and Oregon – officials from five countries are also observing the exercises. The Homeland Security Department wouldn’t reveal the countries involved.

Other participants include health companies, Internet service providers, telephone companies and retail organizations. The aim is to test human response and coordination, not necessarily the participants’ technical skills.

“We’re looking to find the failure points, to raise the bar in every scenario,” Touhill said.

Recent attacks have also hammered the financial sector, in which a 2014 data breach at JPMorgan Chase affected more than 76 million households and 7 million small businesses. The bank said hackers may have stolen names, addresses, phone numbers and email addresses.

Meanwhile, US officials told Congress last year the Office of Personnel Management didn’t take basic steps to secure their computer networks. That allowed to Chinese-linked hackers to steal private information about nearly every federal employee, as well as detailed personal histories of millions who had security clearances.

Download the Gadgets 360 app for Android and iOS to stay up to date with the latest tech news, product reviews, and exclusive deals on the popular mobiles.

Tags: Cyber attack, Cyber security, Homeland Security Department, Internet

Union Cabinet Approves Cyber-Security Deal With the UAE

Union Cabinet Approves Cyber-Security Deal With the UAE

The union cabinet on Thursday accorded approval to the Memorandum of Understanding (MoU) between India and the United Arab Emirates (UAE) on technical cooperation in cyberspace and combating cybercrime.

The MoU was signed last month between the two countries.

The agreement would pave the way for both countries cooperating mutually in combating cybercrime, particularly through coordination and exchange of information in relation with cybercrime and training in cybercrime investigation, an official statement said.

The ministry of home affairs will be the nodal agency on the Indian side responsible for the implementation of this agreement.

“The enhancement of technical cooperation between India and the UAE in cyberspace and combating cybercrime comes in the wake of the serious threat of cybercrime on the security, interest and safety of the people,” the statement said.

Earlier this week, a report found that when it comes to vulnerability to cyber-attacks, India along with China, Russia, Saudi Arabia and South Korea is most vulnerable.

While the US is ranked 11th safest of 44 nations studied, several Scandinavian countries like Denmark, Norway and Finland were ranked the safest in the book authored by V.S. Subrahmanian, professor of computer science at the University of Maryland.

“Our goal was to characterise how vulnerable different countries were, identify their current cyber-security policies and determine how those policies might need to change in response to this new information,” said Subrahmanian, with the University of Maryland Institute for Advanced Computer Studies (UMIACS).