IBM recently acquired Randori, a four-year-old startup that helps enterprises manage their attack surfaces by identifying and prioritizing their externally facing on-premises and cloud assets.

Monday was the first day of the 2022 RSA Conference, and Big Blue announced the Randori acquisition. By examining its infrastructure from the point of view of a threat actor, IBM hopes to enable its customers to identify previously unknown weaknesses in their security posture.

IBM is planning to integrate Randori's software with its QRadar extended detection and response (XDR) capabilities in order to provide real-time insight into threat surfaces for tasks such as threat hunting and incident response. According to IBM, the approach will reduce the amount of manual work required for monitoring new applications and quickly addressing emerging threats.

Over the past two years, organizations have expanded their external attack surfaces by 67 percent, according to IBM research. Cloud computing, third-party services, and the Internet of Things (IoT) all contributed to the growth. According to the study, 69 percent of organizations were compromised via internet-facing assets.

Mary O'Brien, general manager of IBM Security, said in a statement, 'Organizations must understand the attacker's perspective in order to find their most critical blind spots and focus their efforts on areas that minimize business disruption and damage to revenue and reputation.'

Perimeter 81, another network security startup founded in 2018, reached unicorn status on the same day IBM announced Randori. It raised $165 million in total funding and raised its valuation to $1 billion after raising $100 million in Series C funding.

Cloud-based services offered by the company include zero-trust network access and firewall-as-a-service. While the platform has been focusing on secure access service edges (SASEs), it is better suited for nascent secure service edges (SSEs).

Our platform streamlines network security management and enables businesses to easily secure remote access, network traffic, and endpoint devices in order to securely enable the modern workforce,' co-founder and CEO Amit Bareket wrote in a blog post.

In both announcements, cybersecurity vendors work to secure organizations that adopt multi-cloud strategies and expand IT beyond traditional datacenters to the cloud and out to the edge. To protect their data and applications, they are seeking tools that will shrink their attack surfaces.

The COVID-19 pandemic and the rapid shift to remote work only accelerated the demand for cybersecurity products and services. Acquisitions by established players looking to build more complete cybersecurity portfolios and huge investments in startups reinforce the importance of these technologies.

Advisory firm Momentum Cyber reported $77.5 billion in mergers and acquisitions in the cybersecurity space in 2021 — a 'landmark and record-smashing year' — and $29.3 billion in venture capital (PE) and private equity (VC) investments were made in the sector.

In an email, John Bambenek, a principal threat researcher at cybersecurity vendor Netenrich, said that large companies are trying to acquire security companies to build a portfolio and/or market share.

The cyber insurance market is pulling back and/or hiking rates because there are huge losses due to cybersecurity incidents. At this point, it's like a 'curing cancer' problem. Whoever can figure it out will make all the money.'

Bambenek says many enterprises have mature cybersecurity postures, but they're still getting breached, saying 'metrics don't match the reality on the ground. The security industry doesn't solve fundamental problems. Ten years later, we still have ransomware.'

Additionally, CySafe, which was founded in 2014, announced Monday that it had raised $28 million in its Series B round, bringing the company's total funding to $40 million. With CySafe's software platform, organizations can manage human cyber risks through security awareness and training.