Google is reportedly close to a $23 billion deal to acquire cloud security company Wiz.
In what could be the tech giant's biggest acquisition ever, the Wall Street Journal reports that Google parent company Alphabet is looking to acquire a cloud cybersecurity startup whose current partners include Oracle and Amazon.
The New York Times reported that the deal is in advanced stages of discussion but remains uncertain and subject to potential scrutiny by US regulators. The same newspaper also noted that Google Cloud President Thomas Kurian is the main driver behind the acquisition plan.
Wiz claims to secure businesses’ cloud infrastructure “by creating a normalization layer between cloud environments,” allowing companies to “quickly identify and remove critical risks.” Google’s acquisition of such a cloud cybersecurity company and the integration of its tools and solutions across its portfolio could have a huge impact on the industry at a time when Microsoft is constantly under fire for its security vulnerabilities.
The $23 billion acquisition is expected to be double Google's previous largest when it bought Motorola Mobility for $12.5 billion in 2012.
Cybersecurity is clearly at the forefront of Google’s agenda in 2024. In May, Google introduced Google Threat Intelligence, which combines deep insight into threats with Gemini’s AI capabilities to enhance the process. Gemini, formerly known as Bard, is Google’s multi-modal AI model built to identify security threats and generate summaries of their findings.
While Google appears to be prioritizing cloud computing security this year, it’s also a long-term strategy. In 2022, the tech giant acquired two security companies, buying Israeli security startup Siemplify for $500 million and Mandiant for $5.4 billion.
What could this mean for the industry?
Google's acquisition of Wiz could have a major impact on the tech industry.
First, integrating Wiz’s advanced security technologies into Google’s cloud infrastructure would give a major boost to Google Cloud Platform (GCP). This would increase its appeal to businesses that prioritize strong cybersecurity, an area where Google has historically lagged behind Microsoft Azure and Amazon Web Services (AWS).
With its dominance in enterprise cloud computing products and services via Azure and comprehensive security offerings like Microsoft Defender, a more comprehensive solution from Google and Wiz could give Microsoft increased competition. Wiz’s capabilities could enable Google to offer more secure and comprehensive cloud solutions, potentially attracting customers from Microsoft’s base.
Moreover, this acquisition could accelerate Google's portfolio and innovations in AI-powered security, an area in which Microsoft has invested heavily, as evidenced by the launch of Copilot for Security in April.
What about unified communications and collaboration space specifically?
If acquired, Google could integrate Wiz’s advanced security features into its Google Workspace platform to provide greater protection for communications and collaboration tools like Gmail, Google Meet, and Google Drive. This would address growing concerns about data security and privacy in remote work environments, making Google Workspace more attractive to enterprise customers.
The acquisition will also allow Google to differentiate its collaboration tools from competitors like Microsoft Teams and Slack by focusing on superior security. The premium security and protection features could lead to increased adoption of Google Workspace in highly regulated industries, such as finance and healthcare, where data protection is paramount.
The implications of integrating Wiz features across Workspace could also be compelling. It could spur innovation in unified communications, prompting competitors to beef up their own security measures to stay competitive in a crowded market.
Google beefs up security as Microsoft security concerns grow
Google’s acquisition of Wiz comes at a difficult time for Microsoft, which was criticized by the US Cybersecurity Review Board (CSRB) in April. The CSRB criticized Microsoft for “prioritizing” corporate security, prompting Microsoft executives to tie the company’s security goals to their compensation packages.
The Civil Service Review Board noted that Microsoft should have been better equipped to counter Chinese hackers who breached U.S. government emails through Microsoft Exchange Online in July 2023 in the Storm-0558 cyberattack.
Meanwhile, in October, hacked Skype accounts were compromised to spread the DarkGate malware, and Microsoft Teams was also targeted. In November, Russian hackers breached Microsoft’s defenses, gaining access to the email accounts of several members of its senior leadership team and stealing source code. Microsoft did not detect the attack for nearly two months and it was only discovered in January.
Google has identified Microsoft’s alleged security vulnerabilities as an area to address in recent months. In May, Google published a blog post implicitly criticizing Microsoft’s “security failures” in recent years while urging reforms to public-sector security in the United States.
Google, without explicitly naming Microsoft, only referring to it as a “vendor” in its blog, advises public sector entities to use “systems and products that are secure by design.” This recommendation is consistent with new principles Google recently adopted.
Google also suggests that governments avoid “using the same provider for operating systems, email, office software, and security tools” in order to “reduce the culture of monopoly.” Microsoft provides all of these services to its corporate customers, including the U.S. government and the public sector more broadly.
It’s worth noting that Google ended its blog post by announcing a new solution for Google Workspace to provide more options for public sector organizations in the United States. To say that Google is on a cybersecurity offensive would be an understatement.
