{"id":805,"date":"2024-11-11T16:47:32","date_gmt":"2024-11-11T16:47:32","guid":{"rendered":"https:\/\/cybersecurityinfocus.com\/?p=805"},"modified":"2024-11-11T16:47:32","modified_gmt":"2024-11-11T16:47:32","slug":"blackberry-cylance-customers-should-explore-options-now-that-its-immediate-future-is-vague-expert","status":"publish","type":"post","link":"https:\/\/cybersecurityinfocus.com\/?p=805","title":{"rendered":"BlackBerry Cylance customers should \u2018explore options\u2019 now that its immediate future is vague: Expert"},"content":{"rendered":"
\n
\n
\n
\n
<\/div>\n

At last month\u2019s SecTor cybersecurity conference in Toronto, BlackBerry\u2019s booth highlighted its Cylance endpoint detection and response (EDR) product, featuring the new Cylance-based managed EDR service it launched earlier in the year.<\/p>\n

However, a week before the show, BlackBerry executives told analysts at an investor day that the future of Cylance is up in the air.<\/p>\n

Selling Cylance \u2014 which BlackBerry acquired in 2018 for US$1.4 billion<\/a> \u2014 is an option, CEO John Giamatteo made clear.<\/p>\n

\u201cCylance still requires significant investment to drive growth,\u201d he said. In fact, he said, Cylance has sopped up most of BlackBerry\u2019s recent capital spending as it brought the original endpoint malware detection product up to an EDR solution and created the MDR offering. That spending made the company\u2019s cybersecurity division \u2013 which also includes BlackBerry UEM (unified endpoint management), AtHoc (for critical event management) and Secusmart (for secure mobile communications) \u2013 operate only \u201cabout break-even\u201d this year.<\/p>\n

\u201cWe don\u2019t believe ongoing investment [in Cylance] at the current levels is sustainable and unlikely to generate acceptable return on capital,\u201d Giamatteo said.<\/p>\n

As for the future, \u201call the options [are] on the table,\u201d he added.<\/p>\n

What does that mean for CISOs and infosec leaders who have invested in Cylance, or are considering buying either the endpoint or MDR solution?<\/p>\n

\u201cLong term prospects for the [Cylance] offering are unclear,\u201d IT consulting firm Omdia warned its customers in the wake of the executive\u2019s statements. Omdia analyst Fernando Montenegro, who attended that October 16 presentation, said CISOs looking for solutions may still find use cases for BlackBerry UEM, Ad Hoc, and Secusmart, \u201cbut the case for Cylance has become a lot more narrow. If your organization uses Cylance now, it\u2019s definitely worth a conversation with your account team to understand how their stated direction affects your organization\u2019s usage.\u201d<\/p>\n

Fritz Jean-Louis, principal cybersecurity advisor at Info-Tech Research Group and a former CISO, was blunter: \u201cLuck favours the prepared,\u201d he said. \u201cIt\u2019s time to start engaging with other vendors to explore options.\u201d<\/p>\n

When BlackBerry was asked for comment, a spokesperson said, \u201cWe continue to support and service our Cylance customers as we always have.\u201d<\/p>\n

Asked if CISOs should be worried about the vagueness of the plans for Cylance, Montenegro replied \u201cI\u2019m not sure \u2018worried\u2019 is the right term, but it\u2019s definitely something to discuss, particularly if you are considering whether or not to adopt managed services.\u201d<\/p>\n

Montenegro gives BlackBerry credit for aiming Cylance at the mid-market customers through the MDR solution. \u201cIf they can execute on that MDR strategy, all the AI stuff they can do may be able to give them [BlackBerry] something,\u201d he told CSO Online this week. \u201cBut they are choosing to [mainly] compete on MDR,\u201d he noted, \u201cand not directly on endpoint stuff.\u201d<\/p>\n

Taking a step back<\/h2>\n

It\u2019s not that BlackBerry has said it will stop spending on Cylance. But within the cybersecurity portfolio, executives noted that AtHoc is the growth driver, and there are \u201cample\u201d market growth opportunities with it, UEM, and Secusmart.<\/p>\n

\u201cAfter all that investment [in Cylance],\u201d Giamatteo said, \u201cmaybe now is the time to take a step back and say, \u2018I think we can find the right balance of the continued right level of investment to be competitive and keep our innovation going, but at the same time meet the financial health of the company.\u2019\u201d<\/p>\n

Where would the shift in capital spending go? Into BlackBerry\u2019s expanding IoT division and its QNX operating system for embedded systems, including vehicles.<\/p>\n

Asked if CISOs have tuned out financially struggling BlackBerry for cybersecurity products, Montenegro replied, \u201cmost of the conversation on cybersecurity has pretty much shifted elsewhere. At Omdia we\u2019re looking at three main areas for 2025: security platforms, AI and risk. Despite having the heritage of Cylance, I think they [BlackBerry] are not as involved in the conversation [by CISOs] on the AI side. They are not as involved on the platform side as well.\u201d He added that BlackBerry, over time, \u201chas certainly fallen from, \u2018They are the first person we think of in that scenario.\u2019 Does this mean they are done [on the cybersecurity front]? Absolutely not. But they must execute on a different play with MDR that they are building up.\u201d<\/p>\n

Questions for CISOs<\/h2>\n

In an email, Jean-Louis said the potential divestiture of Cylance from Blackberry may introduce concerns for CISOs currently using the software in their organizations.\u00a0<\/p>\n

These include:<\/p>\n

how a transition period would impact support. \u201cDuring a transition, focus can be divided, and operational support could be impacted, resulting in servicing delays that are critical to timely incident response,\u201d he said.<\/p>\n

how would future and existing operational features be impacted? During a transition, Blackberry may slow down research and development, resulting in new feature releases being delayed or even cancelled.\u00a0 How will those decisions impact tool capabilities and performance?<\/p>\n

identifying new security tools and capabilities is time-consuming, both tactically and strategically difficult, and requires months of effort to drive informed decision-making.<\/p>\n

what happens if my organization leverages other Blackberry cybersecurity services linked to Cylance? How will that impact associated services?<\/p>\n

Sale is just one option<\/h2>\n

Giamatteo and CFO Tim Foote emphasized that over the past year they have pruned US$135 million in expenses, hoping to bring the company to cash-flow positive by the end of the current fiscal year.<\/p>\n

However, at the end of the investor day executive presentations, technology and financial analysts jumped on the vague statements about Cylance. Referring to his CFO\u2019s statements, Giamatteo said selling the product is one alternative. Foote talked of exploring options for saving more money, Giamatteo said, and selling Cylance could be one.<\/p>\n<\/div>\n<\/div>\n<\/div>\n<\/div>","protected":false},"excerpt":{"rendered":"

At last month\u2019s SecTor cybersecurity conference in Toronto, BlackBerry\u2019s booth highlighted its Cylance endpoint detection and response (EDR) product, featuring the new Cylance-based managed EDR service it launched earlier in the year. However, a week before the show, BlackBerry executives told analysts at an investor day that the future of Cylance is up in the […]<\/p>\n","protected":false},"author":0,"featured_media":806,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[3],"tags":[],"class_list":["post-805","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-education"],"_links":{"self":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/posts\/805"}],"collection":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"replies":[{"embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=805"}],"version-history":[{"count":0,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/posts\/805\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/media\/806"}],"wp:attachment":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=805"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=805"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=805"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}