Recorded Future was acquired by Mastercard yesterday for $2.65B, which is an encouraging macro indicator for the threat intelligence market and adjacent markets. Mastercard has plucked off acquisition targets in the broader cyber space in a pragmatic way to maintain competitive advantage vs Visa and others.
According to Pitchbook, Recorded Future had over $1.1B in investment pumped into the business between funding and the sale to Insight Partners a few years ago.
But what does this mean for the broader threat intelligence market and cybersecurity as a whole? This acquisition marks a pivotal moment with some specific trends:
- The broader tech sector has been working to bump up valuation and acquisition pricing this year.
- The financial industry needs to fill the gap of robust cyber tooling with the advanced capabilities of premier threat intelligence providers such as Recorded Future.
- Financial institutions are increasingly taking an active role in cybersecurity, recognizing that threats to digital payments are threats to their core business.
This gives Mastercard a first-mover advantage in rallying around intelligence as a solution. It signals that threat intelligence, in all forms, has risen to the top of the food chain as an essential part of any major SOC - moving in the direction of collective intelligence that's integrated into a cyber-centric, predictive approach.
What are the Implications?
The Recorded Future acquisition isn't just MC bolstering its own security capabilities—it's a strategic move to position the company as a leader in cybersecurity for the financial sector and beyond.
Any cybersecurity technology that Mastercard evaluates to potentially bring into its portfolio is going to be intrinsically linked somehow to reducing the risk around fraud, and around the probability of breaches occurring.
In fact, according to Experian, about 60% of credit card holders in 2023 experienced some sort of attempted fraud. And global card losses attributed to fraud reached $33 billion in 2022, according to payments industry research company Nilson Report, with the U.S. market representing roughly 40% of losses. It has forecast a persistent threat that could reach nearly $400 billion in card fraud in the decade to 2032.
- So, given that payments companies are responsible for securing transactions in the digital economy as well as POS transactions, it would certainly bolster any merchant’s security if they knew that: Mastercard was providing added cyber tech and insights to enhance how it can protect transactions with more precision. Mastercard would be rolling new technology solutions to merchants and larger enterprise customers that could help proactively reduce the risk of compromise.
- Mastercard has done this in the past - notably with the acquisition of RiskRecon in 2020, which used internet-based intelligence to measure and score risk against internet-facing assets which organizations either were or were not aware of. I was part of this acquisition, and it certainly was interesting to see the level of thinking Mastercard brought to that process.
This recent movecould lead to more customized and targeted solutions. One could envision new offerings like AI-based analysis and specialized intelligence products that integrate Recorded Future's intelligence with existing datasets from its cybersecurity and fraud prevention services.
Surely product managers are salivating over the integration,new product discussions and possibilities they can dream up. Although, like most transactions of this size, the business will remain its own operating entity under Mastercard to accommodate the large installed base.
What’s This Mean for the Threat Intelligence Market?
With the increased awareness and appetite for threat intelligence solutions on a global level, this acquisition represents an opportunity for other non-traditional cyber-cyber acquisitions. That’s usually kind of boring anyway because any cyber product company can find a way to integrate a new cyber solution and its people. That said, companies like Rapid7 recognized this need about three years ago when they acquired IntSights.
In fact, according to a Gartner report, the global threat intelligence market is projected to grow at a CAGR of 15.5% in 2023 (which seems low) and sat last year at a range between approximately $3B and $11 billion and is expected to grow to $19.5 billion by 2028. (which also seems low).
This acquisition pushes the value of the threat intelligence market into other non-cyber markets in a way that connects cyber technology to the fabric of business operations.
However, this could be the start of a consolidation of sorts of expertise and resources - Mastercard gains access to deep expertise in threat intelligence, proprietary machine learning models and as stated earlier, massive-scale data sets.
This consolidation should lead to more advanced threat detection and response solutions that benefit not only Mastercard's customers but potentially the entire ecosystem if shared more broadly.
Most large / publicly-traded cybersecurity companies already have a significant presence in the threat intelligence market. That said, this will likely prompt other financial institutions and large enterprises to consider similar moves, either by acquiring or partnering with threat intelligence companies.
I’d expect this transaction might lead to a substantial surge in market activity, driving significant innovation at organizations like Visa and Discover or even Experian, which already has an enormous partnership with Security Scorecard.
According to the Ponemon Institute, 64% of organizations globally cite the integration of threat intelligence into their security operations as a top priority, which makes sense because the smarter any team or tool can get, the better an organization can protect itself.
Smaller and independent threat intelligence vendors may feel the pressure to innovate faster and provide more specialized or niche services to stand out in a market where bigger players like Mastercard are now entering the fray with substantial resources and reach.
By integrating Recorded Future's advanced threat intelligence capabilities, Mastercard can offer more comprehensive and proactive / predictive security solutions to its customers, significantly enhancing its value proposition.
But Remember This
Not all threat intelligence solutions are created equally. Cliche yes, but true. There’s a lot of unpacking to do with what Recorded Future has under the hood. They have amassed a significant amount of data over the years and through its up and down growth cycles.
Formatting, programming languages, third-party inputs, actionability of the data and integration are just the short-list of challenges that will arise when the Mastercard team pulls this apart to build out entirely new solutions. This is also true whenmaintaining significant deployments in the enterprise and for its Federal customers - - meaning there are national security considerations here.
Do we want the protection of our nation’s infrastructure decided by a for-profit, publicly traded payments company? Because that’s real now. Recorded Future also has made its own acquisitions that it had to put integration cycles into, like Security Trails, so it’s not just an organically grown intelligence platform / IP over time that Mastercard is getting.
What’s imperative today is that operators within cybersecurity teams need intelligence to be in a format that is easily consumable, simple to integrate / make sense of and autonomous given the heavy signal-to-noise load every team gets from every tool in its SOC.
Where AI was a late-to-the-party add to Recorded Future’s Marketing message to make it sound faster, less clunky and not just intelligence reports that require human interpretation, its part band-aid and part real at the same time.
However, AI is not a standalone answer on its own, or if you can spell the words “AI.” It speeds up many processes but it isn’t the solve-all technology in every case. Threat intelligence should inform machine-based action around triage, response and risk reduction.
In summary, Mastercard forking over $2.65B for Recorded Future which is a positive step on solving what could be thought of as a multi-trillion dollar+ problem if you bundle global fraud and the costs associated with breaches - leveraging data vs people and tools which is smart. There is a long-term impact that might be felt as a result of this transaction that could help align into a new approach for the financial industry’s fight vs cybercrime.