Cloud container vulnerabilities increase – report

BY Richard Summerfield

Adoption of cloud technology has increased considerably in recent years, however vulnerabilities in cloud containers have also increased, according to a new report from Skybox Security.

Skybox’s ‘2019 Vulnerability and Threat Trends Report: Mid-Year Update’ notes that vulnerabilities in cloud containers have increased by 46 percent compared to the same period in 2018, and by 240 percent compared to 2017,. However, less than 1 percent of newly published vulnerabilities were exploited in the wild, with 9 percent having any functioning exploit developed at all.

Over the last two years, the total number of new vulnerabilities has outpaced any other previous year. However, the number of vulnerability reports in the first half of 2019 declined by 13 percent compared to the same period last year. Still, the current figures are historically high, and it seems annual totals of around 15,000 new common vulnerabilities and exposures (CVEs) will be the new norm.

“More than 7000 new vulnerabilities were discovered in the first half of 2019 — that’s still significantly more than figures we’d see for an entire year pre-2017. So, organisations are likely still going to be drowning in the vulnerability flood for some time,” said Ron Davidson, chief technology officer and vice president of research and development at Skybox. “Roughly a tenth of these have an exploit available and just one percent are exploited in the wild. That’s why it’s so critical to weave in threat intelligence into prioritization methods, and of course consider which vulnerable assets are exposed and unprotected by security controls.”

To better protect themselves against attack, the report suggests that companies “assess occurrences against the latest threat intelligence, as well as the relationship of vulnerable assets to the security controls that could protect them. This way, action will be focused on the small subset of vulnerabilities posing a critical risk to your business.”

Organisations should ensure that they have reliable coverage to assess and prioritise vulnerabilities in public and private clouds and operational technology systems to truly understand the risks they face.

The report also noted that cryptocurrency ransomware, botnets, and backdoors appear to have substituted cryptocurrency mining malware as a tool of choice for cyber criminals. The use of these methods increased by 10 percent, 8 percent and 18 percent respectively.

Report: 2019 Vulnerability and Threat Trends Report: Mid-Year Update

EssilorLuxottica’s GrandVision

BY Richard Summerfield

Franco-Italian eyewear manufacturer and retailer EssilorLuxottica is to acquire Dutch rival GrandVision in a deal worth $8bn.

EssilorLuxottica will pay at least €28 a share for investment firm HAL Optical Investments’ roughly 77 percent stake in Grandvision. Following completion of the deal, EssilorLuxottica will be obliged to make an offer for the rest of GrandVision’s shares.

However, the transaction is expected to attract considerable regulatory scrutiny, particularly in light of the lengthy review that European antitrust authorities undertook when approving the $53bn merger between Essilor and Luxottica in 2017. Furthermore, EssilorLuxottica has already been criticised for its alleged prohibitive prices and bullying tactics. The addition of GrandVision to the company’s portfolio of brands may be unacceptable to regulators.

If approved, the deal will see EssilorLuxottica acquire 7200 new stores globally, over 37,000 employees and €3.7bn in annual revenue.

“This acquisition is another step towards our ambition to eradicate poor vision in the world before 2050,” said Hubert Sagnières, executive vice chairman of EssilorLuxottica. “Following the combination with Luxottica, it‘s a milestone in our vision of reshaping the optical industry with the aim to provide all consumers of the world a better optical experience with higher quality eyewear. We look forward to welcoming the 37,000 employees of GrandVision to the growing EssilorLuxottica family. Together, we will have an even stronger voice to champion better vision everywhere in the world.”

 “The future integration of GrandVision with EssilorLuxottica brings new opportunities to GrandVision’s business, its well-established retail banners, stores, employees and all our stakeholders,” said Stephan Borchert, chief executive of GrandVision. “Furthermore, it will create a truly global eyecare and eyewear company that is ideally positioned to capture changing consumer needs and behaviors, and provide its customers with a high quality optical omni-channel customer experience. This transaction is expected to provide value to GrandVision’s shareholders, while allowing for the acceleration of GrandVision’s growth strategy through the expansion of our store network and online platforms. EssilorLuxottica’s interest in joining forces with GrandVision is a clear recognition of GrandVision’s successful strategy, our state-of-the-art retail platform and our people. We look forward to joining forces with EssilorLuxottica in what will be an exciting new chapter ahead.”

At the time of announcing the deal for GrandVisison, EssilorLuxottica also reported revenues of €8.78bn during the first half of the year, up 7.3 percent.

News: EssilorLuxottica sets sights on retail dominance with $8 billion GrandVision deal

M&A deal value in MENA spikes in H1 2019, says new report

BY Fraser Tennant

Deal value in the Middle East and North Africa (MENA) region increased by 220.8 percent to $115.5bn in H1 2019 – up from $36bn in H1 2018 – according to a new EY report.

In its ‘H1 MENA M&A’ report, EY reveals that, while deal value increased significantly. deal volume witnessed a decrease of 10.7 percent, with 216 announced deals in H1 2019, down from 242 deals recorded in H1 2018.

Among the key deals in H1 2019 was Uber’s acquisition of Careem Networks for $3.1bn, the largest technology sector transaction to date in the Middle East, as home-grown technology start-ups find themselves being pursued by global players. The largest deal during H1 2019 was Saudi Aramco’s acquisition of a 70 percent stake in SABIC worth $69.1bn from PIF.

“MENA corporates are finding innovative ways to raise capital and have stepped up the frequency of their portfolio reviews,” said Matthew Benson, MENA transaction advisory services leader at EY. “Companies are reviewing their portfolios every quarter or more frequently – more often than global executives. With more frequent portfolio reviews, several non-core businesses are set aside for divestment thereby fuelling deal activity.”

In terms of domestic M&A activity, deal value in H1 2019 was driven by mega deals, with 111 deals amounting to $79.3bn, compared with 96 deals amounting to $5.5bn in H1 2018. In comparison, MENA witnessed 65 outbound M&A deals worth $21bn, compared with 77 deals worth $18.2bn in H1 2018.

As far as inbound investment is concerned, H1 2019 witnessed a fall in M&A deal volume in the MENA region, with 40 deals amounting to $15.1bn, compared with 69 deals valued at $12.3bn in H1 2018. The United Arab Emirates (UAE) was ranked the highest in terms of inbound M&A investment in the region, with 20 deals amounting to $14.4bn.

The EY report also reveals that the oil & gas sector was the top target sector for inbound activity, accounting for $10.8bn. Furthermore, four out of the six inbound deals in the sector were in the UAE, including three mega deals.

“Large sums of inbound M&A reinforce the MENA investment thesis,” said Anil Menon, MENA M&A and equity capital markets leader at EY. “We continue to believe that these are good times for strategic acquisitions in MENA.”

Report: EY H1 MENA M&A

Bain buys 60 percent stake in Kantar

BY Richard Summerfield

Bain Capital is to acquire a 60 percent stake in data analytics firm Kantar from debt-laden British multinational advertising and public relations company WPP.

The deal values Kantar at about $4bn. The sale will give WPP agencies, including Ogilvy and Wunderman Thompson, an infusion of funds to reduce their debt and rebuild. WPP said it will use about 60 percent of the proceeds of the sale to cut its net debt to the low end of a targeted range of 1.5-1.75 times core earnings for 2020. The rest of the money will be returned to shareholders. The deal is expected to close in early 2020, subjected to approval from WPP shareholder and regulatory approval.

Private equity giant Bain was engaged in an auction for Kantar and is believed to have overcome Apollo Global Management, Platinum Equity and Vista Equity Partners in the final round of bidding.

“Kantar is a great business and we look forward to working with Bain Capital to unlock its full potential,” said Mark Read, chief executive of WPP. “As a strategic partner and shareholder in Kantar, WPP will continue to benefit from its future growth while our clients continue to benefit from its services and capabilities. I would like to thank Eric Salama, his team and everyone at Kantar for their tremendous contribution to WPP – a contribution that will continue as we develop the business together. This transaction creates value for WPP shareholders and further simplifies our company. With a much stronger balance sheet and a return of approximately 8 percent of our current market value to shareholders planned, we are making good progress with our transformation.”

“Kantar is a market leader in many areas and we are excited to be partnering with its management team and WPP to build on this remarkable platform for growth,” said Luca Bassi, a managing director at Bain Capital Private Equity. “We see many opportunities for expansion and will invest in technology to expand the company’s capabilities and reinforce its global leading position.”

“Our new ownership structure presents a great opportunity for Kantar, our employees and our clients,” said Eric Salama, chief executive of Kantar. “In Bain Capital we have a partner who shares our ambition, brings relevant expertise and – with WPP – can help us accelerate our growth and impact for clients. We are focused on delivering ‘human understanding at scale and speed’ and the ‘best of Kantar’ more consistently. We will do so by investing more in talent and by becoming a more technology-driven solutions provider.”

News: Bain Buys Huge Stake in Market Research Business for $4 Billion

British Airways faces record GDPR fine

BY Richard Summerfield

British Airways is to be fined £183.39m by the UK’s Information Commissioner’s Office (ICO) for data protection breaches.

The fine, as set forth by the ICO, will be the largest penalty handed down since the implementation of the European Union’s (EU’s) General Data Protection Regulation (GDPR). The regulator said the company will have a chance to contest the proposed fine, which is roughly 1.5 percent of airline’s annual revenue of £11.6bn worldwide in 2018, well below the maximum rate of 4 percent that can be applied under the GDPR.

According to the ICO, weak security on the airline’s website allowed users to be diverted away to a fraudulent page, starting in June 2018. The ICO’s investigation found that the incident involved customer details including login, payment card, name, address and travel booking information of around 500,000 users had been harvested.

“People’s personal data is just that – personal,” said Information Commissioner Elizabeth Denham. “When an organisation fails to protect it from loss, damage or theft it is more than an inconvenience. That’s why the law is clear – when you are entrusted with personal data you must look after it. Those that don’t will face scrutiny from my office to check they have taken appropriate steps to protect fundamental privacy rights.”

British Airways, which has subsequently improved its security protocols, has said it will fight the ruling. The airline can appeal against the findings and scale of the fine before a final decision by the ICO. “We are surprised and disappointed in this initial finding from the ICO,” said Alex Cruz, the chair and chief executive of British Airways. “British Airways responded quickly to a criminal act to steal customers’ data. We have found no evidence of fraud/fraudulent activity on accounts linked to the theft. We apologise to our customers for any inconvenience this event caused.”

The ICO noted: “British Airways has cooperated with the ICO investigation and has made improvements to its security arrangements since these events came to light. The company will now have opportunity to make representations to the ICO as to the proposed findings and sanction.”

News: British Airways faces record 183.4 million pounds fine over data theft

©2001-2019 Financier Worldwide Ltd. All rights reserved.