Skip to main content

Microsoft Tightens Security with RiskIQ Acquisition | August 2021


Microsoft announced plans to buy RiskIQ, a cybersecurity firm that provides software to protect companies against cyberattacks. According to Bloomberg, Microsoft is set to pay more than $500 million for the acquisition. 

What Is an Acquisition? 

An acquisition happens when a company purchases another company, generally by buying most of its stock. The acquired company may become a subsidiary of the buyer, or its operations and assets may be merged with those of the buyer. Acquisitions can help companies achieve growth and improve profitability by expanding or improving their product offering. 

Increasing Cybersecurity Threats 

RiskIQ, founded in 2009, plays an important role in analyzing security threats for major companies such as BMW, Facebook, and American Express. As a leader in digital threat management, RiskIQ helps security analysts and enterprises understand potential threats, conduct investigations, assess risks, and take action. The strong customer base and community of security professionals that RiskIQ has built are incredibly valuable to Microsoft. 

As one of the biggest companies in the world, Microsoft faces many cybersecurity threats and challenges. Ransomware attacks a system and encrypts its data, holding the information hostage until a ransom is paid. These types of attacks are pervasive, disruptive, and a serious ongoing threat.  

Recently, Microsoft battled ransomware attacks from a Russian-linked ransomware group and faced a breach of its Exchange email service by a Chinese-linked group. The email breach potentially exposed data from organizations including state and local governments, academic institutions, infectious disease researchers, and other businesses. 

Additionally, the remote and hybrid work trend as a result of the COVID-19 pandemic has increased reliance on cloud computing for businesses across the board. This trend has presented unique risks and vulnerabilities as attacks become more sophisticated and frequent. Even small companies can be targeted by attackers. 

Microsoft Beefs Up Security 

To protect itself, its employees, and its millions of customers, the technology company has expanded its security tools in recent years. One way Microsoft has achieved this is through acquisitions. For example, in addition to RiskIQ, Microsoft has acquired CloudKnox Security, a leader in cloud infrastructure entitlement management. Microsoft will likely integrate RiskIQ into its own security offerings such as Microsoft 365 Defender, Microsoft Azure Defender, and Microsoft Azure Sentinel, but details have yet to be announced. These products help protect and defend users in multi-cloud and hybrid cloud environments. 

In the Classroom 

This article can be used to assess the advantages of acquisitions, discussed in Chapter 4: Options for Organizing Business.  

Discussion Questions 

  1. What are some of the advantages of acquisitions? 
  2. Why would RiskIQ want to be acquired by a larger technology company such as Microsoft? 
  3. How does RiskIQ’s software stand to improve Microsoft’s product offering? 

Video Discussion 

To learn more about ransomware, students can watch this Wall Street Journal video, Why Ransomware Attacks Are on the Rise and How the U.S. Can Fight Them.


  1. What is ransomware? 
  2. Why is ransomware becoming an increasingly severe problem? 
  3. What can individuals and companies do to better protect themselves from ransomware attacks? 

This article was developed with the support of Kelsey Reddick for and under the direction of O.C. Ferrell and Linda Ferrell. 


Clare Duffy, "Microsoft to Acquire Cybersecurity Firm RiskIQ as Cyber Threats Mount," CNN, July 12, 2021, 

Microsoft, "Microsoft to Acquire RiskIQ to Strengthen Cybersecurity of Digital Transformation and Hybrid Work," July 12, 2021, 

Tom Warren, "Microsoft Acquires Cybersecurity Firm RiskIQ as the Threat of Ransomware Intensifies," The Verge, July 12, 2021, 

About the Author

O.C. Ferrell is the James T. Pursell Sr. Eminent Scholar in Ethics and Director of the Center for Ethical Organizational Cultures in the Raymond J. Harbert College of Business, Auburn University. He was formerly Distinguished Professor of Leadership and Business Ethics at Belmont University and University Distinguished Professor at the University of New Mexico. He has also been on the faculties of the University of Wyoming, Colorado State University, University of Memphis, Texas A&M University, Illinois State University, and Southern Illinois University. He received his Ph.D. in marketing from Louisiana State University.

Profile Photo of OC Ferrell