Risk
11/9/2010
04:49 PM
Connect Directly
RSS
E-Mail
50%
50%
Repost This

Schwartz On Security: Reaching The M&A Tipping Point

The jury is out on whether businesses will benefit from Intel buying McAfee or from Symantec, IBM and Microsoft sucking up everything in sight.

The pace of mergers and acquisitions in the security industry has been breathtaking, but could it be headed for a stop?

Since last year, numerous top-tier smaller outfits have been snapped up by large players. Indeed, more than $10 billion has been spent in just the past six months by Symantec (VeriSign plus PGP and GuardianEdge), IBM (BigFix, OpenPages, PSS Systems), Hewlett-Packard (Fortify and ArcSight) and CA (Arcot).

Furthermore, the technology industry heavyweights -- who by virtue of their size largely innovate via acquisitions -- apparently still have oodles of cash at the ready.

What's behind the breakneck pace of acquisitions? One answer is that it's mirroring a growing awareness of security by senior executives. "Security is starting to get higher on their radar screens now," said Steve Robinson, general manager for IBM security solutions. "Many of our corporate accounts are starting to put in chief security officers, to expand their security teams and see that security has impact on all parts of their business."

This evolution and growing security understanding is -- on the upside -- leading customers to demand more consolidated approaches to mitigating their security challenges. Accordingly, said Robinson, "we need to move beyond the single product to solve a single problem, to more of a comprehensive strategy."

Cue mergers and acquisitions. But where should they end, and are businesses best served by a more all-in-one approach?

Consider Intel's $7.7 billion acquisition of McAfee, which surprised many industry watchers who thought endpoint security should be built into the operating system, rather than the motherboard.

The positive spin is that the deal has the potential to bake-in better security to PCs and mobile devices -- through to virtualized environments and the cloud -- from the get-go. But it also has the potential to be seen, in a few years, as an expensive one-size-fits-all boondoggle of AOL proportions.

Garter Group analyst John Pescatore likens the overall information security M&A equation to cars and boats: Would you buy a car from a boat maker? How about a boat from a carmaker? The short answer is, no. Now extend the paradigm to information security.

"I'm always amazed when network infrastructure vendors like Cisco and Juniper build security solutions that try to get us to put their software on our endpoints, and when software vendors like IBM Tivoli or CA acquire and try to sell network security products," he said. "These strategies always end badly -- it is why the McLobster sandwich and the Nobu Whopper never did well either."

Previous
1 of 2
Next
Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Latest Comment: LOL.
Current Issue
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2013-6213
Published: 2014-04-19
Unspecified vulnerability in Virtual User Generator in HP LoadRunner before 11.52 Patch 1 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1833.

CVE-2013-6214
Published: 2014-04-19
Unspecified vulnerability in the Integration Service in HP Universal Configuration Management Database 9.05, 10.01, and 10.10 allows remote authenticated users to obtain sensitive information via unknown vectors, aka ZDI-CAN-2042.

CVE-2012-0871
Published: 2014-04-18
The session_link_x11_socket function in login/logind-session.c in systemd-logind in systemd, possibly 37 and earlier, allows local users to create or overwrite arbitrary files via a symlink attack on the X11 user directory in /run/user/.

CVE-2012-6646
Published: 2014-04-18
F-Secure Anti-Virus, Safe Anywhere, and PSB Workstation Security before 11500 for Mac OS X allows local users to disable the Mac OS X firewall via unspecified vectors.

CVE-2013-4279
Published: 2014-04-18
imapsync 1.564 and earlier performs a release check by default, which sends sensitive information (imapsync, operating system, and Perl version) to the developer's site.

Best of the Web