Risk
11/11/2010
01:23 PM
George V. Hulme
George V. Hulme
Commentary
50%
50%

Security M&A: Where Innovation (Too Often) Goes To Die

Following a handful of high profile security acquisitions this year, the ever-simmering topic of security industry consolidation has once again surfaced.

Following a handful of high profile security acquisitions this year, the ever-simmering topic of security industry consolidation has once again surfaced.InformationWeek's Mathew J. Schwartz examined the potential impact of the rash of security acquisitions this year, from Symantec's bagging VeriSign, PGP and GuardianEdge throughout Intel's great shock to the IT security market by nabbing McAfee for nearly $8 billion.

Some of these acquisitions make sense, and have the potential to simplify the lives of security managers, such as Symantec's acquisition of PGP. Symantec has a solid footing in the endpoint security market, and the demand for encryption has been heating up. Should Symantec, through the acquisition, be able to simplify how security admins can manage their endpoint firewalls, anti-malware, and encryption software all the better.

Other acquisitions are desperate grasps for growth. I think McAfee's being acquired by Intel is an example. Anyone who thinks that Intel is going to be able to bake anti-virus into high-speed silicon and provide any adequate level of defense for mobile devices is smoking a pipe dream with some very high-grade contraband.

Stuffing signatures into anti-malware engines to try to block malware is yesterday's model and a dying cash cow. Today the threats move too fast, change too quickly, and are too many. And attackers are targeting too many devices on too many varying operating systems on way too many form factors. There is no way the old anti-virus signature model can keep up, no matter how tightly it is integrated with the silicon.

These acquisition spurts are nothing new. I interviewed Stratton Sclavos after VeriSign acquired network solutions for $21 billion in 2000 and I interviewed John Thompson and after Symantec acquired Veritas. And I covered hundreds of acquisitions in between and whether it was in the 1990s, early 2000s, or now the reasons were always the same.

VeriSign, for example, in 2003 acquired a privately held security services provider Guardent, and the reasons cited were to help simplify its intrusion detection system and vulnerability management services. Other reasons cited for that and other security deals also sound just like the reasoning today: security is considered more important now, security has gained higher awareness in the boardroom and other rationales we repeatedly hear every few years.

Some of these acquisitions will turn out well. Most will not. If customers are lucky, the acquiring company will allow the acquired products and services to be sold independently. But, most of the time, those offerings tend get assimilated and tailored for the acquiring vendors core product set. Rigamortis then sets in and any hope for evolutionary let alone innovative growth in the product dies. Many products are then discontinued.

The good news is that these acquisitions make room for entirely new generations of security vendors that will bring to market solutions needed for the changing landscape brought on by wide adoption of virtualization, cloud, mobile, and whatever the else the future has in store.

For my security and technology observations throughout the day find me on Twitter.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Flash Poll
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2015-4497
Published: 2015-08-29
Use-after-free vulnerability in the CanvasRenderingContext2D implementation in Mozilla Firefox before 40.0.3 and Firefox ESR 38.x before 38.2.1 allows remote attackers to execute arbitrary code by leveraging improper interaction between resize events and changes to Cascading Style Sheets (CSS) token...

CVE-2015-4498
Published: 2015-08-29
The add-on installation feature in Mozilla Firefox before 40.0.3 and Firefox ESR 38.x before 38.2.1 allows remote attackers to bypass an intended user-confirmation requirement by constructing a crafted data: URL and triggering navigation to an arbitrary http: or https: URL at a certain early point i...

CVE-2014-9651
Published: 2015-08-28
Buffer overflow in CHICKEN 4.9.0.x before 4.9.0.2, 4.9.x before 4.9.1, and before 5.0 allows attackers to have unspecified impact via a positive START argument to the "substring-index[-ci] procedures."

CVE-2015-1171
Published: 2015-08-28
Stack-based buffer overflow in GSM SIM Utility (aka SIM Card Editor) 6.6 allows remote attackers to execute arbitrary code via a long entry in a .sms file.

CVE-2015-2987
Published: 2015-08-28
Type74 ED before 4.0 misuses 128-bit ECB encryption for small files, which makes it easier for attackers to obtain plaintext data via differential cryptanalysis of a file with an original length smaller than 128 bits.

Dark Reading Radio
Archived Dark Reading Radio
Another Black Hat is in the books and Dark Reading was there. Join the editors as they share their top stories, biggest lessons, and best conversations from the premier security conference.