Risk
11/11/2010
01:23 PM
George V. Hulme
George V. Hulme
Commentary
50%
50%

Security M&A: Where Innovation (Too Often) Goes To Die

Following a handful of high profile security acquisitions this year, the ever-simmering topic of security industry consolidation has once again surfaced.

Following a handful of high profile security acquisitions this year, the ever-simmering topic of security industry consolidation has once again surfaced.InformationWeek's Mathew J. Schwartz examined the potential impact of the rash of security acquisitions this year, from Symantec's bagging VeriSign, PGP and GuardianEdge throughout Intel's great shock to the IT security market by nabbing McAfee for nearly $8 billion.

Some of these acquisitions make sense, and have the potential to simplify the lives of security managers, such as Symantec's acquisition of PGP. Symantec has a solid footing in the endpoint security market, and the demand for encryption has been heating up. Should Symantec, through the acquisition, be able to simplify how security admins can manage their endpoint firewalls, anti-malware, and encryption software all the better.

Other acquisitions are desperate grasps for growth. I think McAfee's being acquired by Intel is an example. Anyone who thinks that Intel is going to be able to bake anti-virus into high-speed silicon and provide any adequate level of defense for mobile devices is smoking a pipe dream with some very high-grade contraband.

Stuffing signatures into anti-malware engines to try to block malware is yesterday's model and a dying cash cow. Today the threats move too fast, change too quickly, and are too many. And attackers are targeting too many devices on too many varying operating systems on way too many form factors. There is no way the old anti-virus signature model can keep up, no matter how tightly it is integrated with the silicon.

These acquisition spurts are nothing new. I interviewed Stratton Sclavos after VeriSign acquired network solutions for $21 billion in 2000 and I interviewed John Thompson and after Symantec acquired Veritas. And I covered hundreds of acquisitions in between and whether it was in the 1990s, early 2000s, or now the reasons were always the same.

VeriSign, for example, in 2003 acquired a privately held security services provider Guardent, and the reasons cited were to help simplify its intrusion detection system and vulnerability management services. Other reasons cited for that and other security deals also sound just like the reasoning today: security is considered more important now, security has gained higher awareness in the boardroom and other rationales we repeatedly hear every few years.

Some of these acquisitions will turn out well. Most will not. If customers are lucky, the acquiring company will allow the acquired products and services to be sold independently. But, most of the time, those offerings tend get assimilated and tailored for the acquiring vendors core product set. Rigamortis then sets in and any hope for evolutionary let alone innovative growth in the product dies. Many products are then discontinued.

The good news is that these acquisitions make room for entirely new generations of security vendors that will bring to market solutions needed for the changing landscape brought on by wide adoption of virtualization, cloud, mobile, and whatever the else the future has in store.

For my security and technology observations throughout the day find me on Twitter.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2015-4231
Published: 2015-07-03
The Python interpreter in Cisco NX-OS 6.2(8a) on Nexus 7000 devices allows local users to bypass intended access restrictions and delete an arbitrary VDC's files by leveraging administrative privileges in one VDC, aka Bug ID CSCur08416.

CVE-2015-4232
Published: 2015-07-03
Cisco NX-OS 6.2(10) on Nexus and MDS 9000 devices allows local users to execute arbitrary OS commands by entering crafted tar parameters in the CLI, aka Bug ID CSCus44856.

CVE-2015-4234
Published: 2015-07-03
Cisco NX-OS 6.0(2) and 6.2(2) on Nexus devices has an improper OS configuration, which allows local users to obtain root access via unspecified input to the Python interpreter, aka Bug IDs CSCun02887, CSCur00115, and CSCur00127.

CVE-2015-4237
Published: 2015-07-03
The CLI parser in Cisco NX-OS 4.1(2)E1(1), 6.2(11b), 6.2(12), 7.2(0)ZZ(99.1), 7.2(0)ZZ(99.3), and 9.1(1)SV1(3.1.8) on Nexus devices allows local users to execute arbitrary OS commands via crafted characters in a filename, aka Bug IDs CSCuv08491, CSCuv08443, CSCuv08480, CSCuv08448, CSCuu99291, CSCuv0...

CVE-2015-4239
Published: 2015-07-03
Cisco Adaptive Security Appliance (ASA) Software 9.3(2.243) and 100.13(0.21) allows remote attackers to cause a denial of service (device reload) by sending crafted OSPFv2 packets on the local network, aka Bug ID CSCus84220.

Dark Reading Radio
Archived Dark Reading Radio
Marc Spitler, co-author of the Verizon DBIR will share some of the lesser-known but most intriguing tidbits from the massive report