Risk
11/11/2010
01:23 PM
George V. Hulme
George V. Hulme
Commentary
Connect Directly
RSS
E-Mail
50%
50%

Security M&A: Where Innovation (Too Often) Goes To Die

Following a handful of high profile security acquisitions this year, the ever-simmering topic of security industry consolidation has once again surfaced.

Following a handful of high profile security acquisitions this year, the ever-simmering topic of security industry consolidation has once again surfaced.InformationWeek's Mathew J. Schwartz examined the potential impact of the rash of security acquisitions this year, from Symantec's bagging VeriSign, PGP and GuardianEdge throughout Intel's great shock to the IT security market by nabbing McAfee for nearly $8 billion.

Some of these acquisitions make sense, and have the potential to simplify the lives of security managers, such as Symantec's acquisition of PGP. Symantec has a solid footing in the endpoint security market, and the demand for encryption has been heating up. Should Symantec, through the acquisition, be able to simplify how security admins can manage their endpoint firewalls, anti-malware, and encryption software all the better.

Other acquisitions are desperate grasps for growth. I think McAfee's being acquired by Intel is an example. Anyone who thinks that Intel is going to be able to bake anti-virus into high-speed silicon and provide any adequate level of defense for mobile devices is smoking a pipe dream with some very high-grade contraband.

Stuffing signatures into anti-malware engines to try to block malware is yesterday's model and a dying cash cow. Today the threats move too fast, change too quickly, and are too many. And attackers are targeting too many devices on too many varying operating systems on way too many form factors. There is no way the old anti-virus signature model can keep up, no matter how tightly it is integrated with the silicon.

These acquisition spurts are nothing new. I interviewed Stratton Sclavos after VeriSign acquired network solutions for $21 billion in 2000 and I interviewed John Thompson and after Symantec acquired Veritas. And I covered hundreds of acquisitions in between and whether it was in the 1990s, early 2000s, or now the reasons were always the same.

VeriSign, for example, in 2003 acquired a privately held security services provider Guardent, and the reasons cited were to help simplify its intrusion detection system and vulnerability management services. Other reasons cited for that and other security deals also sound just like the reasoning today: security is considered more important now, security has gained higher awareness in the boardroom and other rationales we repeatedly hear every few years.

Some of these acquisitions will turn out well. Most will not. If customers are lucky, the acquiring company will allow the acquired products and services to be sold independently. But, most of the time, those offerings tend get assimilated and tailored for the acquiring vendors core product set. Rigamortis then sets in and any hope for evolutionary let alone innovative growth in the product dies. Many products are then discontinued.

The good news is that these acquisitions make room for entirely new generations of security vendors that will bring to market solutions needed for the changing landscape brought on by wide adoption of virtualization, cloud, mobile, and whatever the else the future has in store.

For my security and technology observations throughout the day find me on Twitter.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Flash Poll
Current Issue
Cartoon
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2012-6651
Published: 2014-07-31
Multiple directory traversal vulnerabilities in the Vitamin plugin before 1.1.0 for WordPress allow remote attackers to access arbitrary files via a .. (dot dot) in the path parameter to (1) add_headers.php or (2) minify.php.

CVE-2014-2970
Published: 2014-07-31
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2014-5139. Reason: This candidate is a duplicate of CVE-2014-5139, and has also been used to refer to an unrelated topic that is currently outside the scope of CVE. This unrelated topic is a LibreSSL code change adding functionality ...

CVE-2014-3488
Published: 2014-07-31
The SslHandler in Netty before 3.9.2 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a crafted SSLv2Hello message.

CVE-2014-3554
Published: 2014-07-31
Buffer overflow in the ndp_msg_opt_dnssl_domain function in libndp allows remote routers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted DNS Search List (DNSSL) in an IPv6 router advertisement.

CVE-2014-5171
Published: 2014-07-31
SAP HANA Extend Application Services (XS) does not encrypt transmissions for applications that enable form based authentication using SSL, which allows remote attackers to obtain credentials and other sensitive information by sniffing the network.

Best of the Web
Dark Reading Radio