Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

06:08 PM
Curtis Franklin
Curtis Franklin
Curt Franklin

McAfee's Independence Day

Six years after a purchase by Intel, McAfee is once again a private company with a new focus and an old name.

On April 4, a new/old name in cybersecurity returned as McAfee's separation from Intel became final. The six-year marriage of the two companies failed to produce the kind of synergy that such acquisitions generally promise, with Intel announcing last September that the split was imminent. Now, McAfee representatives say the company is looking forward to a future more focused than the one possible as part of Intel.

The opening fanfare
On August 19, 2010, Intel announced that it would acquire McAfee for approximately $7.68 billion. In the press release announcing the deal, Intel CEO Paul Otellini explained the justification for the purchase. "In the past, energy-efficient performance and connectivity have defined computing requirements. Looking forward, security will join those as a third pillar of what people demand from all computing experiences," said Otellini.

In the same release, Renée James, Intel senior vice president and general manager of the group that would include McAfee, pointed to the specific benefits hardware-based Intel saw in the deal. "Hardware-enhanced security will lead to breakthroughs in effectively countering the increasingly sophisticated threats of today and tomorrow," said James.

According to news stories at the time, analysts and investors were skeptical about the value of the deal. The New York Times noted that "investors appeared flummoxed by the purchase, Intel's biggest ever, sending the company’s shares down about 3.5 percent" in after-hours trading.

While there were certainly hardware and software products that came from what became known as Intel Security, the promised synergy between the two never fully materialized.

The new McAfee
Now, McAfee has returned as a private company in a partnership of Intel and private equity firm TPG. The financial transactions are complicated, but in the end TPG and Intel took ownership of a company valued at approximately $2.2 billion plus another $2 billion of debt. In a written statement in September, Brian Krzanich, CEO of Intel, said, "Security remains important in everything we do at Intel and going forward we will continue to integrate industry-leading security and privacy capabilities in our products from the cloud to billions of smart, connected computing devices."

So what will McAfee be able to do that Intel Security could not? In a telephone interview with Brian Dye, EVP of corporate products at McAfee, I asked how the McAfee of April 30 would be different than the McAfee of January 1.

"We're an independent company with a clear vision and a new investment," Dye began. "The biggest thing that improves for us at the end of April compared to the beginning of the year, is that we've got the unified force, not just of the parts of the organization that aren't changing -- engineering, support, sales, marketing, services -- but we get the whole-hearted and fully aligned support of the back-end systems of the company. Finance, IT, HR, and legal, fully aligned around what we need to succeed and be agile and responsive as a pure-play cyber security company."

He continued, "Frankly, we're one of the largest pure-play cyber security companies in the world. That's really the biggest difference. Our thesis on the market -- the restructure of the portfolio -- that started a year, year-and-a-half ago. But the full alignment of the organization in pursuit of that mission, that's really what changes by the end of April."

New focus
When asked about the practical ways in which the renewed focus would have an impact on McAfee and its customers, Dye listed four areas where McAfee will concentrate its efforts: endpoint, data center, cloud edge and security operations center.

Dye began with endpoints because, he said, McAfee has established leadership in the space. "We've got a tremendously broad installed base of over 60 million nodes, and we've really put a lot of renewed focus, especially over the last year and a half, in technology leadership at the endpoint," he said. "We're adding the machine learning, and the recent NSS test results demonstrate the results of our labor there."

The data center has become increasingly important "as folks move from physical, to virtual, to either software-defined networking and software-defined data centers, or to public infrastructure as a service," Dye said. It's vital, he explained, to go beyond simple process automation to what he called "organizationally aware automation."

"I'll give you an example: In the days of VMware, all the sysadmins loved VMware because they could spin up a new server instance in 20 minutes. The security team hated it, because the sysadmin team could spin up a new server in 20 minutes and never tell the security team when they did it," he said. "We've solved that by being able to detect when new AMIs, new instances, spin up and then notify the security team. So it's not just security automation, it's organizationally aware automation."

The cloud edge is where Dye feels many people are surprised by a McAfee presence. "Just as there's a lot of platform consolidation happening at the endpoint with multiple technologies coming in under a common agent, we see that same thing happening at the cloud edge," he said, "where the web gateways have become web SaaS services, web SaaS services are driving partnerships with the CASB [cloud access security broker] vendors, the CASB vendors are moving from shadow IT discovery to content control."

McAfee's response was a recognition of what was already in the portfolio. "We just had to put it together as one single service. And we think this is going to be a market where one service is going to be the right answer."

Finally, Dye said that the security operations center, or SOC, is key for McAfee, "...because we find that that's really the hub for a lot of security automation, especially if you're following the NIST Cyber Framework, which we shorthand into Protect, Detect, and Correct." He explained that the SOC is the logical place for companies to centralize automation, and McAfee wants to be at the heart of automating analysis, investigation and remediation.

Integrating and automating security across the enterprise will be McAfee's focus, Dye said, because it's the only way to move cybersecurity forward. "What we need to do is to create integrated security systems for our customers that let them free up their most limited resource, which is people, and then once they free up that bandwidth, they can use that to drive security success, not just security administration."

— Curtis Franklin, Security Editor, Light Reading

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
Overcoming the Challenge of Shorter Certificate Lifespans
Mike Cooper, Founder & CEO of Revocent,  10/15/2020
7 Tips for Choosing Security Metrics That Matter
Ericka Chickowski, Contributing Writer,  10/19/2020
Register for Dark Reading Newsletters
White Papers
Current Issue
Special Report: Computing's New Normal
This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
Flash Poll
How IT Security Organizations are Attacking the Cybersecurity Problem
How IT Security Organizations are Attacking the Cybersecurity Problem
The COVID-19 pandemic turned the world -- and enterprise computing -- on end. Here's a look at how cybersecurity teams are retrenching their defense strategies, rebuilding their teams, and selecting new technologies to stop the oncoming rise of online attacks.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
PUBLISHED: 2020-10-22
The FileImporter extension in MediaWiki through 1.35.0 was not properly attributing various user actions to a specific user's IP address. Instead, for various actions, it would report the IP address of an internal Wikimedia Foundation server by omitting X-Forwarded-For data. This resulted in an inab...
PUBLISHED: 2020-10-22
The Cosmos Skin for MediaWiki through 1.35.0 has stored XSS because MediaWiki messages were not being properly escaped. This is related to wfMessage and Html::rawElement, as demonstrated by CosmosSocialProfile::getUserGroups.
PUBLISHED: 2020-10-22
In Python 3 through 3.9.0, the Lib/test/multibytecodec_support.py CJK codec tests call eval() on content retrieved via HTTP.
PUBLISHED: 2020-10-21
WSO2 API Manager 3.1.0 and earlier has reflected XSS on the "publisher" component's admin interface. More precisely, it is possible to inject an XSS payload into the owner POST parameter, which does not filter user inputs. By putting an XSS payload in place of a valid Owner Name, a modal b...
PUBLISHED: 2020-10-21
Adobe InDesign version 15.1.2 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious .indd file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability.