Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

4/5/2017
06:08 PM
Curtis Franklin Jr.
Curtis Franklin Jr.
Curt Franklin
50%
50%

McAfee's Independence Day

Six years after a purchase by Intel, McAfee is once again a private company with a new focus and an old name.

On April 4, a new/old name in cybersecurity returned as McAfee's separation from Intel became final. The six-year marriage of the two companies failed to produce the kind of synergy that such acquisitions generally promise, with Intel announcing last September that the split was imminent. Now, McAfee representatives say the company is looking forward to a future more focused than the one possible as part of Intel.

The opening fanfare
On August 19, 2010, Intel announced that it would acquire McAfee for approximately $7.68 billion. In the press release announcing the deal, Intel CEO Paul Otellini explained the justification for the purchase. "In the past, energy-efficient performance and connectivity have defined computing requirements. Looking forward, security will join those as a third pillar of what people demand from all computing experiences," said Otellini.

In the same release, Renée James, Intel senior vice president and general manager of the group that would include McAfee, pointed to the specific benefits hardware-based Intel saw in the deal. "Hardware-enhanced security will lead to breakthroughs in effectively countering the increasingly sophisticated threats of today and tomorrow," said James.

According to news stories at the time, analysts and investors were skeptical about the value of the deal. The New York Times noted that "investors appeared flummoxed by the purchase, Intel's biggest ever, sending the company’s shares down about 3.5 percent" in after-hours trading.

While there were certainly hardware and software products that came from what became known as Intel Security, the promised synergy between the two never fully materialized.

The new McAfee
Now, McAfee has returned as a private company in a partnership of Intel and private equity firm TPG. The financial transactions are complicated, but in the end TPG and Intel took ownership of a company valued at approximately $2.2 billion plus another $2 billion of debt. In a written statement in September, Brian Krzanich, CEO of Intel, said, "Security remains important in everything we do at Intel and going forward we will continue to integrate industry-leading security and privacy capabilities in our products from the cloud to billions of smart, connected computing devices."

So what will McAfee be able to do that Intel Security could not? In a telephone interview with Brian Dye, EVP of corporate products at McAfee, I asked how the McAfee of April 30 would be different than the McAfee of January 1.

"We're an independent company with a clear vision and a new investment," Dye began. "The biggest thing that improves for us at the end of April compared to the beginning of the year, is that we've got the unified force, not just of the parts of the organization that aren't changing -- engineering, support, sales, marketing, services -- but we get the whole-hearted and fully aligned support of the back-end systems of the company. Finance, IT, HR, and legal, fully aligned around what we need to succeed and be agile and responsive as a pure-play cyber security company."

He continued, "Frankly, we're one of the largest pure-play cyber security companies in the world. That's really the biggest difference. Our thesis on the market -- the restructure of the portfolio -- that started a year, year-and-a-half ago. But the full alignment of the organization in pursuit of that mission, that's really what changes by the end of April."

New focus
When asked about the practical ways in which the renewed focus would have an impact on McAfee and its customers, Dye listed four areas where McAfee will concentrate its efforts: endpoint, data center, cloud edge and security operations center.

Dye began with endpoints because, he said, McAfee has established leadership in the space. "We've got a tremendously broad installed base of over 60 million nodes, and we've really put a lot of renewed focus, especially over the last year and a half, in technology leadership at the endpoint," he said. "We're adding the machine learning, and the recent NSS test results demonstrate the results of our labor there."

The data center has become increasingly important "as folks move from physical, to virtual, to either software-defined networking and software-defined data centers, or to public infrastructure as a service," Dye said. It's vital, he explained, to go beyond simple process automation to what he called "organizationally aware automation."

"I'll give you an example: In the days of VMware, all the sysadmins loved VMware because they could spin up a new server instance in 20 minutes. The security team hated it, because the sysadmin team could spin up a new server in 20 minutes and never tell the security team when they did it," he said. "We've solved that by being able to detect when new AMIs, new instances, spin up and then notify the security team. So it's not just security automation, it's organizationally aware automation."

The cloud edge is where Dye feels many people are surprised by a McAfee presence. "Just as there's a lot of platform consolidation happening at the endpoint with multiple technologies coming in under a common agent, we see that same thing happening at the cloud edge," he said, "where the web gateways have become web SaaS services, web SaaS services are driving partnerships with the CASB [cloud access security broker] vendors, the CASB vendors are moving from shadow IT discovery to content control."

McAfee's response was a recognition of what was already in the portfolio. "We just had to put it together as one single service. And we think this is going to be a market where one service is going to be the right answer."

Finally, Dye said that the security operations center, or SOC, is key for McAfee, "...because we find that that's really the hub for a lot of security automation, especially if you're following the NIST Cyber Framework, which we shorthand into Protect, Detect, and Correct." He explained that the SOC is the logical place for companies to centralize automation, and McAfee wants to be at the heart of automating analysis, investigation and remediation.

Integrating and automating security across the enterprise will be McAfee's focus, Dye said, because it's the only way to move cybersecurity forward. "What we need to do is to create integrated security systems for our customers that let them free up their most limited resource, which is people, and then once they free up that bandwidth, they can use that to drive security success, not just security administration."

— Curtis Franklin, Security Editor, Light Reading

Comment  | 
Print  | 
More Insights
Comments
Oldest First  |  Newest First  |  Threaded View
Edge-DRsplash-10-edge-articles
I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
News
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
Commentary
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
How Enterprises are Attacking the Cybersecurity Problem
Concerns over supply chain vulnerabilities and attack visibility drove some significant changes in enterprise cybersecurity strategies over the past year. Dark Reading's 2021 Strategic Security Survey showed that many organizations are staying the course regarding the use of a mix of attack prevention and threat detection technologies and practices for dealing with cyber threats.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-41152
PUBLISHED: 2021-10-18
OpenOlat is a web-based e-learning platform for teaching, learning, assessment and communication, an LMS, a learning management system. In affected versions by manipulating the HTTP request an attacker can modify the path of a requested file download in the folder component to point to anywhere on t...
CVE-2021-41153
PUBLISHED: 2021-10-18
The evm crate is a pure Rust implementation of Ethereum Virtual Machine. In `evm` crate `< 0.31.0`, `JUMPI` opcode's condition is checked after the destination validity check. However, according to Geth and OpenEthereum, the condition check should happen before the destination validity check. Thi...
CVE-2021-41156
PUBLISHED: 2021-10-18
anuko/timetracker is an, open source time tracking system. In affected versions Time Tracker uses browser_today hidden control on a few pages to collect the today's date from user browsers. Because of not checking this parameter for sanity in versions prior to 1.19.30.5601, it was possible to craft ...
CVE-2021-42650
PUBLISHED: 2021-10-18
Cross Site Scripting (XSS vulnerability exists in Portainer before 2.9.1 via the node input box in Custom Templates.
CVE-2021-41151
PUBLISHED: 2021-10-18
Backstage is an open platform for building developer portals. In affected versions A malicious actor could read sensitive files from the environment where Scaffolder Tasks are run. The attack is executed by crafting a custom Scaffolder template with a `github:publish:pull-request` action and a parti...