Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Risk

11/11/2010
01:23 PM
George V. Hulme
George V. Hulme
Commentary
50%
50%

Security M&A: Where Innovation (Too Often) Goes To Die

Following a handful of high profile security acquisitions this year, the ever-simmering topic of security industry consolidation has once again surfaced.

Following a handful of high profile security acquisitions this year, the ever-simmering topic of security industry consolidation has once again surfaced.InformationWeek's Mathew J. Schwartz examined the potential impact of the rash of security acquisitions this year, from Symantec's bagging VeriSign, PGP and GuardianEdge throughout Intel's great shock to the IT security market by nabbing McAfee for nearly $8 billion.

Some of these acquisitions make sense, and have the potential to simplify the lives of security managers, such as Symantec's acquisition of PGP. Symantec has a solid footing in the endpoint security market, and the demand for encryption has been heating up. Should Symantec, through the acquisition, be able to simplify how security admins can manage their endpoint firewalls, anti-malware, and encryption software all the better.

Other acquisitions are desperate grasps for growth. I think McAfee's being acquired by Intel is an example. Anyone who thinks that Intel is going to be able to bake anti-virus into high-speed silicon and provide any adequate level of defense for mobile devices is smoking a pipe dream with some very high-grade contraband.

Stuffing signatures into anti-malware engines to try to block malware is yesterday's model and a dying cash cow. Today the threats move too fast, change too quickly, and are too many. And attackers are targeting too many devices on too many varying operating systems on way too many form factors. There is no way the old anti-virus signature model can keep up, no matter how tightly it is integrated with the silicon.

These acquisition spurts are nothing new. I interviewed Stratton Sclavos after VeriSign acquired network solutions for $21 billion in 2000 and I interviewed John Thompson and after Symantec acquired Veritas. And I covered hundreds of acquisitions in between and whether it was in the 1990s, early 2000s, or now the reasons were always the same.

VeriSign, for example, in 2003 acquired a privately held security services provider Guardent, and the reasons cited were to help simplify its intrusion detection system and vulnerability management services. Other reasons cited for that and other security deals also sound just like the reasoning today: security is considered more important now, security has gained higher awareness in the boardroom and other rationales we repeatedly hear every few years.

Some of these acquisitions will turn out well. Most will not. If customers are lucky, the acquiring company will allow the acquired products and services to be sold independently. But, most of the time, those offerings tend get assimilated and tailored for the acquiring vendors core product set. Rigamortis then sets in and any hope for evolutionary let alone innovative growth in the product dies. Many products are then discontinued.

The good news is that these acquisitions make room for entirely new generations of security vendors that will bring to market solutions needed for the changing landscape brought on by wide adoption of virtualization, cloud, mobile, and whatever the else the future has in store.

For my security and technology observations throughout the day find me on Twitter.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
COVID-19: Latest Security News & Commentary
Dark Reading Staff 5/28/2020
Stay-at-Home Orders Coincide With Massive DNS Surge
Robert Lemos, Contributing Writer,  5/27/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: Can you smell me now?
Current Issue
How Cybersecurity Incident Response Programs Work (and Why Some Don't)
This Tech Digest takes a look at the vital role cybersecurity incident response (IR) plays in managing cyber-risk within organizations. Download the Tech Digest today to find out how well-planned IR programs can detect intrusions, contain breaches, and help an organization restore normal operations.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-11844
PUBLISHED: 2020-05-29
There is an Incorrect Authorization vulnerability in Micro Focus Service Management Automation (SMA) product affecting version 2018.05 to 2020.02. The vulnerability could be exploited to provide unauthorized access to the Container Deployment Foundation.
CVE-2020-6937
PUBLISHED: 2020-05-29
A Denial of Service vulnerability in MuleSoft Mule CE/EE 3.8.x, 3.9.x, and 4.x released before April 7, 2020, could allow remote attackers to submit data which can lead to resource exhaustion.
CVE-2020-7648
PUBLISHED: 2020-05-29
All versions of snyk-broker before 4.72.2 are vulnerable to Arbitrary File Read. It allows arbitrary file reads for users who have access to Snyk's internal network by appending the URL with a fragment identifier and a whitelisted path e.g. `#package.json`
CVE-2020-7650
PUBLISHED: 2020-05-29
All versions of snyk-broker after 4.72.0 including and before 4.73.1 are vulnerable to Arbitrary File Read. It allows arbitrary file reads to users with access to Snyk's internal network of any files ending in the following extensions: yaml, yml or json.
CVE-2020-7654
PUBLISHED: 2020-05-29
All versions of snyk-broker before 4.73.1 are vulnerable to Information Exposure. It logs private keys if logging level is set to DEBUG.