Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Risk

11/20/2006
04:00 AM
50%
50%

Check Point Spends on Protection

Network specialist pays $586 million for Pointsec, a storage and mobile security vendor

Network security vendor Check Point made its first move into the data protection space today, spending $586 million for Protect Data, which owns Swedish mobile and storage security specialist Pointsec. (See Check Point Buys Protect Data.)

Until now, Check Point has focused on firewall and VPN software, although Gil Shwed, the vendor's CEO has his eye on locking down different types of enterprise data, from laptops and PDAs to removable storage media. (See Check Point Extends Security, Check Point Launches VPN-1, and Check Point Enhances NGX.)

"This is the first step in an expansion strategy," he said, during a conference call to discuss the cash tender offer this morning. "More and more data is now stored on these endpoint devices that can find themselves in the wrong hands."

There are a number of product lines within Pointsec's security software portfolio: hard-disk encryption; user identification for laptops, smartphones, and USB devices; and media encryption for flash memory drives.

Mobile data security is a hot topic at the moment, following a string of high profile security breaches and storage snafus. (See Data Security: None of Your Business?, Analysis: Storage Security , and Social Engineering, the USB Way.) The Department of Veterans' Affairs, for example, made headlines earlier this when a laptop theft put 26.5 million veterans and family members at risk of identity theft and fraud. (See VA Reports Massive Data Theft and Laptop Liabilities.)

Check Point execs are playing their cards close to their chest about how exactly Pointsec will be integrated into their product line, although Shwed hinted that both vendors' products will be on offer for the foreseeable future. "We're not sure that it will be a single piece of software," he said, in response to a question from an analyst, adding that there is still "significant" R&D to be done by the two firms.

The network security specialist was more forthcoming on its plans for the Pointsec workforce. The vendor intends to keep Pointsec's employees, according to Eyal Desheh, the Check Point CFO, who added that Pointsec CEO Peter Larsson and his management team have made a two-year commitment to stay with Check Point. In total, around 200 Pointsec workers will be joining Check Point.

Looming on the horizon, however, is at least one big-name competitor. Check Point is now up against Microsoft in the data security space thanks to the BitLocker drive encryption feature within the Vista operating system.

"What we have found is that the Microsoft platform is not enterprise ready in terms of its manageability and platform support," sniped Shwed on this morning's call. He did acknowledge that Microsoft is a competitor.

On this morning's call, Shwed predicted that there will be plenty more deals coming from Check Point. "We identified data security as an important area," he said. "We will keep looking for other opportunities and other companies in that area," he added, although he did not name any names.

Check Point has been down this road before, coughing up $205 million for security endpoint firm Zone Labs in 2003. (See Check Point Buys Zone Labs.) "It's not much bigger in terms of people than Zone Labs, but it is three to four times three to four times bigger in terms of sales," he said.

But Shwed and his team will be hoping for a smoother acquisition path than their recent attempt to acquire Maryland-based intrusion detection specialist Sourcefire. (See Check Point Snaps Up Sourcefire, Check Point Buys Sourcefire, and Sourcefire Shapes Up for IPO.) Check Point called off the acquisition amidst concerns in the U.S. about Sourcefire's importance to the American defense and intelligence communities. (See US Checks Check Point and Check Point, Sourcefire Team.)

There has even been speculation that Check Point itself could make prime acquisition bait for a hardware vendor such as EMC or HP. James Quin, senior research analyst at the Info-Tech Research Group told Byte and Switch that today's Pointsec deal may be part of a Check Point strategy to maintain its independence.

"If Check Point doesn’t grow, [getting bought] becomes increasingly likely," he says, adding that the firm has spent too long in its "comfort zone" of firewalls and VPN technologies. In contrast, explains Quin, competitors such as Symantec have been hard at work improving their broader data security stories. (See HR: Security Spending on the Rise, Symantec Helps Bank, and Symantec, Dell Team on Secure Email.)

The market shrugged at the deal, which is expected to close in the first quarter of 2007. In trading today, shares of Check Point fell 18 cents (0.81 percent) to $22.09.

— James Rogers, Senior Editor, Byte and Switch

  • Check Point Software Technologies Ltd. (Nasdaq: CHKP)
  • EMC Corp. (NYSE: EMC)
  • Hewlett-Packard Co. (NYSE: HPQ)
  • Info-Tech Research Group
  • Microsoft Corp. (Nasdaq: MSFT)
  • Pointsec Mobile Technologies
  • Protect Data AB
  • Sourcefire Inc. (Nasdaq: FIRE)

    Comment  | 
    Print  | 
    More Insights
  • Comments
    Newest First  |  Oldest First  |  Threaded View
    COVID-19: Latest Security News & Commentary
    Dark Reading Staff 10/23/2020
    7 Tips for Choosing Security Metrics That Matter
    Ericka Chickowski, Contributing Writer,  10/19/2020
    Russian Military Officers Unmasked, Indicted for High-Profile Cyberattack Campaigns
    Kelly Jackson Higgins, Executive Editor at Dark Reading,  10/19/2020
    Register for Dark Reading Newsletters
    White Papers
    Video
    Cartoon
    Current Issue
    Special Report: Computing's New Normal
    This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
    Flash Poll
    How IT Security Organizations are Attacking the Cybersecurity Problem
    How IT Security Organizations are Attacking the Cybersecurity Problem
    The COVID-19 pandemic turned the world -- and enterprise computing -- on end. Here's a look at how cybersecurity teams are retrenching their defense strategies, rebuilding their teams, and selecting new technologies to stop the oncoming rise of online attacks.
    Twitter Feed
    Dark Reading - Bug Report
    Bug Report
    Enterprise Vulnerabilities
    From DHS/US-CERT's National Vulnerability Database
    CVE-2020-24847
    PUBLISHED: 2020-10-23
    A Cross-Site Request Forgery (CSRF) vulnerability is identified in FruityWifi through 2.4. Due to a lack of CSRF protection in page_config_adv.php, an unauthenticated attacker can lure the victim to visit his website by social engineering or another attack vector. Due to this issue, an unauthenticat...
    CVE-2020-24848
    PUBLISHED: 2020-10-23
    FruityWifi through 2.4 has an unsafe Sudo configuration [(ALL : ALL) NOPASSWD: ALL]. This allows an attacker to perform a system-level (root) local privilege escalation, allowing an attacker to gain complete persistent access to the local system.
    CVE-2020-5990
    PUBLISHED: 2020-10-23
    NVIDIA GeForce Experience, all versions prior to 3.20.5.70, contains a vulnerability in the ShadowPlay component which may lead to local privilege escalation, code execution, denial of service or information disclosure.
    CVE-2020-25483
    PUBLISHED: 2020-10-23
    An arbitrary command execution vulnerability exists in the fopen() function of file writes of UCMS v1.4.8, where an attacker can gain access to the server.
    CVE-2020-5977
    PUBLISHED: 2020-10-23
    NVIDIA GeForce Experience, all versions prior to 3.20.5.70, contains a vulnerability in NVIDIA Web Helper NodeJS Web Server in which an uncontrolled search path is used to load a node module, which may lead to code execution, denial of service, escalation of privileges, and information disclosure.