March 18, 2005 4:00 AM PST

Security's new deal

Related Stories

Hardware security sneaks into PCs

March 16, 2005

VeriSign to acquire messaging business

March 22, 2004

Cisco beefs up security

March 9, 2004
Security companies have entered a new era: Buy or be bought.

Signs of the shift have appeared in a flurry of recent deals. Security giant Symantec is moving outside its niche with its pending purchase of storage maker Veritas Software. On the other side, networking company Cisco Systems and software giant Microsoft have snapped up fast-growing security companies, looking to give their own growth a boost.

This push toward diversification, coming amid widespread consolidation in many areas of the tech industry, has investment bankers and analysts wondering whether companies that specialize purely in security products can continue to thrive.

News.context

What's new:
Companies outside the security market are snapping up players within, and security providers are reaching beyond their core markets with their own acquisitions.

Bottom line:
The shift has industry observers wondering whether companies that specialize purely in security products can continue to thrive.

More stories on this topic

"There's a debate whether the security market (will remain) its own market, over time--or will it be subsumed into two other markets, like the communications equipment market, or the networking or systems management industry?" said Kevin Sidders, a managing director at Credit Suisse First Boston. Sidders heads up U.S. software efforts in the investment bank's technology group.

Some security players say the industry will stay as is, selling standalone products such as antivirus software. They note that network threats are evolving so rapidly that companies are continually being born to tackle the new problems. Others, however, argue that the future of security lies in the technology being integrated at all levels of a company's network, from the hardware to the interface, and that the recent merger-and-acquisition activity bears this out.

Rapid revenue growth in the security industry is a key factor driving the deals. Software, services and hardware companies in the sector will pull in $52.2 billion in sales in 2008, compared with $22.8 billion in 2003, predicts market research firm IDC.

That makes those businesses attractive targets for acquirers in the networking, communications and systems management industries, among others.

Still, some say that security companies may be stronger if they provide a soup-to-nuts IT package rather than a product to be bolted onto an existing network.

"Security, ultimately, will not be a standalone market," said one investment banker who asked to remain anonymous. "It will just be just another layer of the infrastructure stack. It's no longer about just making the security products work together."

However it's done, the important thing for the customer is to make the technology as smooth to use as possible, said Fred Rickabaugh, chief security officer at Premier, a Charlotte, N.C.-based provider of support services to health care companies.

"I want the capability to build the 'best of breed' in certain areas were it's critical," Rickabaugh said.

In segments of the market where too few players exist to create competitive bidding, Rickabaugh said consolidation would benefit the customer by bringing one-stop shopping for multiple features.


Related story
Cisco set on secur-
ity spending spree

CEO John Chambers lays
out a seven-year
network security plan.

Given this importance to customers, security businesses will wield influence. Laura Koetzle, a security analyst with Forrester Research, said that security companies may find themselves part of a portfolio where they're considered core to the future of the acquirer.

"Security may be more of an influence as companies become blended," Koetzle said.

Networking companies, for example, are finding that intrusion prevention technologies need to sit on top of or next to the network, in order to keep the data moving at a fast clip.

Last year, router maker Juniper Networks said it will acquire NetScreen Technologies in a $4 billion deal that will bring it technology for virtual

CONTINUED:
Page 1 | 2

6 comments

Join the conversation!
Add your comment
All these security companies...
...and all this security software and yet we still have breaches, viruses, spyware, hacks, identity theft, keystroke loggers, etc. I still don't feel my data is safe. All this money spent on security and where are we? Nowhere. Clearly, things are not working.
Posted by ordaj (338 comments )
Reply Link Flag
agreed
something needs to be done to change things. software needs to be built from the ground up to not only deal with current threats, but possible future threats too. 'twould also help if M$ created a more secure OS... yeah, THAT'S gonna happen.
Posted by Scott W (419 comments )
Link Flag
All these security companies...
...and all this security software and yet we still have breaches, viruses, spyware, hacks, identity theft, keystroke loggers, etc. I still don't feel my data is safe. All this money spent on security and where are we? Nowhere. Clearly, things are not working.
Posted by ordaj (338 comments )
Reply Link Flag
agreed
something needs to be done to change things. software needs to be built from the ground up to not only deal with current threats, but possible future threats too. 'twould also help if M$ created a more secure OS... yeah, THAT'S gonna happen.
Posted by Scott W (419 comments )
Link Flag
The bigger picture....
So much of the problem is the ability to manipulate the OS by remote.

You want security...
Some method of making the OS isolated from the internet needs to be looked at. Perhaps a hardware based OS that is permanently set into the chips. The bios is fairly well isolated, why not do the same with the OS?

What about the use of smaller "terminals". A big bold new complete computer just isn't necessary in most offices or in many home networks. A server could be used and employees just connected with hardware based machines that cannot be "infected". Many home networks only would require a single server with multiple smaller pc's connected to it. These smaller pc's could be P4's but with windows on PROM chips only using a harddrive to store information and data not used for the OS. If it's done right, drivers and such would not be a problem. Employee computers get infected because of the fact that not only do employees not respect or completely understand the machines, their machines are also setup in such a way that would allow for problems.

It would not fix everything, but making the OS as a permanent hardware install would go a LONG way. Like making an OS installation as easy as installing a stick of ram. If things are done right, things that change like the registry would not be such an issue.

Alot of the security problem is that browsers actually process the code on webpages that allow a website access to the users' OS and harddrive. The fact that this code is legit is bad enough, but to build a browser to process this code makes things so much worse.

People don't seem to want to learn anything about how and why computers do what they do. Until this changes, there will always be a serious problem with security. Regardless of what MS or anyone else produces. Although MS seems more interested in wowing people with new bells and whistles than in security. Their security focus is only skin deep.

The real thrust needs to be in educating people. The very people that are putting these very power devices in their childrens bedrooms have no clue as to the danger they put their children in. Not to mention the money. These things are not toys and should not be looked at as such. Every person buying a computer has a personal responsibility to learn something about them. Unfortunately, most of them will not even read the posts on this site or even give any of this a second thought.

Some serious concideration needs to be given as to the nature of Windows XP. XP is dangerous for use on the consumer market. The average user just is not equipt to deal with XP properly. XP is a differant animal, most people are treating it like any other Windows OS. Until XP came out, the idea of becoming virus infected with seconds of connecting to the net was just not even a question. A serious look at it's full raw sockets support should be concidered. 98se was perfect for most home users. Those that needed more could get it through Win2k. Although, how do you actually talk security to a gamer bent on XP just for their high end games?

These companies can clammer all they want to do whatever. There really needs to be some changes take place in order for security to be properly addressed.
Posted by Prndll (382 comments )
Reply Link Flag
The bigger picture....
So much of the problem is the ability to manipulate the OS by remote.

You want security...
Some method of making the OS isolated from the internet needs to be looked at. Perhaps a hardware based OS that is permanently set into the chips. The bios is fairly well isolated, why not do the same with the OS?

What about the use of smaller "terminals". A big bold new complete computer just isn't necessary in most offices or in many home networks. A server could be used and employees just connected with hardware based machines that cannot be "infected". Many home networks only would require a single server with multiple smaller pc's connected to it. These smaller pc's could be P4's but with windows on PROM chips only using a harddrive to store information and data not used for the OS. If it's done right, drivers and such would not be a problem. Employee computers get infected because of the fact that not only do employees not respect or completely understand the machines, their machines are also setup in such a way that would allow for problems.

It would not fix everything, but making the OS as a permanent hardware install would go a LONG way. Like making an OS installation as easy as installing a stick of ram. If things are done right, things that change like the registry would not be such an issue.

Alot of the security problem is that browsers actually process the code on webpages that allow a website access to the users' OS and harddrive. The fact that this code is legit is bad enough, but to build a browser to process this code makes things so much worse.

People don't seem to want to learn anything about how and why computers do what they do. Until this changes, there will always be a serious problem with security. Regardless of what MS or anyone else produces. Although MS seems more interested in wowing people with new bells and whistles than in security. Their security focus is only skin deep.

The real thrust needs to be in educating people. The very people that are putting these very power devices in their childrens bedrooms have no clue as to the danger they put their children in. Not to mention the money. These things are not toys and should not be looked at as such. Every person buying a computer has a personal responsibility to learn something about them. Unfortunately, most of them will not even read the posts on this site or even give any of this a second thought.

Some serious concideration needs to be given as to the nature of Windows XP. XP is dangerous for use on the consumer market. The average user just is not equipt to deal with XP properly. XP is a differant animal, most people are treating it like any other Windows OS. Until XP came out, the idea of becoming virus infected with seconds of connecting to the net was just not even a question. A serious look at it's full raw sockets support should be concidered. 98se was perfect for most home users. Those that needed more could get it through Win2k. Although, how do you actually talk security to a gamer bent on XP just for their high end games?

These companies can clammer all they want to do whatever. There really needs to be some changes take place in order for security to be properly addressed.
Posted by Prndll (382 comments )
Reply Link Flag
 

Join the conversation

Add your comment

The posting of advertisements, profanity, or personal attacks is prohibited. Click here to review our Terms of Use.

What's Hot

Discussions

Shared

RSS Feeds

Add headlines from CNET News to your homepage or feedreader.