I often tell people that the state of information security is far worse than they think. Yes, I realize that the security industry loves this type of messaging because fear sells product, but I truly believe that things are really bad.
This morning I met with security company Trend Micro to discuss security trends and upcoming products. The data that Trend presented was even frightening to a security pessimist like me. Case in point:
Newly created Web threats grew 1,564 percent from Q1 2005 through the end of 2007. That's nearly 200 percent growth every quarter. This is due to the large number of variants written off of a base of the original threat.
In 2005, Trend examined less than 1 million malicious code patterns. In 2007, there were nearly 5.5 million malicious code patterns. In the first four months of 2008, Trend has already seen more than 2 million.
These numbers point to the fact that the bad guys are winning. Even the most sophisticated security departments at enterprise organizations are no match for this onslaught. We really need to re-think our security model by adding "up the stack" layers of defense (i.e. more application protection), building in end-to-end trust, and working with expert security service providers like Trend Micro and others.
Note to chief information security officers: The worst thing you can do is go it alone.
Kudos to ArcSight for having the chutzpah to go public rather than wait around to get acquired. What does the company's IPO mean to the market? Three things.
1. The space is on fire. ArcSight revenue was up about 75 percent year over year--from just under $40 million to just under $70 million. A testament to ArcSight? Absolutely, but the whole log management space (along with its security and compliance analysis aspects) are as hot as can be. ArcSight is one of the boats in this rising tide.
2. ArcSight makes the short list. Yes, the competition is steep. Look for IBM to really jump into this market with both feet in 2008, along with HP and partner SenSage. Nevertheless, ArcSight has established itself as a market leader, and its IPO bolsters this position with financial transparency. ArcSight should get into every enterprise bake-off.
3. The next battle is down market. OK, so ArcSight will fight with EMC, HP, and IBM in the enterprise, but who will win in the globally rich SMB space? This market will be dominated by turnkey appliances and managed services. ArcSight may want to use some of the $51 million it garnered through its IPO to build products and channels for the mid-market.
- prev
- 1
- next
