Security Acquisitions Sizzle IT-Enterprise Community -- Redmondmag.com

Security Acquisitions Sizzle IT-Enterprise Community

By Jabulani Leffall
08/31/2010

This summer we've seen a surge of sporadic heat waves gripping all corners of the country. As August comes to a close, perhaps the only thing hotter than the weather in some spots is the sweltering wave of IT security merger and acquisition deals.

This wave, anchored by the Intel and McAfee $7 billion combination, continues this week as consulting giant CA Technologies said it agreed to buy VC-stage fraud prevention service firm Arcot Systems for $200 million cash.

As I begun checking that the hyperlinks worked on this blog, it was announced that 3M has agreed to buy biometric access control systems vendor Cogent for around $943 million in cash.

Both acquisitions are all about access controls and fraud prevention, proving beyond a shadow of a doubt that security is the hottest ticket in enterprise IT so far this year.

But don't just take my word for it. Look at the facts:

Three weeks ago, HP said it was buying security application firm Fortify.
Both the Intel-McAfee and HP-Fortify deals come after IBM acquired database security firm BigFix.

Security Watch canvassed various experts on what this deal momentum in the IT security space means for the eco system and for Microsoft:

"This (Intel-McAfee) acquisition definitely positions IT security as one of the cornerstones of computing in the 21st century, and it points towards a potential trend of converging some form of basic security directly into the silicon," said Pat Clawson, chairman and CEO of Lumension. "With our computing platforms going more mobile this type of integration, on the surface, seems needed."

For its part, Microsoft, at least according to its 10-K filing with the U.S. Securities and Exchange Commission, spent a pauper's pocketbook sum of $267 million to acquire five entities in its 2010 fiscal year, down from spending $925 million on 9 companies in fiscal 2009. Most of the deals this year were private and low profile and none of these transactions happened to be security firms.

Clawson said predicting if Microsoft will join the IT security sweepstakes is difficult, at best, but he believes the Intel-McAfee deal would not "cause them to vary significantly from their appointed course."

To be sure, part of the reason Microsoft has sat out thus far is it already offers integrated hardware-level security such as data execution prevention, kernel patch protection and its free Security Essentials software (a new version was released late last week).

Looking ahead, Clawson and other security experts contend that the next big security land grab will be focused on cloud and content-centric technologies.

This is an area where many believe Microsoft is positioned reasonably well with the security parameters in its Azure platform and its security development lifecycle initiative.

IBM Report: Apple, Adobe, Microsoft Most Vulnerable Vendors
Microsoft outpaced all other operating system vendors in terms of vulnerabilities with critical- and high-CVSS (Common Vulnerability Scoring System) ratings and accounted for 73 percent of bugs, according to a new study from IBM X-Force Research.

But numbers aren't necessarily nuclear, as Redmond is the world's largest software vendor with the most ubiquitous OS in the history of mankind.

What is alarming is Adobe Systems, whose products have more than 10 of the top twenty critically-rated vulnerabilities, according to U.S. Computer Emergency Readiness Team (CERT). To make matters worse, the IBM X-Force report says PDF attacks "continue to increase as attackers trick users in new ways."

The report also points out that 2010 has seen a significant increase in volume of security vulnerability disclosures. This is good news, seeing that vulnerabilities are showing up at an all time high, up 36 percent over last year.

"The leap in vulnerability disclosures relates to organizations taking a greater interest in exploitable software bugs as well as attackers continuing to develop their own infrastructure," said Tom Cross, manager of IBM's X-Force Advanced Research Team.

As far as total vulnerabilities across all products Apple comes in at numero uno, with Redmond the runner up at No. 2 and Adobe coming in third.

About the Author

Jabulani Leffall is an award-winning journalist whose work has appeared in the Financial Times of London, Investor's Business Daily, The Economist and CFO Magazine, among others.

Featured

What's Inside Microsoft 365's Security Toolbox?

Microsoft provides plenty of native tools to secure Microsoft 365. IT pros just have to know where to look.
Microsoft Kills 30-Day Data Retention Policy for Copilot in Fabric

Microsoft this week announced several usability improvements coming to Copilot in Fabric in preparation of its general availability release later this year.
Using Microsoft Office to Build a Network Diagram 2

Now that we've set up our process, let's dig in with the actual execution.
Microsoft Graph 'Activity Logs' Feature Goes Live

Microsoft announced the general availability of the "activity logs" capability in Microsoft Graph, giving administrators more options to track user activity and identify patterns of potential misuse.
Fallout from Microsoft's 'Midnight Blizzard' Saga Hits Feds

When the Russian attack group Midnight Blizzard successfully breached Microsoft corporate e-mail accounts late last year, it apparently managed to steal U.S. government agency e-mails, too.