A slew of acquisitions and several whopping billion-dollar deals shook the security industry in the first nine months of 2010 and experts say the pace of deals are likely to continue through 2011 -- a sign that some security technologies are maturing.
The current economic conditions pose more potential buying opportunities for the largest, cash-heavy vendors. Additionally, many security technologies have reached their prime in maturity and are seeing adoption among even the most conservative leaning enterprises.
Many eyebrows were raised in September, when security information and event management vendor ArcSight was acquired by Hewlett-Packard. for $1.5 billion. Meanwhile, chip maker Intel announced plans to dive head first into the security market by shelling out $7.7 billion for McAfee. Symantec has also made major acquisitions this year around encryption; the company bought PGP and GuardianEdge Technologies for a combined $370 million and VeriSign's security business for $1.3 billion.
"I think we're seeing that the timing was right and many of these vendors have the cash on hand," says Rich Mogull, analyst and CEO of Phoenix, Ariz.-based research firm Securosis, who calls the acquisitions a part of the normal ebb and flow of the security industry. While many of the deals just made good business sense for the vendors involved, Mogull says he has seen security technologies mature to the point where larger vendors begin to take notice.
"Many security technologies are no longer in the early incubator stage," Mogull says. "I can now recommend technologies that I couldn't recommend a few years ago."
Mogull is still poring over the results of a survey of more than 1,000 IT practitioners on the kinds of technologies they use to secure data, avoid a data breach and ensure compliance. The Securosis survey found that many enterprises are relying on traditional security controls in the form of network segregation and system hardening, rather than technologies that focus solely on data security, such as data loss prevention, Mogull says. But today, DLP is gaining more traction, he adds.
"I couldn't recommend DLP a few years ago because it was too complicated to deploy and too difficult to manage, but the technology has come a long way in a short time," Mogull says.
Respondents to the Securosis survey identified network data loss prevention, full drive encryption and Web application firewalls as technologies they use to reduce the number of security incidents in their organization. Meanwhile, email filtering, encryption of USB/portable media drives and device control rated highly for reducing the severity of incidents.
"We're hitting around 30 percent adoption rates for traditional security technologies at a lot of these organizations," Mogull says. "It's gone beyond just early adopters."
Meanwhile, larger security vendors want to tap into new markets and keep the pace of revenue growth, says Alan Paller, director of the SANS Institute. Inevitably, it leads to a one-stop shop for a variety of security technologies, but many enterprises like the idea of standardizing with one major player, Paller says.
"Technology buyers no longer like to purchase security one piece at a time," Paller says. "They don't think they get as complete a picture or as rich a view of what is going on so they want to buy more security baked-in."
Many of the network and systems management segments matured to the point where consolidation of smaller vendors just made sense, says Mark Nicolett, vice president at Stamford, Conn.-based research firm Gartner. In a smaller market segment like SIEM, with more than 20 vendors vying for a $1 billion market, acquisitions take place as the market reaches maturity, he says.
"We're seeing a natural evolution of some of these point solution markets, Nicolett says. "Every market segment eventually consolidates as it matures."
What do IT professionals make of all the acquisitions? A Boston-based network security administrator says he keeps pace with the major acquisitions, but ultimately they don't affect the day-to-day business of securing the network.
"As long as the technologies we use continue to be supported and [improved], acquisitions aren't a big deal," he says. "We just want to keep our systems running and the bad guys out."
Robert Westervelt is the news editor of SearchSecurity.com. Send comments on this article to firstname.lastname@example.org