|
||
|
15 January 2014 Bloated Security Firms Get Fatter on Hackers
Tech Security Upstarts Enter Fray By NICOLE PERLROTH JAN. 14, 2014 SAN FRANCISCO — Steve Bennett, the chief executive of the computer security company Symantec, is spoiling for a fight. Symantec is still, by a pretty long stretch, the biggest in a growing pack of tech security companies. But like Microsoft, Mr. Bennett’s company is sometimes viewed as an aging, if still wealthy, outfit that can’t keep up with a new generation. And no one in the technology industry likes being labeled the old, slow rich guy. Particularly when $67 billion is up for grabs. That’s how much companies were expected to spend last year on computer security. But younger outfits with names like FireEye and Palo Alto Networks are now competing with Symantec and its longtime rival McAfee, which is now part of Intel, for a greater share of a market that is expected to swell to $87 billion by 2016, according to Gartner, a research firm. The pitch from the new companies is simple: Conventional security defenses — like those that the antivirus software of Symantec and McAfee built their brands upon, as well as the network firewalls of Check Point and Cisco — have proved vulnerable to determined adversaries. The biggest problem with that older technology, they say, is that it reacts to threats rather than anticipating them. The young companies say they can help solve that problem, which the Center for Strategic and International Studies in Washington estimates costs the United States economy $100 billion a year, and they’re getting ready for a long fight with the established companies. “More so in security than in other areas, companies are willing to buy from smaller start-ups,” said Asheem Chandna, a venture capitalist at Greylock Partners who has invested in several security start-ups. “They want the new, shiny mousetraps.” Take FireEye. This month, the company announced that it had acquired Mandiant, another young firm, for $1 billion in stock and cash. The deal combines two darlings of this new generation of security — one that detects attacks by examining Internet traffic for potential threats before they hit a network, and another that responds to threats and tries to make sure they don’t happen again. FireEye is run by Dave DeWalt, who used to be McAfee’s chief executive. “Antivirus products are not working right now,” Mr. DeWalt said in a recent interview. “Companies are spending tens of billions of dollars of their money on a model that doesn’t work.” This fight between new and old has led to an unusually fragmented market, with 50 or so competitive companies, said Lawrence Pingree, a security analyst at Gartner. In 2012, Symantec led the security software market, with 19.6 percent of it, followed by McAfee’s 8.8 percent, according to Gartner. Once the final numbers are tallied for 2013, Mr. Pingree said, he expects the incumbents will have ceded ground to the upstarts. The problem with traditional antivirus technology is that security researchers, like medical researchers, must study a virus before they can create the antidote. They have to capture a computer virus, dissect it and identify its signature — unique signs in its code — before they can write a program to block it. That process can take as little as a few minutes or as long as several years. Once a virus gets blocked, it is often left to the customer to run frequent software updates. And even then, it takes just a few tweaks to the code for criminals to outwit the system. “We believe the antivirus market is hopelessly behind in being able to address the most acute problems,” said Nir Zuk, the founder and chief technology officer at Palo Alto Networks. “That is not where the action is and that is not where the majority of the money is going to be.” Venture capitalists are also backing firms that help companies deal with the security issues created by employees who insist on using their own smartphones or computers on the company network — the bring your own device dilemma. Last year, Greylock Partners and Sequoia Capital invested in Skyhigh Networks, a start-up that helps companies keep an eye on apps downloaded to corporate networks through those rogue devices. Accel Partners, Khosla Ventures and others are betting on another start-up, called Lookout, which started out as a smartphone app and is now targeting corporate customers worried about the problem. Investors are also keen on start-ups like OpenDNS, which tries to identify suspicious Internet traffic patterns. The company was able to pre-emptively block malware hidden in Yahoo ads last month after it identified dangerous traffic coming from a small Internet service provider. “We take a satellite view of the Internet,” said David Ulevitch, OpenDNS’s founder. “We don’t wait for the shots to get fired, then analyze the bullet.” Even among the antivirus makers themselves, “antivirus” has become something of a dirty word. Symantec and McAfee are aggressively rebranding and investing in new sorts of technology. Notably, “antivirus” does not appear once on either company’s home page. “Everybody still talks about us as antivirus,” said Mr. Bennett, the Symantec chief. “We have more advanced threat protection in our portfolio than anybody else.” He said the key to Symantec’s plans was integrating all the little pieces, from antivirus software to systems that monitor incoming Internet traffic, into one big package that can be more easily installed and controlled. In fact, he said, 50 percent of the threats Symantec blocked last year were not blocked by antivirus, but by the company’s newer security protections. “The reality is that no one security technology is good enough,” said Mr. Pingree, the Gartner analyst. “Hackers are always working to defeat the latest defense, and so you have to invest in defenses for the latest threat as well as every threat experienced in the past.” Last week, Intel, which acquired McAfee in 2011, announced it was killing off the McAfee brand altogether, keeping only the company’s red shield logo intact. McAfee will now be known as Intel Security. Analysts say the move is an apparent effort to separate the brand from its antivirus roots and from its founder, John McAfee, who has gained notoriety for behavior that, at last count, included going on the lam after his neighbor in Belize was found dead, an arrest in Guatemala, a deportation to Miami and, finally, an expletive-laced video featuring Mr. McAfee trying to uninstall McAfee software while surrounded by scantily clad women, guns and “bath salts.” “Antivirus is not what we’re focused on,” Michael Fey, McAfee’s chief technology officer, said in an interview this week. “It’s fun for younger companies to point fingers, but that’s not even where we get the bulk of our revenue.” McAfee now makes more revenue selling newer network security and intrusion-prevention systems to its business customers, Mr. Fey said. “We’re proud of our antivirus — it is a valuable solution that catches hundreds of thousands of issues a day for companies — but under no circumstances do we think that is the future of security.” And if you can’t beat them, buy them. Last year, for example, Cisco spent $2.7 billion to acquire Sourcefire, an upstart security company. Mr. Chandna of Greylock, for one, expects to see a lot more of those big deals this year. One other thing the older companies can still do is compete on price. Last week, McAfee announced that it would begin giving away its mobile security products. “We’re running a marathon, not a sprint,” Mr. Bennett said. “When we’re at the end of the finish line, sometime in the future, we’re going to be there and we’re going to be smiling. And we’ll see where all these shiny-new-object companies are.”
|