Consolidation of the security market will remain the norm, but
best-of-breed security firms will continue to emerge to address
gaps in technology uncovered by sophisticated attackers according
to a'1120">' new report issued by the Burton
Group.
Large infrastructure vendors will continue to look to fill security
gaps in their portfolios by acquiring best-of-breed security
vendors, said Bob Blakley, principal analyst at the Burton Group.
The industry will never be fully consolidated, he said. But smaller
security firms will reemerge to meet new security threats being
driven by cybercriminals, he said.
"The bad guys are sticking arrows into the customers and the
customers are therefore driving their vendors to cover up the parts
of their body to which the arrows are being stuck," Blakley
said.
In his report, "'1120">'The long tail of risk and the
dynamics of the security market" Blakley said the security
market has a high degree of balance based on risk. When a flaw is
discovered by a security researcher or exploited by an attacker
that balance is disrupted. Platform vendors then decide to buy or
build new technology based on customer pressure to quickly reduce
costs associated with risk.
"'128&sID=3100081">'Risk exposure plays into
the security market directly only when the risks eventuate into
losses," Blakley added
in an interview with SearchSecurity.com. "A risk itself isn't
usually a cause of management action unless there is an external
forcing function like regulation or customer or user
dissatisfaction."
Blakley said point security products should be used tactically. If
the point security technology is acquired by a vendor that competes
with your existing technology it should be easily replaced, he
said. Point security vendors can also experience growth and become
a pure-play vendor, such as Symantec, which continues to broaden
its portfolio into system management and storage and now competes
with IBM's Tivoli product suite.
"The acquisitions in security do in fact track very closely to the
exposures that are really causing losses out there in the world,"
Blakley said. "As soon as these exposures become business problems
a real risk tax comes into existence for customers."
Blakley's risk model can be seen in some recent security
acquisitions.IBM is currently merging
its acquisition of Watchfire into its Rational development
platform, which provides tools for developers to model, design and
build Web-based architectures for SOA, systems and applications.
Dave Locke, director of offerings marketing for IBM Rational said
the acquisition adds software development security and compliance
testing tools for IBM customers but also gives Big Blue additional
security in its software development lifecycle.
Locke said the decision to buy Watchfire was driven in part by
customer pressure and the need to bolster Web application software
development security testing. The acquisition was finalised last
week.
"We got to point where customers were talking about needing more
support from IBM and we made a made a make versus buy decision," he
said. So far Locke said no talent has been lost from Watchfire as a
result of the merger.
"All the key players are definitely part of the plan," Locke said.
"We're embracing them to stay with us and we want their talent to
stay here."
Meanwhile PatchLink said is in the
process of merging SecureWave technology with its own to create
a platform to secure enterprise servers and endpoints. Patchlink
announced the merger in June.
Matt Mosher, PatchLink's senior vice president of sales for the
Americas, admitted that combining SecureWave technology with
PatchLink would take time. For now, the plan is to combine the
software into a suite that could be purchased separately.
"We have a customer advisory board that we solicit customer input
and it gives them access to product management so they have a voice
in how we evolve this suite of products," Mosher said. "We're being
very careful. With best of breed, you don't get a vision in mind
and move blindly forward."