Private equity house spins SSE company out of McAfee Enterprise

Private equity house Symphony Technology Group (STG) has launched its new portfolio company Skyhigh Security, completing its split of McAfee Enterprise into two separate organisations.

STG previously established “pure-play” cyber security company Trellix in January 2022 through a merger between McAfee Enterprise and FireEye, both of which were acquired by the equity house in 2021.

While Trellix will offer customers an extended detection and response (XDR) service, Skyhigh Security will relaunch McAfee Enterprise’s security service edge (SSE) portfolio.

This includes secure web gateway (SWG), cloud access security broker (CASB), zero-trust access network (ZTNA), cloud data-loss prevention (DLP), remote browser isolation technology, cloud firewall, and cloud-native application protection platform (CNAPP).

STG has said that it created the firm to meet the needs of a modern workforce by providing “data-aware” SSE security that “follows the data and users wherever they are”.

The move to establish Skyhigh marks the completion of STG’s long-planned division of McAfee’s enterprise business, which the equity house said would allow for greater focus on the “very distinct markets” of XDR and SSE.

“Skyhigh Security has emerged as a dedicated cloud security company that is laser-focused on propelling businesses forward with a comprehensive and converged approach to data security,” said William Chisholm, managing partner at STG. “We’re committed to investing in this business, which is in one of the most important markets in security, SSE.”

Gee Rittenshouse, CEO of Skyhigh who previously led Cisco’s cyber security business, added that a new approach to security is needed to deal with the fact the majority of data is in the cloud and that users can access it from anywhere.

“Skyhigh Security has created a comprehensive security platform to secure both data access and data use via unified policies and data awareness. Organisations can now have complete visibility and control and seamlessly monitor and mitigate security risks – achieving lower associated costs, driving greater efficiencies and keeping pace with the speed of innovation,” he said.

According to Frank Dickson, vice-president at IDC, the rise of hybrid workforce’s has placed organisations at a crossroads: “While the work-from-anywhere model creates flexibility and agility, it can also be a point of security vulnerability, challenging perimeters and endpoints and opening new attack surfaces in the cloud. These organisations need a best-in-class cloud-native solution that simplifies the implementation of cloud security to protect data regardless of where it lies.”

In an email to Computer Weekly’s sister title SearchSecurity, Skyhigh vice-president of worldwide systems Arnie Lopez wrote that the reason Skyhigh Security is split into its own company (as opposed to being part of Trellix) is that it can launch SSE solutions faster and be more “nimble”.

“We are dedicating resources aimed at releasing new, innovative SSE capabilities at a much faster pace,” he said. “By separating the businesses and being nimbler in our approach, Skyhigh Security is better positioned to lead the SSE market as we hone our focus on providing customers with the best technology, customer experience, and partnership for managing the complexities of security.”

Asked about the differences McAfee customers may notice in transitioning to Skyhigh, Lopez added that organisations can “continue to rely on us without disruption to their business”. He further argued the smaller size of Skyhigh will provide users with new benefits around access and influence.