As an industry veteran, I've witnessed my share of IT transformations. Yup, I'm old enough to remember the transitions from mainframes to mini-computers, to client/server computing, to Internet computing, etc. Each of these IT tectonic shifts also led to changes in the balance of power within the industry. IBM owned business computing in the 1970s with its 370 mainframe but the transition to client/server gave rise to a number of new stars like HP, Microsoft, Oracle, and Sun.
The current security industry is going through a similar transition. Security "mainframe" products like network firewalls and endpoint antivirus software are giving way to new types of products and services that combine real-time security intelligence, endpoint/network defenses, and security analytics/forensics. Why? Enterprises simply can't continue to rely on security technologies that are becoming less-and-less effective and easily circumvented by an army of hacktivists, cyber crooks, and nation states.
While this security industry paradigm shift is well understood, few companies have capitalized as much as FireEye. Over the past few years, the company had the right design, product, and aggressive go-to-market strategy to crash the enterprise security party and proceed to a wildly-successful IPO. Now, just as security royalty and Sand Hill Rd. upstarts are planning their FireEye incursions, the company struck again with its bold acquisition of the security "big bang theory" firm, Mandiant.
Why is this a potential game-changer? FireEye continues to drive a new model for malware detection but it is missing some critical pieces like endpoint coverage and forensic/analytics capabilities. In the past, FireEye depended upon partners like Bit9, Blue Coat (Solera), and Guidance Software in these areas but this wasn't going to help the company fully capitalize on the ongoing security market transition over the long-term. With Mandiant in hand, FireEye becomes a much more formidable company as it gains:
- An endpoint platform. While Mandiant is known for forensic clean-up work, it also sells sophisticated software for endpoint malware detection and forensics. Network/endpoint visibility and coverage is exactly what the market is asking for.
- Additional security intelligence. FireEye was already pretty solid here but it doesn't hurt to throw in additional security intelligence from a market leader. FireEye can now jump into the burgeoning market for stand-alone security intelligence - especially in government, financial services, and technology markets.
- Professional services. Mandiant has a reputation for its post-breach firefighting but this is just a fraction of what this talented team can do. Given the pervasive security skills shortage, FireEye shouldn't have any trouble finding work and growing its services business over time.
FireEye just moved beyond product to an anti-malware architecture for prevention, detection, and response. It also has the security intelligence and professional/managed services to establish CISO relationships, become a key security partner, and grab lucrative enterprise deals.
Sign up for Computerworld eNewsletters.