Symantec’s Strategic Merry-Go-Round: Questionable Short-Term Moves Hinder Long-Term Objectives

E. Parizo

E. Parizo

Summary Bullets:

  • Symantec’s moves to buy LifeLock and sue Zscaler will offer little effective support for Symantec’s stated strategic objectives.
  • Symantec instead should seek small, tuck-in acquisitions and find new niches in which to foster innovation.

Symantec has long been a company searching for a strategy, or at least a good strategy. Over the years, it has suffered through several failed reinventions that sought to address an ongoing dearth of disparate products, a lack of organizational cohesion and focus, and an inability to foster competitive momentum through innovation. Read more of this post

Security Product Integration Frameworks: A Gamechanger for Enterprise Security

E. Parizo

E. Parizo

Summary Bullets:

• SPIFs enable pre-integration of standalone third-party security products, eventually enabling enterprises to construct a customized, more effective enterprise security solution architecture.

• SPIFs are nascent, but they will have a growing impact on security product purchasing decisions. Leading-edge enterprises should begin researching SPIF ecosystems.

Enterprises have long been frustrated with the lack of interoperability among their enterprise security point products. The average large enterprise uses dozens of unique commercial security products and services, with few if any of them designed to work together.

Security product integration frameworks (SPIF) have the potential to change the game. SPIFs facilitate the sharing of security-related metadata, help standalone security products and services to interoperate effectively, and ultimately improve the efficacy of enterprises’ unique security architectures.

So what is a SPIF and how can it possibly deliver on such lofty ambitions? At its core, a SPIF is a fancy message bus system, typically augmented with authentication and access control, message encryption, subscription management and limited message store. Its centralized interconnection and messaging architecture enables security products to distribute data to other products and services and receive data from them. Third-party vendors add a SPIF’s pre-built messaging client code into their own products, customizing it as needed, and voila: enterprises using a SPIF can integrate products supporting that SPIF, often in a matter of minutes. Read more of this post

Hello BlackBerry: Why Dropping Hardware Is Part of a Brighter, Security-Centric Future

E. Parizo

E. Parizo

Summary Bullets:

  • BlackBerry’s smartphone hardware exit is a positive development, not negative, and signals that the company’s turnaround is nearing completion.
  • BlackBerry held on to its hardware long enough to grow its software and services business, a move now paying off strategically and financially.

I must respectfully disagree with my esteemed colleague Avi Greengart’s take on BlackBerry’s recent decision to exit smartphone hardware design and manufacturing. Not only is this a positive development for BlackBerry, but it’s also a key sign that the vendor’s dramatic turnaround is nearly complete. Read more of this post

Cisco Systems Should Buy MobileIron: Here’s Why

E. Parizo

E. Parizo

Summary Bullets:

  • Cisco’s enterprise security portfolio lacks a strong play on mobile devices, especially those running iOS or Android.
  • By acquiring MobileIron, Cisco would gain strong enterprise EMM technology and the much-needed ability to enforce policy on disconnected mobile devices.

Tech industry prognosticators enjoy speculating about what companies Cisco will acquire next. In enterprise security, the vendor has a several needs, perhaps none more glaring than the need for improved mobile device security and policy enforcement.

Cisco’s security objective is to offer end-to-end security from the cloud to the endpoint, but it lacks a strong play on mobile devices – iOS and Android in particular – which has become crucial. On-network devices can benefit from the protection afforded by its network security capabilities, but when mobile devices leave the network, they are vulnerable, particularly to inbound malware. Read more of this post

Fortinet’s Special Opportunity Calls for Equally Special Leadership

Summary Bullets:

E. Parizo

E. Parizo

• Fortinet has become a $1 billion enterprise security powerhouse, with potential for much more.
• To become the next Cisco, however, Fortinet will need unique, ambitious leadership.

It’s worth taking a moment to consider how far Fortinet has come. From humble beginnings in 2000 as a UTM startup, today Fortinet is a $1 billion enterprise security powerhouse, having shipped nearly twice as many security appliances as Cisco Systems (or anyone else) in the past three years and boasting more than 270,000 customers worldwide.

Fortinet has a unique opportunity. It, along with Palo Alto Networks (PAN), is on pace to surpass rival Cisco in quarterly security appliance revenue as soon as the next 12 months, and unlike PAN, Fortinet has long been profitable. Combine that with its broad product portfolio, its penchant for innovation, and its consistent ability execute in nearly all facets of its business, and it’s clear Fortinet can not only end Cisco’s market dominance, but it is also poised to become the next Cisco. Read more of this post

Dear Intel, Here’s Why Selling Intel Security Would be a Huge Mistake

Summary Bullets:
• A rumored sale of its security business would be a major mistake for Intel.

• Intel Security has strong legacy products, promising new ones, winning leadership and strategy, and presents synergistic opportunities key to Intel’s future.

I’m not sure what surprised me more: Sunday’s Financial Times report that Intel was exploring a sale of its security division, or that industry observers and partners alike seem to be either indifferent or actually in favor of such a dramatic move.

Current Analysis believes a sale of Intel Security or its assets would be a mistake, for a variety of reasons. Here’s a brief look at the value Intel Security provides its parent:

Read more of this post

Verizon DBIR Controversy Highlights Need for Data-Driven Research Transparency

E. Parizo

E. Parizo

Summary Bullets:

  • The recent DBIR controversy over a seemingly flawed top 10 list is an opportunity to highlight that data-driven security research is no panacea for breach prevention.
  • Data-driven security research shouldn’t be a drive to develop conclusions; it should an attempt to foster discussion and collaboration.

The annual release of the Verizon Data Breach Investigations Report is usually widely anticipated and well received for its data-driven insights on which attack techniques led to successful data breaches in the previous year, and what preventative actions enterprises might undertake to avoid future attacks.

This year’s report, however, has been unusually criticized because the authors’ list of the top 10 most exploited vulnerabilities (in successful breaches) seemed flawed to many vulnerability experts. Read more of this post

A Case Study in EMM-to-UEM Market Evolution Highlights the Coming of Security-centric Endpoint Management

E. Parizo

E. Parizo

Summary Bullets

• EMM vendors, responding to the convergence of traditional and mobile endpoint technology, are driving the emergence of unified endpoint management.

• With mobility becoming ubiquitous, enterprises want to deliver users a consistent, secure endpoint experience, regardless of what device they use, where they’re located and who owns the device itself.

As detailed in our recent market advisory report, Ubiquitous Mobility and the Coming Transition from EMM to UEM, the rapid evolution of enterprise mobility management products in response to the convergence of traditional and mobile endpoint technology is driving the emergence of a new market segment called unified endpoint management (UEM).

Read more of this post

Fortinet Loses Another Marketing VP, and Loses Another Chance to Cure Its Ills

E. Parizo

E. Parizo

Summary Bullets:

• CMO Holly Rollo has resigned from Fortinet after just six months at the company.

• Fortinet, which has struggled with marketing, must make changes to stop driving away talented executives.

Count this analyst among those who were surprised and disappointed when news broke this week that Fortinet CMO Holly Rollo had resigned. Rollo, hired away from FireEye in September, had been handpicked by Oracle CMO and Fortinet Director Judith Sim to lead a marketing overhaul for the billion-dollar network security vendor. Read more of this post

McAfee Must Die: Why the Brand Has Outlived Its Usefulness to Intel Security

Summary Bullets:
• The once-strong McAfee brand now does Intel Security more harm than good.
• The vendor missed an opportunity for a portfolio-wide rebranding in late 2015 when it launched a new threat-centric product strategy.

Intel Security has a branding conundrum on its hands. The once-strong McAfee label, for decades associated with a venerable line of consumer and business security products, has been slowly losing its luster for years, but has now reached the point where it does the vendor more harm than good.

Read more of this post