Privacy Digest

The Security Convergence Chess Match: "

Last week, Websense announced that it will acquire SurfControl, swallowing up one of its chief competitors in the content filtering space.

It’s pretty clear that content filtering is going to become an important protection component in our complex world of threats. It is not so clear that we need or want it as a standalone solution. Protecting surfing behavior is important, as the nature of threats has evolved from attacking our PCs to custom-made hacker vulnerabilities for mobile devices. McAfee’s acquisition of SiteAdvisor proves the point: 50 million users clearly see the value of proactive protection.

Were you were at RSA this year? There were so many small companies in the in ‘outer reaches.’ It doesn’t take much to figure out that consolidation is the next logical step. I overheard someone say that those booths should have a price tag on them, almost like a claiming race. So, what are the implications of this particular deal?

SurfControl and Websense share the same core business model and have been competitors in the Internet access control (web filtering) market for many years. Both companies have been trying to expand beyond web filtering by getting into the network and desktop security market with security solutions based mostly on their web content inspection technology. It’s a smart play for them, as they struggle to maintain relevance in a converging market. It is a fortification strategy in a point product space that could prove to be flawed for Websense. From my point of view, Port Authority made more sense as an acquisition for Websense. This deal, valued at $400 MM, seems like sacrificing a bishop or a knight in order to take out a pawn.

Another point solution. Is that what enterprises need? Or do they need a proactive risk management strategy? That’s what’s resonating with everyone I talk to. So this news is really not a big deal when it comes to putting together the right components for the large enterprises. Our customers choose us because they recognize that security risk management is an ongoing process. One of our mantras is ‘complete visibility’ on every level - from policy to compliance to enforcement. It’s only a matter of time before the value of this approach is realized by all companies and organizations who want to ensure the best security for their networks, not just the early adopters.

Security starts with identifying your core assets and setting the right processes in place to ensure those assets are protected. However, when an organization moves from tactical threat response to strategic risk management, they look to move the protection closer to the data. I don’t see this acquisition helping Websense customers move in that direction.

The acquisitions going on in the security industry are similar to a chess match. One company might take another company to advance to a more strategic position. In the end, it’s all about protecting the king - the precious data that organizations rely on to advance their core business.

"

(Read Original Article - Via Macafee Security Insights Blog.)