On April 4, a new/old name in cybersecurity returned as McAfee's separation from Intel became final. The six-year marriage of the two companies failed to produce the kind of synergy that such acquisitions generally promise, with Intel announcing last September that the split was imminent. Now, McAfee representatives say the company is looking forward to a future more focused than the one possible as part of Intel.
The opening fanfare
On August 19, 2010, Intel announced that it would acquire McAfee for approximately $7.68 billion. In the press release announcing the deal, Intel CEO Paul Otellini explained the justification for the purchase. "In the past, energy-efficient performance and connectivity have defined computing requirements. Looking forward, security will join those as a third pillar of what people demand from all computing experiences," said Otellini.
In the same release, Renée James, Intel senior vice president and general manager of the group that would include McAfee, pointed to the specific benefits hardware-based Intel saw in the deal. "Hardware-enhanced security will lead to breakthroughs in effectively countering the increasingly sophisticated threats of today and tomorrow," said James.
According to news stories at the time, analysts and investors were skeptical about the value of the deal. The New York Times noted that "investors appeared flummoxed by the purchase, Intel's biggest ever, sending the company’s shares down about 3.5 percent" in after-hours trading.
While there were certainly hardware and software products that came from what became known as Intel Security, the promised synergy between the two never fully materialized.
The new McAfee
Now, McAfee has returned as a private company in a partnership of Intel and private equity firm TPG. The financial transactions are complicated, but in the end TPG and Intel took ownership of a company valued at approximately $2.2 billion plus another $2 billion of debt. In a written statement in September, Brian Krzanich, CEO of Intel, said, "Security remains important in everything we do at Intel and going forward we will continue to integrate industry-leading security and privacy capabilities in our products from the cloud to billions of smart, connected computing devices."
So what will McAfee be able to do that Intel Security could not? In a telephone interview with Brian Dye, EVP of corporate products at McAfee, I asked how the McAfee of April 30 would be different than the McAfee of January 1.
"We're an independent company with a clear vision and a new investment," Dye began. "The biggest thing that improves for us at the end of April compared to the beginning of the year, is that we've got the unified force, not just of the parts of the organization that aren't changing -- engineering, support, sales, marketing, services -- but we get the whole-hearted and fully aligned support of the back-end systems of the company. Finance, IT, HR, and legal, fully aligned around what we need to succeed and be agile and responsive as a pure-play cyber security company."
He continued, "Frankly, we're one of the largest pure-play cyber security companies in the world. That's really the biggest difference. Our thesis on the market -- the restructure of the portfolio -- that started a year, year-and-a-half ago. But the full alignment of the organization in pursuit of that mission, that's really what changes by the end of April."
When asked about the practical ways in which the renewed focus would have an impact on McAfee and its customers, Dye listed four areas where McAfee will concentrate its efforts: endpoint, data center, cloud edge and security operations center.
Dye began with endpoints because, he said, McAfee has established leadership in the space. "We've got a tremendously broad installed base of over 60 million nodes, and we've really put a lot of renewed focus, especially over the last year and a half, in technology leadership at the endpoint," he said. "We're adding the machine learning, and the recent NSS test results demonstrate the results of our labor there."
The data center has become increasingly important "as folks move from physical, to virtual, to either software-defined networking and software-defined data centers, or to public infrastructure as a service," Dye said. It's vital, he explained, to go beyond simple process automation to what he called "organizationally aware automation."
"I'll give you an example: In the days of VMware, all the sysadmins loved VMware because they could spin up a new server instance in 20 minutes. The security team hated it, because the sysadmin team could spin up a new server in 20 minutes and never tell the security team when they did it," he said. "We've solved that by being able to detect when new AMIs, new instances, spin up and then notify the security team. So it's not just security automation, it's organizationally aware automation."
The cloud edge is where Dye feels many people are surprised by a McAfee presence. "Just as there's a lot of platform consolidation happening at the endpoint with multiple technologies coming in under a common agent, we see that same thing happening at the cloud edge," he said, "where the web gateways have become web SaaS services, web SaaS services are driving partnerships with the CASB [cloud access security broker] vendors, the CASB vendors are moving from shadow IT discovery to content control."
McAfee's response was a recognition of what was already in the portfolio. "We just had to put it together as one single service. And we think this is going to be a market where one service is going to be the right answer."
Finally, Dye said that the security operations center, or SOC, is key for McAfee, "...because we find that that's really the hub for a lot of security automation, especially if you're following the NIST Cyber Framework, which we shorthand into Protect, Detect, and Correct." He explained that the SOC is the logical place for companies to centralize automation, and McAfee wants to be at the heart of automating analysis, investigation and remediation.
Integrating and automating security across the enterprise will be McAfee's focus, Dye said, because it's the only way to move cybersecurity forward. "What we need to do is to create integrated security systems for our customers that let them free up their most limited resource, which is people, and then once they free up that bandwidth, they can use that to drive security success, not just security administration."
— Curtis Franklin, Security Editor, Light Reading