In a move that surprised many, but will make a lot of sense to regular readers of this blog, Intel announced that it has entered into a definitive agreement to buy diversified security vendor McAfee for $7.68 billion, a significant premium over McAfee’s share price at yesterday’s market close.
Echoing many of the same issues that Proofpoint CEO Gary Steele noted in his recent guest blog post at Byron Acohido’s “Last Watchdog” blog (see “Why Wall Street is Boosting Investments in Tech Security“), Intel and McAfee gave the following rationale for the acquisition:
First, security is fundamental to today’s computing environment. Intel CEO Paul Otellini is quoted as saying, “In the past, energy-efficient performance and connectivity have defined computing requirements. Looking forward, security will join those as a third pillar of what people demand from all computing experiences.”
And those “computing experiences” are becoming more and more pervasive. The explosive growth of Internet connected devices—not just PCs but smartphones, tablet computers (like the iPad, the rumored Google Chrome OS pad, etc.), even ATMs, medical diagnostic equipment and on and on—requires better security for those devices to prevent exploitation and protect private data held and processed by those devices.
As security vendors regularly point out, security threats continue to proliferate rapidly and are becoming more complex and more costly to remediate. In the email security space, for example, targeted attacks such as spear phishing, the use of multiple attack vectors (combining email, web and social media components) and more clever social engineering are now commonplace. “The cyber threat landscape has changed dramatically over the past few years, with millions of new threats appearing every month,” says McAfee CEO Dave DeWalt.
McAfee’s online announcement also notes that, “The current cybersecurity model isn’t extensible across the proliferating spectrum of devices – providing protection to a heterogeneous world of connected devices requires a fundamentally new approach to security.” Which I think is a rather verbose way of saying that network security in today’s world needs a major “re-think” and that certain security functions and controls need to migrate further down the IT application stack and be more of an integral part of the hardware and firmware that power new devices.
Additionally, Intel notes that this acquisition is part of their ongoing effort to broaden its IT footprint, delivering not just hardware but software components. Notes the Intel announcement, “Intel has made a series of recent and successful software acquisitions to pursue a deliberate strategy focused on leading companies in their industry delivering software that takes advantage of silicon. These include gaming, visual computing, embedded device and machine software and now security.” (Intel’s acquisitions of embedded/mobile software vendor Wind River and gaming AI/physics vendor Havok are cited.)
Expect this news to spur ongoing M&A activity in the security space. And, more importantly, the trend toward making security more of a core component of computing devices—rather than an afterthought—will make for a safer computing world.