It’s still too early to talk about Dell EMC’s security plans, said Brett Hansen, VP, Endpoint Data Security and Management, Dell, but he tells IT Trends & Analysis there is a lot of work going on behind the scenes on the future of the company’s post-merger enterprise security strategy. “I’m like a kid in the candy store with this acquisition.”
What’s not to be excited about? Cybersecurity is getting a lot more attention — and customer budgets — and the acqusition brings together two sets of technology assets, skills and customer bases. While overall IT spending may be inching upward, security is expected to grow at a compound annual growth rate of 8.3% through 2020, from $73.6 billion in 2016 to more than $100 billion. Other estimates put this year’s cybersecurity spend at $122.45 billion, and a 10.6% CAGR to $202.36 billion by 2021.
EMC’s former security division, RSA (with more than 30,000 customers), will retain its autonomy, but will benefit from being part of the world’s largest privately controlled technology company, said president Amit Yoran in a September conference call. “RSA is now part of the broader Dell Technologies – a much broader platform that allows us to make decisions along private company timelines and horizons for a more strategic perspective, and less maniacally focused on the 90-day public company window,” he stated. “There is a natural upside [for enterprises] of having the broader ecosystem of Dell Technologies from a leveraging relationships standpoint.”
He said authentication and identity, advanced security operations and analytics, and the business context and business drivers around those will continue to be the three key areas that RSA is focusing on. As for the unit’s R&D focus, he said in a world where there is no longer any perimeter, being able to identify who is where on what and provide them the appropriate access with strong multi-factor authentication and an elegant user experience “is a key area where RSA has great capability and we will continue to invest aggressively in R&D in that area”.
In addition, it is investing heavily in advanced security operations, which includes RSA’s endpoint threat detection and response product Ecat, the NetWitness suite, and all the analytics around those.
“Ultimately, context matters most to the organisation. What is mission-critical, what is business-critical, what is required from a compliance and regulatory perspective, and ensuring that the limited security resources are being spent on the most impactful and critical things for the enterprise,” said Yoran.
In June, prior to the acquisition’s close, EMC announced the findings from its global enterprise backup survey, ‘Are You Protected?’, which included:
-incidents of traditional data loss and disruption are down since 2014, but new challenges mean 13% more businesses experienced loss overall;
-over half of businesses fail to protect data in the cloud despite more than 80% indicating they will rely on SaaS-based business applications;
-36% have lost data in the last year as the result of a security breach; and,
-the average cost of data loss is more than $914,000.
People are getting smarter about data protection, said Peter Smails, VP, Marketing, Core Technologies, EMC, but they continue to experience data loss. “You need to be vigilant. The world is evolving quickly.”
A month later Dell released the results from a survey centered around digital transformation security that found that while 97% are investing in digital technologies, 85% say security teams can better enable DT initiatives if they are included early in the project, and 96% say ‘securing digital technologies poses challenges including lack of resources, risk of a security breach, finding the right balance between security and employee productivity, and loss of control.’ A key reason why security is too often looking in at DT from the outside has to do with the traditional view of security as the Department of No, said Bill Evans, Senior Director, Identity and Access Management, Dell Securit. “We see security as enabler… it has to step up and become an enabler, the Department of Yes.”
After the acquisition, Dell Technologies spun out SonicWall, its firewall-focused network security business, as an independent company, to private equity firm Francisco Partners and hedge fund Elliott Management. This was part of the $2-billion-plus acquistion of the Dell Software Group, which posted an operating income of $28 million for Q1 2016.
Yesterday the company’s other security business, SecureWorks (4,300 customers in 58 countries), reported a 21.5% year-over-year revenue increase, to $107.1 million, and narrowed its operating loss in the third quarter from $0.26 per share last year to $0.10. The unit was taken to the market in April, with its first IPO generating $112 million; following the offering, Denali Holding Inc., which owns the subsidiary and Dell, held all outstanding shares of SecureWorks’ Class B common stock, representing about 86% of total outstanding common shares, and about 98% of the combined voting power, according to the prospectus.
Last month Dell EMC joined with a number of its peers, including HPE, Cisco, and SAP to establish a Zero Outage industry standard. “Dell focuses on delivering the best technology, service, end-to-end processes, and security to enable industries around the world to conduct business continuously with zero interruption,” said Richard Nicolas, Chief Customer Office, Dell, in a prepared statement. “To achieve this, we are a member of the Zero Outage Association, where we focus on eliminating outages while navigating the digital shift, and resiliency in a world of heterogeneous ICT.”
From an endpoint security perspective, Hansen’s bailiwick, the company announced its Endpoint Data Security and Management portfolio, with solutions from Dell, Mozy by Dell, RSA and VMware AirWatch, at the inaugural Dell EMC World in October. All offerings were available as of launch, or December, but the next step is to “further coalesce these into a solution for the customers”, he said, and that’s scheduled for the first quarter of 2017, with interoperability testing “well under way.”
The next step is integrated support for these products, “one phone call covers everything…. that’s very powerful… to customers.” The third step will be creating solutions bundles, which should start rolling out over the next 90-120 days, added Hansen.
From an overall cybersecurity perspective, he says it will continue to be an arms race with the cyber attackers because the potential rewards are too rich. “Cybersecurity is a two-way street… as we innovate… the cyber attackers are also innovating, and responding and reacting”. “So our responsibility is to remain one step ahead.”
DISCLAIMER: While Michael has managed to abscond with all my Dell and EMC shares, I still own a mere pittance of VMware stock. For now.