Micro Focus HyPEs New Security Business
Sep14

Micro Focus HyPEs New Security Business

“It was the best of times, it was the worst of times…” Charles Dickens, A Tale of Two Cities (1859)   Last week Equifax, a supplier of credit information, reported that a recent data breach could affect up to 143 million consumers in the U.S. It’s even worse for businesses: according to Cisco’s 2017 Midyear Cybersecurity Report, only 66% of organizations are investigating security alerts, and businesses are mitigating less than 50% of attacks they know are legitimate. More than 150 years ago author Charles Dickens started off his novel ‘A Tale of Two Cities’ with “It was the best of times, it was the worst of times…”, and that line is still timely when it comes to cybersecurity and the new and improved Micro Focus. The new company officially debuted on September 1 with the ‘spin-merge’ acquisition of Hewlett Packard Enterprise’s software business valued at $8.8 billion, making it the world’s ‘seventh largest pure-play software company’, with annual revenue of $4.4 billion. Chris Hsu, formerly COO of HPE and EVP and GM of HPE Software, is now CEO of Micro Focus. Under the terms of the deal, HPE shareholders own 50.1% of the new company, which works out to approximately $6.3 billion, which is in addition to the $2.5 billion cash payment that HPE received. The deal involved the ArcSight security and Mercury Interactive application management assets, as well as the late and unlamented Autonomy Corp. plc, which HP acquired in 2011 for $11.1 billion (more than $16 billion for all three acquisitions), but ended up writing off almost $9 billion of the purchase price. According to Securities and Exchange Commission filings, HPE’s software business revenue in the 12 months through Oct. 31, 2016 were $3.17 billion. ITOM (IT Operations Management) comprised 61% of the revenue; Enterprise Security Products (18%); Information Management and Governance (16%); and Big Data Analytics (5%). Revenue for all products broke down to: 28% license, 9% software-as-a-service (SaaS), 50% maintenance, and 13% professional services. On Tuesday the company refreshed its expanded security portfolio, with new and enhanced offerings, including: -ArcSight Data Platform (ADP) 2.2 (GA October) brings native, realtime log parsing, security data enrichment and normalization into the innovative Event Broker for security operations that scales to any data volumes, building the power of ArcSight’s connectors directly into the Event Broker; -a new partnership provides IT and security teams with data that has been enriched for better visibility and customization within powerful search dashboards of Elastic; –ArcSight Investigate 2.0 (GA October) with built-in security analytics displayed in pre-defined dashboards that are powered by Vertica to provide actionable intelligence for front-line analysts; -Change Guardian 5.0...

Read More

The New McAfee

I’ve worked with McAfee for a long time – from its independent days, during the Network Associates timeframe, through financial issues, back to McAfee and the go-go Dave DeWalt era, and finally as Intel Security. To be honest, Intel’s acquisition of McAfee was always a head scratcher for me. The 20-somethings on Wall Street crowed about Intel cramming McAfee security in its chip set but this made no sense to me – Intel had long added security (and other) functionality into its processors with lukewarm market reception. The two cultures were a mismatch as well. Ultimately it seems that Intel came to a similar conclusion and recently spun out McAfee in a private equity stew. So, what are the prospects for McAfee this time around? Like comedy, timing is everything when it comes to financial markets, customer demand, and market opportunity. The new McAfee starts its comeback in a robust $100 billion+ cybersecurity market where customers want help, vision, and leadership from their cybersecurity vendors. McAfee has a few real strengths it can deliver to this hungry market including: To read the complete article, CLICK...

Read More

Cybersecurity Goes Private: McAfee and RSA

There are some interesting industry dynamics going on in the cybersecurity market. Just a few months ago, Symantec bought Blue Coat, taking a private company public and forming a cybersecurity industry colossus in the process. Now two other historical cybersecurity powerhouses are heading in the other direction and going private. When the Dell/EMC deal was approved this week, industry veteran RSA became the security division of the world’s largest diversified private technology company. Not to be outdone, Intel and partner TPG are spinning out McAfee as an independent private company. To read the complete article, CLICK...

Read More
Cybersecurity: The Emperor’s New Clothes
Jul21

Cybersecurity: The Emperor’s New Clothes

Intel Security has just released a new report that once again illustrates the threadbare state of cybersecurity: most organizations believe they are better protected than the facts support. “We believe we have a degree of overconfidence, possibly complacency,” said Raj Samani, EMEA CTO, Intel. The survey of IT executives within critical infrastructure organizations, ‘Holding the Line Against Cyber Threats: Critical Infrastructure Readiness Survey‘, produced by Intel Security and The Aspen Institute, found that 41% of respondents are already experiencing physical damage from attacks, and that 86% want more public-private cooperation. “This data raises new and vital questions about how public and private interests can best join forces to mitigate and defend against cyberattacks,” said Clark Kent Ervin, Director, Homeland Security Program, Aspen Institute, in a prepared statement. “This issue must be addressed by policymakers and corporate leaders alike.” Critical infrastructure security – or its lack – has been all over the news recently, including: -Germany passes strict cybersecurity law to protect ‘critical infrastructure’ -Ireland gears up for cyber war with a new strategy to protect critical infrastructure; -Britain’s Ministry of Defence fends off thousands of cyber attacks every day while its military systems log more than a million suspicious incidents on a daily basis; -the government of Canada was the target of a distributed denial of service (DDoS) attack that took down multiple federal websites, including those of the Departments of Justice, and Foreign Affairs; and, -Poland’s national airline had to ground 22 of its planes after finding hackers had attacked its computer system in Warsaw. At the end of June Tripwire reported that nearly all critical infrastructure industry executives recognize that their organizations are targets for cybercriminals, and more than half (61%) are confident their systems could detect attack in less than a day. The company questions this confidence. “The idea that these attacks would be detected quickly is basically a perception that’s driven from the ability of these organizations to deliver energy with very high availability,” wrote Rekha Shenoy, VP of business and corporate development for Tripwire. “However, in our experience, these organizations don’t have the visibility into cybersecurity issues that would allow them to detect an attack faster than other industries.” According to a new report a cyber attack on the US east coast could cost the economy $1 trillion. “The evidence of major attacks during 2014 suggests that attackers were often able to exploit vulnerabilities faster than defenders could remedy them,” Tom Bolt, director of performance management at Lloyd’s, said in the report from the University of Cambridge Centre for Risk Studies and the Lloyd’s of London insurance market. A lot of money is being...

Read More

Enterprise[s]… Establishing a “Cybersecurity Cavalry”

Based upon numerous discussions I’ve had with CISOs, the cybersecurity cavalry [highly-skilled and well-armed troops that establish security outposts to encounter adversaries out on the frontier] isn’t a passing fad but rather a major organizational shift that is gaining momentum. Indeed, large organizations are rapidly adding headcount and increasing budgets for this group. I’ve also seen financial services, defense contractors, and retail organizations giving CISOs the cybersecurity equivalent of eminent domain, allowing them to commandeer IT segments, sound alarm bells, and establish active network policy enforcement actions to improve threat response, even if these actions may temporarily disrupt business operations. This type of authority was unheard of in the past. To read the complete article, CLICK...

Read More