COVID-19 has changed the face of security forever. The perimeter defense model, which had been slowly crumbling, has now been shattered. Employees are working from home, many of them permanently. Applications are shifting to the cloud at an accelerating pace. Enterprise security today is all about secure remote access and protecting cloud-based assets. That means enterprises need to deploy SD-WAN, secure access service edge (SASE) and zero trust network access (ZTNA).
Anyone who ever attended an RSA conference understands that cybersecurity vendors introduce hundreds of amazing, innovative products every year. But C-level execs aren’t looking for the flashiest new point products. Faced with a severe shortage of security professionals and up against rapidly evolving threats, CISOs are looking for strategic partners, advisory services, and vendors that offer broad platforms. They are also gravitating toward managed security services and cloud-based solutions.
With that in mind, here’s our list of 10 security companies (presented in alphabetical order) that have made bold moves in the past year and have taken power positions within the cybersecurity community.
Why they’re here: Through a series of strategic acquisitions (CloudLock, Viptela, Duo, and Thousand Eyes among the most notable) and its unparalleled ability to integrate new products into its core security and networking platforms, Cisco has staked out a leadership position in emerging security areas such as SD-WAN, zero trust and SASE. Gartner ranks Cisco as a visionary in its endpoint protection rankings, noting Cisco’s SecureX cloud-based service integrates security analytics, threat hunting and threat intelligence in a single view to investigate and respond to threats.
Power moves: In May, Cisco bought Kenna Security, which provides risk-based vulnerability management technology.
By the numbers: Despite Covid-related market and supply chain disruptions, Cisco’s annual security revenue increased 7 per cent year over year to reach US$3.3 billion.
Outlook: Eric Parizo, a senior analyst at Omdia, describes Cisco’s security standing this way: “Cisco remains one of the strongest top-tier competitors in enterprise security today, particularly on the network side, but often overlooked are the tremendous strides Cisco has made in cloud security. Its Umbrella cloud-delivered security solution is one of the most popular and fastest-growing offerings in Cisco’s security division. When paired with its other cloud-based offerings including Threat Grid, Stealthwatch Cloud, and Duo, all of which Cisco is integrating with its other security solutions like its firewalls and network access control solutions, Cisco will remain a force to be reckoned with in enterprise security for some time.”
Why they’re here: From its humble roots blocking denial of service attacks, Cloudflare built out one of the largest global content delivery networks and then caught the waves of cloud, mobility, and remote access to become a leader in cloud security. Frost & Sullivan says Cloudflare is an innovator in what it calls holistic web protection (DDoS mitigation, web application firewall, and bot risk management.) And the company isn’t sitting on its laurels, recently announcing an expansion beyond protecting the infrastructure that companies expose to the Internet to now cover internal employees who need to access internet-hosted applications.
Power moves: Purchased S2 Systems, a Seattle-area startup that has built an innovative remote browser isolation solution unlike any other currently in the market. The technology will help protect endpoints from zero day attacks.
By the numbers: With a successful IPO and revenue up 53 per cent for its latest quarter, Cloudflare boasts a market cap of US$38.5 billion.
Outlook: Led by founder and CEO Matthew Prince, Cloudflare has a simple and powerful goal: To build a better internet. According to Frost & Sullivan, it is perfectly positioned to take advantage of the growing need for companies to secure websites and web applications. “Cloudflare’s security vision reflects the commitment to securing clients' infrastructure without performance tradeoffs. Cloudflare is a clear leader with respect to innovation,” adds Frost & Sullivan.
Why they’re here: As the center of gravity for enterprise security has migrated toward cloud-native endpoint and workload protection, threat intelligence and incident response, CrowdStrike has emerged as a leader with its Falcon platform. Gartner says CrowdStrike “has a strong reputation as the single solution for organisations looking to consolidate their endpoint protection and endpoint disaster recovery solutions.” In addition, CrowdStrike’s professional services “are highly rated and popular with customers who don’t have their own SOC/threat hunting teams and those wishing to augment their internal security,” says Gartner.
Power moves: CrowdStrike acquired Preempt Security, a provider of zero-trust and conditional access technology for threat prevention and shelled out $400 million for Humio, a provider of high-performance cloud log management and observability technology.
By the numbers: For the fiscal year-ending January 2021, revenue grew 82 per cent to US$874 million. Since its April 2019 IPO, CrowdStrike stock has shot up to around US$230 a share, putting the current market cap at US$52B.
Outlook: “CrowdStrike began as a threat intelligence vendor and continues to stay out front,” says Forrester, with a strategy that includes expanding cloud, mobile, and vulnerability intelligence practices and continuing to invest in digital reconnaissance. Forrester adds, “Reference customers using CrowdStrike’s Falcon X Elite tier were extremely impressed with the level of service provided by the dedicated intelligence analysts.”
Why they’re here: Fortinet has evolved from a simple firewall vendor to a full-service security powerhouse that is staking out a leadership position in critical areas like SIEM (FortiSIEM), next-generation firewalls (FortiGate), SD-WAN, SASE and zero trust. Fortinet’s ever-expanding Fortinet Security Platform encompasses intrusion detection and response, web security, sandboxing, advanced endpoint, identity/multi-factor authentication, multi-cloud workload protection, cloud application security broker (CASB), browser isolation, and web application firewalling capabilities.
Power moves: In December, Fortinet bought cloud-based IT operations management vendor Panopta. In March, Fortinet snapped up cloud and network security vendor ShieldX and in July Fortinet acquired continuous AppSec testing vendor Sken.ai.
By the numbers: US$34 million: The amount that Fortinet paid for Panopta.
Outlook: Under the steady leadership of the brothers Xie (Ken and Michael), Fortinet has separated itself from the pack by designing its own ASICs and attempting, to the extent possible, to build an integrated, optimised security fabric from the ground up. For example, while its competitors bought startup SD-WAN vendors and struggled with integration, Fortinet built its own SD-WAN. The DIY approach can only take you so far, which is why Fortinet has gobbled up vendors who fill in the some of the holes in the company’s portfolio. But the Xies have Fortinet well positioned to take advantage of the shift from the perimeter security model to the new world of remote access, cloud and zero trust.
Why they’re here: With a world-class security operations center, an impressive array of security products, and a fully managed security service, IBM is a leader in enterprise-grade security. IBM’s security portfolio includes the industry leading QRadar SIEM, Guardium data protection and data leak platform, Trusteer fraud protection, X-Force Threat Intelligence, QRadar Network Insights for network detection and response and QRadar Vulnerability Manager.
Power moves: In January, IBM acquired StackRox, a provider of container and Kubernetes-native security software.
By the numbers: According to IBM’s annual data breach report, data breach costs rose from US$3.86 million to US$4.24 million, the highest average total cost in the 17-year history of the report.
Outlook: The naming convention for IBM security products and services can sometimes be confusing: There’s the QRadar lineup. There’s the X-Force research and threat intelligence capability. There’s the Cloud Pak for Security platform. In March, IBM announced an expanded suite of services called IBM Security Services for Cloud. In any event, IBM security products and services are highly rated, and are aligned well with the company’s broader goal of driving hybrid cloud adoption.
Why they’re here: Mandiant has made a name for itself as the company you call when there’s been a serious breach and you need a team of highly trained experts to come in and lead your intrusion detection and response activities. Over the years, Mandiant expanded its offerings beyond consulting to include SaaS-based security validation, threat intelligence and managed detection and response. In 2013, security hardware vendor FireEye bought Mandiant (founded by Kevin Mandia). The combined company was still named FireEye, with Mandia as CEO. The marriage never really worked, and in June, Mandia announced the terms of the divorce: FireEye was being sold.
Power moves: In this addition by subtraction power move, Mandia steps out from FireEye’s shadow and is able to focus exclusively on its core business in a completely vendor neutral way.
By the numbers: US$1.2 billion: The amount that a consortium led by Symphony Technology Group (STG) paid for FireEye’s product portfolio of threat detection tools.
Outlook: According to Forrester analysts Jeff Pollard, Brian Kime, and Joseph Blankenship, “The relationship between the two sides of the business was never equal, and eventually, Mandiant recognised that legacy FireEye solutions were holding it back.” Forrester adds that “Mandiant seems to be in position to continue its forward momentum by streamlining itself. The split will allow Mandiant to capitalise on its intelligence-driven services and grow the managed defense business.”
Read more on the next page...