Chief information security officers (CISO) who have bought McAfee solutions and channel partners that sell them won’t see big changes immediately when Intel completes the sale of its Security Group to a private company, says a senior executive.
“There’s no change fundamentally or foundationally to our current strategy,” Brett Kelsey, vice-president and CTO for Americas at Intel Security, said in a phone interview Tuesday from Winnipeg where he is on a western swing to speak to major customers.
“This strategy we currently have is the most confident and ultimately zealot-like mission of actually executing on that I’ve ever seen us do.”
Just over a year ago Intel Security unveiled a new strategy focusing on the endpoint and cloud computing as well as unifying protection, detection and correction with real-time centralized management to help CISOs protect the enterprise.
As for channel partners that sell its solutions, Kelsey said they will continue to “confidently represent one of the most comprehensive leading portfolios in the industry.” As a pure-play security company it will accelerate innovation and deliver an integrated and increasing automated and orchestrated.
Kelsey was commenting on last week’s announcement by Intel that it is selling the security division to Texas-based private equity firm TPG, which owns, controls and invests in a wide range of companies in software, digital media, real estate and healthcare.
When the deal closes around April, 2017 TPG will own 51 per cent of what again will be called McAfee, and Intel will own 49 per cent in. TPG says it is making a US$1.1 billion equity investment to help drive growth and enhance focus as a standalone business.
When Intel bought McAfee for US$7.7 billion in 2014 it hoped to benefit from diversification. Security management, network management and endpoint security products seemed a good fit for a major manufacturer of server, network and PC components. However, Forrester Research noted that at the time McAfee wasn’t a key player in two growing areas, cloud or mobile security.
While McAfee does have good offerings in data loss prevention, security information management and other areas, Intel has had to prune the line, including its next-generation firewalls and email security products. That led Forrester to conclude McAfee has suffered “lasting damage from a multiyear dismantling of its portfolio and little innovation while part of Intel.”
Kelsey couldn’t disagree more. “I would vehemently disagree with regard to that. I believe you will see more innovation come out of this organization inside of the next six months than you’ve probably seen in the last two years … You will see some huge surprises, hopefully, coming out of our Focus (security) conference” in November in Las Vegas.
One hint: McAfee will continue to move to create or continue development in cloud access security broker (CASB) and cloud security related security solutions of existing products, he said.
Nor, he added, has Intel held McAfee back. “Two major things Intel gave us was rigor and they gave us quality. And we have taken those elements and made them inherently part of our overall capabilities and how we deliver.”
Separately, Keley also talked lessons CISOs need to learn. “The biggest mistake I see CISOs make regularly is [taking] a pragmatic appraoch for consideration to the business they’re in.” Many think only about securing the enterprise, he said, without thinking about how that fits into what the organization does.
Another mistake is not understanding how to build an integrated security architecture that will drive velocity in the organization. Finally, he said, “there’s still a big missing piece in a lot of cases from CISOs and their communications capabilities to boards.” Infosec pros have to learn to talk to boards about security at a pace and capability the directors can digest.
He added that he still hears CISOs say their organization isn’t going to the cloud in defiance of corporate trends. Organizations have to plan now for how they will secure and protect data when they go to the cloud.
In particular CISOs need to think about how they will extend their security profiles into the cloud and be as elastic as the cloud is capable of being. If you look at how quick containers can come and go the security solutions have to expand similarly, he said. And infosec pros have to plan to leverage cloud solutions to drive security into areas like mobile and Internet of Things platforms so they can do “some of the harder work.”
“CIOs need to start taking that into consideration today, even if their organization is not moving into the cloud now. The presumption should be when we (move) these are the things we need to consider and these are the directions we need to have so we can put security in and adopt it on the front end, rather than wait until (bad) things happen.”