Over the past month we've seen two different partnerships announced in the information security industry, both involving sharing of intelligence on threats. What exactly does this mean and why are companies doing this? Although confusing at first, I believe it is a good thing for these companies as well as the industry as a whole.
Two partnership announcements
The latest two companies to get cozy is Check Point Software Technologies Ltd. (CHKP 1.57%) and International Business Machines Corp. (IBM 1.74%). Although the two have had a relationship for the past 18 years, both companies announced on Feb. 25 they will be taking it to a new level.
Specifically, the companies outlined four areas of collaboration. The first, and what I believe to be the most significant, is shared threat intelligence. IBM and Check Point will share information with each other concerning any cyber threats. The sharing will be done through IBM's own threat intelligence sharing platform called X-Force Exchange.
The other areas include integrated event management, a Check Point app that will run within IBM's products and will send threat data in real time, allowing operators to respond faster. IBM customers will also be able to deploy and manage Check Point's Mobile Threat Prevention.
The announcement follows a similar one from Palo Alto Networks (PANW 0.94%) and Proofpoint (PFPT). On Jan. 20, both companies announced they would be joining forces and sharing data and product capabilities as well. Specifically, the combination will consist of Proofpoint's Targeted Attack Prevention (TAP), its SocialPatrol product, and Palo Alto's Next-Generation Security Platform.
What this means for the industry and investors
To understand the significance of this, it helps to look at how the industry as a whole has been evolving. While cybercrime has been around since computers and the Internet, it has recently taken center stage for many companies after high-profile and expensive cases of hacking and stolen information.
As cybercrime ramped up, so did the number of firms, all focusing on protecting different parts of the network or offering specific solutions. While one vendor's product would protect against one type of attack, another product would have to be purchased to prevent against another type. This gave information security officers a huge headache as they not only had to buy all of these products, but also maintain, set up, and log in to each one individually.
Businesses have responded by bundling and selling products together to relieve some of this pain for customers. But don't some of these companies compete with each other? Not exactly. Because these companies all focus on a specific area of expertise or type of attack, there is not as much concern about competition between them.
For example, on its latest earnings call, Palo Alto CEO Mark D. McLaughlin noted that Palo Alto and Proof Point are in different markets but have complementary capabilities. Proof Point is concerned with email and messaging security, while Palo Alto is general network security.
The other interesting shift in the industry is the sharing of threat intelligence. To some extent, security providers are only as good as the information they have regarding threats -- the more information a company has the more valuable. So at first glance, it seems odd these companies would voluntarily share their information with each other.
However, because these companies are not competing directly against each other, the sharing of data benefits them both without giving the other a competitive advantage. McLaughlin also noted that customers are getting fed up with vendors trying to sell them intelligence. Instead, he believes in the near future the value proposition will be how security vendors handle intelligence and what they do with it.
If the overall goal is to combat cybersecurity threats, then the sharing of intelligence should be a win-win for the companies providing the services, as well as the customers who will receive more effective solutions. This, in turn, will help the industry as a whole combat the problem, and companies will be willing to shell out more money for products that work.
Is there enough room?
This collaborative dynamic will continue so long as the cybersecurity pie keeps growing. For now, it seems the space is big enough for these multiple companies with different approaches to get along. Spending on IT security totaled approximately $77 billion in 2015, and is expected to increase to $100 billion by 2018 according to market research firm Gartner.
As the market matures in the coming years, there could be consolidation. Already security mergers and acquisitions have been increasing, with 133 security M&A deals reported in 2015, up from 105 in 2014. A survey by 451 Research found investment bankers expect security to have the most M&A activity this year, surpassing mobile technology, which held the spot for six consecutive years.
This isn't a reason to stay away from the industry and in fact validates the investment thesis as large companies are willing to pony up the cash to fill product holes. This is why I personally prefer pure-plays in the security space -- not only do you get the high growth rates of these companies tied to security, but if consolidation does occur it will be the pure-plays that will be more likely to be purchased.