By Julian Pletts
Bolstered by encouraging growth over the first half of this year despite the financial crisis, IT security vendor McAfee is squaring up to market rival Symantec and aiming to snatch more market share. Julian Pletts talks exclusively to CEO and president, Dave DeWalt.
Bolstered by encouraging growth over the first half of this year despite the financial crisis, IT security vendor McAfee is squaring up to market rival Symantec and aiming to snatch more market share. Julian Pletts talks exclusively to CEO and president, Dave DeWalt.You have presented the ePolicy Orchestrator (ePO) in Las Vegas – why is it important that enterprises centrally manage their security, particularly in a region like the Middle East where there are a great deal of distributed networks?
The main challenges we have seen in the last few years are driving the demand for a centralised management console. The reason for that is we’ve seen such a diverse set of attack vectors on cyber-crime and terrorism that if you are a corporation, and are de-centralised as a network, as almost every global national company is, or you are even a small business, you have to understand the threats that you are facing. Some of those threats can come in everything from a USB thumb drive to a computer email to a network on the web. How do you correlate the threats across these vectors? You need to look at it as a single pain of glass and a single view. That is what we are trying to do and we realise McAfee isn’t the only company and set of products that can solve this and that is why we have 81 partners integrated into the ePO and we have announced a whole lot more. By creating an integrated framework of third party products to McAfee’s, we think that together we can be stronger.
Symantec CEO, Enrique Salem described the competition as Symantec and the seven dwarves. Symantec have a strong tie-ups with OEMs that are worth a great deal to them. Has McAfee been trying to gain a stronger foothold in this important route to market?
Are you trying to push my buttons now? It is a little early in the morning to get the seven dwarves comment! We have a heated rivalry with Symantec and McAfee has grown and we have had 14 consecutive double-digit growth quarters. We have accelerated our growth, in a difficult economy, and a lot of this has come at the expense of market share from our competitors. Analysts have shown that we have just passed Symantec as the number one provider in corporate security. We have grown by staying focused on security and partnering positively with both the channel and the community to create positive security operations. And when it comes to partnerships it is obvious that we have to take a lot of those partners away from our competitors and we have always had a strategy of creating a ubiquity of security. To create ubiquity of our products, we partner in a good strong way, Verizon and partnerships with others really show our strategy of silicon in the satellite. This is creating, embedding and OEMing our technology from the smallest of semiconductors, like we have done with Intel, to the largest of cloud-based computing models, like Verizon’s, BT’s and Telefonica’s. We have been doing a lot of work with the Middle Eastern telecommunications partners who are huge partners of ours as well.
So it is it fair to label McAfee as one of the Seven Dwarves?
Well, obviously that is a pretty interesting comment in content security considering we have now passed them in corporate security. I’m not sure who is the dwarf now but certainly we have gotten even bigger than them in the most important segment — corporate.
You reported strong second quarter results earlier this year of US$469 million in revenue. What is it about your strategy that you think has allowed McAfee to grow in a very tough climate?
The strategy has really just been to focus on security, as opposed to our competitors. Security is a growing challenge for the world. The internet isn’t architected with security in mind and as a dedicated security company we have been able to double our business in the last three years just by focusing on that. The difference is our partnering models, our strategy for security only and the fact that we really interlock our strategy from consumer to corporation and that comes in the form of intelligence from all over the world. We have got research and development outside of the US, more than 50% outside of the US, we do business in more than 90 countries around the world and we are very focused on what we call the emerging markets, such as the Middle East. We have already doubled our growth and investments in the emerging markets with a strategic imperative that I have launched over the last year called ‘capture the emerging markets’. The whole Middle Eastern country base has really been very strategic to McAfee and the growth is starting to show that. McAfee has been actively seeking the help of third party vendors and the channel to combat dangers from cyber criminals? Where has this open strategy come from and how does it benefit the company as a whole?
Well it benefits us and really benefits the customer and that is really why we do it. Most of the customers of ours have said that they really feel they need an ecosystem of security that works together. Our competitors have chosen a direction where they only work with their own product, a very proprietary way of working. It’s a very naive way. Interoperability and integration is critical in the enterprise. There are many products, more than McAfee’s and Symantec’s and Trend Micro’s, and whoever can work more interoperability in than others, is probably the stronger vendor. Most customers have applauded that we have integrated lots of companies, even if it competes, and we have to constantly be showing customers that we have better products, but we are also open too and that openness allows us to correlate data and intelligence much quicker than our competitors. And since threats are much more diverse these days, it is obvious to see why that is important. With over 80 companies involved in the Security Innovation Alliance though is it not inevitable that there will be stability issues and security flaws?
No, we have very rigorous testing and each product is tested. McAfee goes through the same rigorous testing process as with our own products. Most of what we do is transmitting data across. That doesn’t create a new vulnerability, especially with the secure protocols and the encrypted protocols that we have, but it does allow us to communicate better. Really the main thing you are trying to solve is the time to remediate a threat, so by communicating faster, the quicker you can remediate a threat, the less vulnerable you are. So we developed the ePO model, where these products can be integrated. Where our competitors have no integrations with third parties, they have no way of communicating, so how can they solve today’s threats?
Security as a service seems to be a direction that the security market is heading towards. How have you been working to ensure that you are able to establish a strong presence in the services market?
Having just visited Dubai a few months ago when I met with some of the largest telecommunications companies, it is very obvious that the market segment is very open for that sort of technology and distribution. We have already been doing that and the ability to do what we call ‘clean pipes’ is very near. This is the cleansing of the IP networks and fighting spam prior to it reaching the business of the consumer. With web filtering and other types of firewalls and denial of service security, some of our biggest partners are very active and in many cases, ahead of the rest of the world when it comes to security in the cloud. That is another target when it comes to us acquiring technologies.
What are the biggest threats likely to wreak havoc in the future and what can the Middle East market to do to get ahead on dealing with these issues?
There are a number of problems that continue to be out there. Certainly we’re seeing a tremendous rise in what we call malware. They see it as the viruses and the Trojans, but there are so many different amalgamations of these viruses that there are mass deployments of them and over 80% of these malware samples that we get are designed for financial reasons — online crime. Most of it comes through the web, instead of through a floppy disk or some sort of media, like it once did, that is continuing now mind you, but now when you click on a website, it can then download something onto your computer. So how do we protect the web vector? Doing so through the cloud, as well as on-premise, to block these types of entry points for corporations is very important. Securing the internet is probably the biggest thing that McAfee is focused on, and in some places we offer a free product that comes in almost every language in the world called SiteAdvisor. It is a free product for safe searching online as well as appliances, end-points and cloud-based web security. The second biggest threat is data loss. Corporations continue to struggle with intellectual property loss. So many corporations are trying to put a data protection framework in place to protect themselves from losing information and in most cases it is by accident. But when you lose information in this world by accident it can often be damaging to reputation and it can also be a financial loss. Today, there’s a very decentralised, world is flat approach, to outsourcing and in-sourcing technologies and how to protect it. The technology is there now, there just needs to be education and deployment so that companies can be safe. Microsoft is now offering free security solutions. How can you possibly combat that?
Our free product has been out for almost three years and certainly before Microsoft. We have a little over 150 million downloads of that and it is one of the most widely distributed free products in the world but certainly there has always been a market for free security products. But when it comes from such a major IT company as Microsoft is that not a major challenge?
Yeah and we certainly don’t take anything for granted from Microsoft. But, Microsoft has had the greatest number of vulnerabilities and they are increasing as well. When you have a product like Microsoft, the Essentials product, it really has got a bit of Trojan horse built in — it has got a licence checker built right into it. Now why are you deploying it to the emerging markets, when really the reason you are doing this is for piracy control of your own operating environment, not for protection or security. Microsoft’s strategy there is really to target piracy and piracy of their own product family. That is why they have the licence compliance product, the checker product and the updated product built right into the Microsoft Security Essentials product. What would you tell end-users that decide to use that as the only security option and not invest in anything from companies like McAfee?
I would tell them they are not protected at all and that Microsoft has very low detection rates. Having an antivirus only is not enough and most threats are coming from the web now including identity thefts. We need a more comprehensive solution and Microsoft’s product isn’t enough to save you from some, or most, of the perils,on the internet. It is a nice product but it doesn’t solve the problems out there and nor has Microsoft shown a proclivity to keep up with that.
McAfee has brought a lot of companies over the course of the past few years and made some significant tie-ups with other vendors. Are there likely to be any more purchases on the horizon and what areas will they be in?
Absolutely, we continue to be an acquisitive company and our strategy of smaller, medium-sized acquisitions has been very positively received. We have acquired anywhere from three to four companies a year and we will continue to do that when we feel we can win market segments. We have done that each quarter this year and will continue to do that as a part of our strategy. Building products as part of our acquisitions is as important as acquisitions, which is as important as our partnering model. We call it build, buy and partner. The combination of those three things is our strategy and acquisitions will continue to be part of that. Tell us about the Verizon partnership and will that be targeting any government organisations in the Middle East region as it is also a strong sector out here?
Yes they will be and not just the government sector as well. Let me tell you, Verizon’s go to market model with McAfee is that they will be providing both on-premise solutions as part of their consultancy and business outsourcing, as well as managed services, which is more in the cloud models. We’ve also been offering a series of clean-pipe initiatives with Verizon to really leverage their global IP network with security inside. McAfee will be the enabling security architecture for Verizon’s global IP network, and we certainly look for greater opportunities for them worldwide. Telecommunication partnerships are really important and critical to the company and Verizon’s is the first of many you will start to see as we announce them. The main thing that I want to emphasise is that the Middle East is an extraordinarily strategic market to McAfee and if I didn’t underscore that I would be remiss in this interview. It has been a real opportunity for the company to grow as the market there grows. We see real opportunity for McAfee as well as for that market and will continue to make investments and expand our operations there. So how big is the Middle East in terms of the global market or even the EMEA region?
You know we haven’t announced it. I wish I could tell you. But we have had some very large growth and more than doubled our investments locally there and are continuing to do so. I don’t have a number that I can give you just because I don’t break it out for others in the financial community. Just suffice to say you will see me more there next year as well as more offices, more infrastructure and investments and we look forward to a bright future in the Middle East.