Forbes article out today: McAfee Finally On The
Post# of 82672
McAfee Finally On The Right Path
Richard StiennonContributor
Industry analyst. Author.
McAfee, like Symantec, has played an important role in the cybersecurity industry. Its history is replete with pivots. First it was McAfee Associates, founded by John McAfee who by all reports was actually relatively sane back in 1989. Then it combined with Network General in 1997, after its 1993 IPO, and became Network Associates (NAI). It continued to make acquisitions. Like Symantec the strategy of the early days of anti-virus companies was to establish a brand for desktop software and sell as many products as possible. Symantec was “the yellow box,” McAfee was “the red box,” and when Webroot Software got into the game, they chose to be “the green box.”
Eventually, under Gene Hodges, NAI spun off just about everything in its portfolio other than the ePO, the endpoint protection orchestration suite of products. Gene asked for Gartner’s input on the wisdom of re-branding NAI to McAfee. I am so sorry that we told him it was a good move.
Then disaster struck. McAfee brought on a new CEO who was apparently really good at “generating shareholder value,” because after acquiring Secure Computing he sold McAfee to Intel for $7.68 billion. (See: Intel Should not Consummate McAfee Acquisition).
McAfee became a wholly owned subsidiary of a chip manufacturer. Crazy right? That lasted 4 years and created a window of opportunity for the 223 other vendors of endpoint security products. If Symantec had not been having its own issues at the time it would have grabbed a lot of market share.
Here is how the market for desktop AV used to work. Every large enterprise would choose an AV product for its desktops. Sometimes they would go all-in and buy a lot of products from the same vendor in a misguided sense that vendor rationalization was a good idea. It’s not a good idea in security. They would typically sign three year contracts with the vendor of choice. That would be either Symantec, McAfee, or a third choice, most often Trend Micro. Every IT department in the world hated its AV product. On the desktop it slowed machines down. Updates would bog down the network and dealing with alerts and cleaning machines took up 95% of the time of the internal help desk. So, every three years they would go through a process of choosing another vendor and pick one of the other two. That meant that 33% of the entire market was up for grabs every year. If a vendor faltered along the way it would lose market share to the other two.
Here is a brief history of McAfee drawn from Security Yearbook 2020.
Network Associates was formed from the combination of McAfee Associates and Network General with its Sniffer product. This was one of the early attempts to create a security company that would cover both endpoint and network security, a combination that continues to fail as a strategy. (See: Why Network Security Vendors Should Stay Away from Endpoint Security and Vice Versa. ) Back then the goal was to dominate the enterprise software space. Security had not become a big enough sector to inspire pure play roll ups. That would change.
Aryeh Goretsky, now Distinguished Researcher at ESET, was the first employee of John McAfee. He conducted a reddit AMA (Ask Me Anything) in 2019. [22] He also provided this short summary of his experience in the AV industry:
Heady days, indeed. When I entered the field in 1989, the number of computer viruses was in the tens, with slightly more of them targeted at the Classic Mac OS than for DOS. That flipped in a year or so to DOS, and hasn’t changed back since.
We used to advise customers to update their software once a quarter, and monthly for high-risk computers like those belonging to secretaries and technicians who might be accessing floppy diskettes from untrusted sources. That recommendation changed to two months and then a single month as the number of new viruses being seen increased. When I left McAfee in 1995, there was already work underway to automate the download of updates by dialing into a dedicated BBS system. These days, anti-malware programs update themselves hourly with continuous checking between that for additional types of telemetry, which might mean a threat was detected.
At the beginning, we might have received 2-3 floppy diskettes a month with new viruses on them. That increased to weekly, and uploads of suspect files were occurring multiple times a day to our BBS.
Computer viruses were initially spread mostly through floppy diskettes at the speed at which they could be couriered around the globe, and sometimes through BBS (intentionally or otherwise). Worms like the Morris Worm were not really thought about in the same way as computer viruses, and would not be for years until internet access started to become ubiquitous, and consumer desktop operating systems started to come with TCP/IP stacks, and dial-up networking began to replace BBS.
Dozens became hundreds and hundreds became a couple of thousand by the time I left McAfee Associates in 1995. That was a steep hockey curve back then, but a blip by today’s standards, where you might see 250,000-300,000 malware samples arrive on a daily basis.
In his AMA Goretsky credits John McAfee with the successful growth of one of the first AV vendors, going from one employee to an IPO in three years. He formed McAfee Associates in 1989 and raised $42 million in its IPO in 1992. Mcafee’s AV software was one of the first to be distributed over a network rather than shrink wrapped boxes of instruction manuals and floppy disks (later CDs).
In 1993 John McAfee suffered a mild heart attack and turned the reins of McAfee Associates over to Bill Larson, who became CEO. Larson had been VP of Sales and Marketing for Sun Microsystems. He proceeded on an acquisition binge. He acquired Brightwork Development in 1994 and Saber Software in 1995, both LAN management companies. In 1997 he acquired Jade KK, a Japanese AV company for $21 million. And finally he merged the company with Network General later that year. The company was renamed Network Associates.
Network Associates continued to operate as a collection of endpoint and network solutions until 2003, when the newly appointed President, Gene Hodges, embarked on a major restructuring. The plan was to double down on security and divest the desktop management, LAN management, and other tools. The Gauntlet Firewall product line was handed over to Secure Computing and the other divisions spun out. Left with only the AV product, the company was re-branded as simply McAfee, which seemed like a logical move until John McAfee reemerged from Belize and came into the spotlight.
McAfee, the company, focused on security. It acquired Foundstone, the vulnerability scanning software company along with its founders. Kevin Mandia later left to form Mandiant, now part of FireEye, where Mandia is CEO. Stuart McClure left McAfee to found Cylance, which sold to BlackBerry in late 2018 for $1.4 billion. George Kurtz left to found Crowdstrike. After an IPO in 2019 Crowdstrike’s market cap hit $21.7 billion before settling down to $12 billion. Crowdstrike found itself caught up in the news in 2019 as the US President and Republican leadership promulgated a Russian disinformation narrative that somehow Crowdstrike was a Ukrainian company and it had transferred a server containing hacked Democratic National Committee emails to Ukraine.
Hodges also acquired an endpoint intrusion prevention company, Entercept, and a network intrusion prevention company, IntruVert in 2003, led by Parveen Jain.
In 2007 Dave DeWalt took over at McAfee. Gene Hodges moved on from McAfee to become CEO of Websense, a content URL filtering company where he acquired PortAuthority, one of the leading Data Leak Prevention companies. Gene retired in 2013 and passed away in 2018 at the age of 67. [23]
Dave DeWalt had been president of Documentum before joining McAfee. He inexplicably acquired Secure Computing, bringing the Gauntlet Firewall back into the fold in addition to multiple other firewall brands that Secure Computing had consolidated. He then went on to sell McAfee to Intel for $7.68 billion, where it was branded as Intel Security.
The Intel acquisition made no sense at all, although all of the executives involved spun a story of how Intel would somehow embed security into its chips. The last year before the acquisition McAfee reported just over $2 billion in revenue. Even four years later the Intel Software and Services Group was reporting $2.216 billion in revenue. McAfee sales completely stalled out while it was part of Intel. [24]
In 2016 Intel spun out McAfee to TPG, a private equity firm, at a valuation of $4.2 billion, a $3.48 billion dollar loss from when it acquired McAfee in 2011. Intel maintained a 49% ownership and continued to finance $2 billion in debt from the acquisition. [25]
Since the spin-out and being re-re-branded as McAfee, the company appears to be healing its corporate chair ball inflicted wounds.
Just two years ago McAfee had 9,000 employees and it reports about 7,000 today, a 22% drop. This is actually an indication of efficiencies that well-run organizations are able to achieve with streamlined costs and a focus on a cloud-first portfolio. Some blood letting is always necessary when restructuring a company, especially under the tutelage of a private equity firm like TPG which also has investments in Gaurdicore, Tanium, and Zscaler in its $119 billion portfolio.
The past ten years has seen two of the top three contenders for enterprise AV experiencing disruptive fumbling at the hands of misguided leadership. The third, Trend Micro, is the only one that has seen continuous leadership. But this is a great time for McAfee, freed of Intel, to get its house in order, formulate a strategy, and execute. They appear to be doing just that.
McAfee has two business divisions: Consumer and Enterprise.
McAfee Enterprise launched its cloud-native MVISION Platform in October to help organizations protect data and stop threats across devices, networks and the cloud. It includes a unified Endpoint Security solution, MVISION Endpoint, which embeds integrated cloud native EDR .
At the RSA Conference in San Francisco this February, McAfee announced an MDR offering (managed detection and response) giving them the ability to leverage the rapidly evolving Managed Service channel to address cloud managed security for those that cannot maintain their own security operations center.
A “cloud first” strategy is becoming a requirement for all technology vendors and McAfee Enterprise has adopted that as their slogan. While they have hardware appliances in their portfolio, they have quickly moved to build what certainly looks like a cloud-native SASE (secure access service edge) offering. It includes their secure web gateway technology, now deployed to 50+ cloud points of presence around the world, browser isolation, an industry leading CASB (cloud access security broker), and DLP (data loss prevention). McAfee has also begun to make strategic acquisitions to build on a cloud first strategy: SkyHigh in 2018 for that CASB solution, Nanosec in August, 2019, for container security, and announced a definitive agreement to acquire Lightpoint Security in February, 2020, for remote browser isolation.
The demise of Symantec could not have come at a better time for McAfee. With its house in order, McAfee should be able to pick up many of Symantec’s customers and channel partners. With the right products, a viable strategy, and good people, the only remaining factor that will determine McAfee’s success is execution.
https://news.google.com/articles/CAIiEKjMiEK3...id=US%3Aen