Page 68 - CDM-Cyber-Warnings-March-2014
P. 68
Will the acquisitions to be made in the cybersecurity industry deliver the deal valuations we have seen recently in other areas, like Facebook’s acquisition of WhatsApp? Not likely. Cybersecurity is a relatively stable industry especially when compared to social media. Its growth is less and the risk is less. The window of opportunity is greater. As a result, the valuations are less astronomical. The cybersecurity industry is a fragmented one. A fragmented industry is an industry in which no single enterprise has large enough share of the market to be able to influence the industry's direction. While Symantec and McAfee are the two biggest players in the industry no one would claim that they’re able to influence the direction of cybersecurity. In fact, because of their own situations they’re more followers than they are leaders. Many smaller vendors have carved out a market niche where they deliver a unique product or specialized service. This creates an opportunity for one of the other players to implement an acquisitive growth strategy that will position it to dominate the industry, like Cisco Systems did in the 1990s. No one has been able to replicate Cisco’s model of becoming the dominant player in cybersecurity: becoming a decentralized set of business units that leverage the company's marketing, sales, manufacturing, and distribution strengths and thereby taking advantage of being a big company, while acting like a small company from a product development point of view. With this model, Cisco became a one-stop shopping option in a market that had long been far too technologically complex to allow any one vendor to grab such a ubiquitous role. Cisco's management team realized that the market was changing rapidly, with the advent of faster and more intelligent "internetworking" devices like switches and hubs, which link local area and wide area networks. In addition, the coming of age of the Internet and the growing popularity of intranets, the corporate in-house version, put more demands on Cisco to provide a complex variety of networking solutions. To dominate such a market, Cisco knew that it could not hope to internally develop the needed array of technology. With product cycles dropping below 18 months and long-term bets off, Cisco set out to buy what it couldn't develop quickly enough. Will anyone follow that model in cybersecurity? No one has done it in cybersecurity though one could argue that Check Point Software Technologies was the best positioned to do so and while they have made several acquisitions, " # % " $ " # ! !
