Posted by Tom Foremski - September 12, 2006
I'm a big fan of Ray Lane, the former president of Oracle and one of Kleiner Perkins' top VCs. So whenever there's an opportunity to be around the same table I always take it.
Mr Lane is one of the industry's veterans and one of the savviest in the enterprise software industry. And his presence is large, he doesn't need to check himself for commentary, which is great if you are a journalist.
Tuesday evening Mr Lane and executives from security firm ArcSight, plus a couple of c ustomers, plus a bunch of A-list journalists, from WSJ, News.com, etc met for a roundtable discussion on matters of security. The timing was perfect to chat about security with all the talk of 9-11, and the term 9-11 came up many times during dinner.
ArcSight specializes in spotting aberrant behaviors among staff and flagging potential insider criminal activities. Some of those activities could be accidental, such as "forgetting" a laptop filled with sensitive company data in an airport lounge.
Other incidents are part of sophisticated criminal gang activities that could include extortion of corporate executives.
Interestingly, the people that are most watched are those that ArcSight describes as senior level people that hold "the keys to the kingdom." It is these types of insider threats that ArcSight's technology is designed to prevent.
They said repeatedly, that the insider threat is a huge, massive problem--but one that is unmeasurable. So how do we know it is a huge problem if we cannot quantify it?
I was told by one ArcSight customer that it is a "gut feeling" that insiders, some of them disgruntled staff, are up to various nefarious activities. ArcSight software will spot that activity, flag it, and alert company security personnel that there is a potential problem associated with a specific employee.
It is very Big Brother-like but how else can you spot such criminal activities?
The security software market is interesting because it is very balkanized. There are way too many point product companies. Enterprises want to buy one solution for one big problem. In the security software space, there still a tremendous amount of consolidation to be done to aggregate many dozens of security companies into one.
Ray Lane is very good at selling companies, last year he sold Virsa, the fastest growing private software company to SAP. Is ArcSight on the table?
It could be. One of ArcSight's board members told me the company is hitting close to the $75m revenue number, that's getting close to the magic $80m to $100m level that could initiate an IPO--except that the IPO market is in the doldrums.
Maybe ArcSight is being dressed up for sale to a larger security company. Maybe John Thompson over at Symantec is interested?
I think the tech IPO market will make a comeback because capital needs a new focus now that the real estate market is tanking. Tech IPO's will make a comeback, I'm not sure how soon, or how soon enougth for Kleiner, which has had a stake in ArcSight for more than 5 years. It could be time to pull some money out.
ArcSight has an interesting security story, but it is one fragment of a larger security issue. And with such a large problem, corporations will want want to outsource that problem.
This is where IT services companies such as IBM, EDS, HP, Symantec and others, are positioned to take on this IT security burden for a service fee. That's why smaller security software companies will have a tough time growing revenues with point products--no matter how good they are.
Please see SVW:Peoplesoft and Siebel considered merging but leadership issue blocked the deal says Ray Lane former Oracle president
Clarifications from a representative of ArcSight:
- While the dinner was focused on insider threats, ArcSight does enterprise security management, which historically has been all about external threats and compliance. ArcSight’s enterprise and government customers (we’re talking FBI, DHS, FAA, Army, Marines, etc.) have also been using the technology to address insider threats.
- I wouldn’t really consider ArcSight a point vendor. ArcSight is the antidote to point security solutions. It takes data from hundreds of point systems (firewalls, anti-virus, data leak prevention systems) and makes sense of it all to find real threats and patterns you wouldn’t otherwise see. I suppose they’re “point” compared to the large security vendors. Convenience of a suite doesn’t necessarily win when it comes to security. ArcSight competes with Symantec, Cisco, CA, IBM and wins approximately 90% of deals that go into a side by side trial.
- As for companies outsourcing security, while it makes sense for some, you can bet that government agencies and large enterprises aren’t going to risk it. Also, 15 different managed security services providers use ArcSight’s technology to run their systems.
The roundtable was organized by the Horn Group and included:
Sandra Bergeron, security expert, formerly of McAfee
Sandra is one of the best known and highly respected women of technology in Silicon Valley. James Christiansen, CISO, Experian
James is currently the CISO of Experian.
Brian Contos, CSO, ArcSight
His latest book, Enemy at the Water Cooler, is currently available.
Morian Eberhard, Vice President, Enterprise Security, Union Bank of California
Hugh Njemanze, CTO and EVP of Research & Development, ArcSight
Hugh founded ArcSight and is now leading product development, information technology deployment, product research, and support.
Ray Lane, Kleiner Perkins Caufield & Byers
Ted Schlein, Kleiner Perkins Caufield & Byers
If urgent: send text or call 415 336 7547
Bacon's names Silicon Valley Watcher one of the
most influential blogs in the US.
SF Publicity Club's ninth annual awards
celebrating excellence in media.