Is Security Consolidation Coming?

Matt Hines Avatar

Updated on:

Increased demand for security suites and too many anti-virus vendors could create a good brew for consolidation, said industry watchers.

While industry giant Symantec continues to broaden their portfolios with the recent acquisitions of Relicore, Sygate and WholeSecurity, smaller anti-virus companies’ profits are being pinched.

And even as large players such as RSA Security have reported impressive first quarter 2006 earnings, smaller players including Entrust, Internet Security Systems and Websense have all missed their revenue projections.

On April 17, RSA reported net income of $5.3 million on revenue of $87.5 million for the first quarter ending March 31. The results topped expectations.

Smaller vendors, however, have issued profit and sales warnings. Entrust said April 6 it would report a first quarter loss with revenue of $21 million.

On April 7, ISS said its first quarter sales would fall $2 million short of estimates at $80 million. On April 5, Websense announced its financial results would fall short of Wall Street estimates with revenue of $42.3 and 42.5 million.

Microsoft’s security disclosures come under fire. Click here to read more.

Couple those results with the fact there are an estimated 800-to-1,000 different companies on the global market selling IT security applications at present and consolidation is likely.

“The simple facts are that there are way too many security companies out there and we haven’t seen a major virus outbreak in a while,” said John Pescatore, an analyst with Gartner, based in Stamford, Conn.

“Two years ago when some of the big worms hit you saw a lot of venture capital money being thrown at a lot of different security companies, but not all of them can last.”

In addition to demand for integrated security applications for centralized management, many customers are also hoping to deal with fewer vendors, said Pescatore.

He predicted that companies focused specifically on products tied to compliance with government regulations such as The Sarbanes-Oxley Act, may also see demand slip.

Another example of companies ripe for acquisition are firms which provide only one type of application, such as anti-spyware, that are now included in many software suites that aim to address many different types of malware.

“This has been coming together for some time, mostly based on the need for greater ease-of-management with all the different security point products on the market,” said Charlotte Dunlap, analyst with Current Analysis, Port Washington, N.Y.

“We will see more threat protection technologies being bundled together, as with the ongoing combination of intrusion protection and behavioral security tools.”

Next Page: Wall Street’s take.