Compliance Management, Network Security, Security Strategy, Plan, Budget

HP to buy ArcSight for $1.5 billion

Hewlett-Packard on Monday announced plans to acquire software security and compliance solutions provider ArcSight for $1.5 billion, the second blockbuster security deal in less than a month.

With the buy, expected to close by the end of the year, HP gains ArcSight's security information and event management (SIEM) portfolio, used by customers to analyze and correlate events occurring across an organization — such as login, logoff, file access and database queries — with the goal of prioritizing security risks and compliance violations.

The acquisition of Cupertino, Calif.-based ArcSight enables HP, the world's largest PC maker, to provide customers with increased monitoring and management of events happening across their IT operation, Bill Veghte, HP's executive vice president of software and solutions, told on Monday. Gaining that visibility lets organizations build stronger applications, reduce risk and meet compliance demands.

Palo Alto, Calif.-based HP believes a "holistic" approach to security is necessary because enterprises today must provide employees, partners and customers with greater access to data, Veghte said. At the same time, however, they face escalating threats, increased complexity and greater regulatory challenges.

Tom Reilly, president and chief executive officer of ArcSight, a major supplier to the enterprise and federal government, told on Monday that the deal offers synergy.

“We believe that you can no longer solely rely on perimeter security,” he said. “Our strategy is to go beyond, and look more holistically across the environment and have a complete view of who and what is on your network and compare it against policies.”

For a number of years, HP has been partnering with SenSage to sell SIEM technology, Mark Nicolett, vice president and distinguished analyst at Gartner, told on Monday. HP's current SIEM offering is part of its Compliance Log Warehouse product.

“HP is no stranger to the space, but didn't have their own technology, so from that standpoint, the acquisition makes sense,” Nicolett said. “They bought the strongest vendor in the space so it's a definitive move.”

Driven by regulations such as the Payment Card Industry Data Security Standard, Sarbanes–Oxley and the Federal Information Security Management Act, SIEM has become a go-to technology for security and compliance, Nicolett said. It helps organizations recognize events, monitor privileged users and discover breaches.

“It's a core security capability,” Nicolett said. “If you can't be perfect at managing, administering and protecting an environment, the secondary capability is to keep a close eye on things and find things that have gone wrong, and that's what this technology allows you to do.”

The HP-ArcSight deal signals the continued trend of general IT players gobbling up security-specific companies. Last month, chip giant Intel bought McAfee in a blockbuster $7.7 billion deal.

"All of these deals have a common theme," wrote Andrew Jaquith, senior analyst at Forrester Research, in a blog post Monday. "The acquisition targets are all leaders in their respective markets. That is because we are at the point in the market cycle where the larger potential acquirers have enough cash in the bank to buy top-shelf companies. There is not a lot of bottom-fishing going on. Why have catfish when you can have caviar?"

Scott Crawford, research director of security and risk management at analyst and consulting firm Enterprise Management Associates, told on Monday that security is a fundamental part of IT management, so it “makes perfect sense” that major enterprise IT vendors would align security with their platforms.

“Major vendors are in a reasonably healthy cash position, and there are opportunities to find favorable deals in a challenging economy,” Crawford said.

Mike Rothman, president of research firm Securosis, said there are rumors that Symantec, Check Point or Trend Micro could be next.

“Before they were pretty much the predators — McAfee, Symantec, ArcSight, Check Point,” Rothman said. “Now these guys have become targets," he said. “It will be interesting to watch but I don't expect that much more activity for the rest of the year." 

HP itself has been on a buying spree of late, coinciding with the former CEO Mark Hurd's abrupt departure last month amid sexual harassment allegations.

HP won a bidding war with Dell to purchase Fremont, Calif.-based storage vendor 3PAR for $2.4 billion in cash, and it acquired San Mateo, Calif.-based  Fortify Software, a maker of application security solutions.

Specific to Monday's deal, Rothman said he worries innovation at ArcSight could suffer, especially in the near term.

“A lot of big companies have screwed up stable, innovative companies with acquisitions,” he said. “They get lost within the behemoth.”

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.