Virtual Event: Threat Detection and Incident Response Summit - Watch Sessions
Connect with us

Hi, what are you looking for?


Management & Strategy

The Effects of Security Vendor Acquisitions on the Channel and End User

The number of acquisitions in the IT security industry continues to grow. In 2010 some highlights included Intel’s purchase of McAfee, HP’s acquisitions of Fortify and ArcSight, IBM’s purchase of BigFix, Symantec’s purchases of PGP Corporation and GuardianEdge, Juniper’s purchase of SMobile, and VMWare’s purchase of TriCipher. Sourcefire started 2011 with an acquisition of Immunet.

The number of acquisitions in the IT security industry continues to grow. In 2010 some highlights included Intel’s purchase of McAfee, HP’s acquisitions of Fortify and ArcSight, IBM’s purchase of BigFix, Symantec’s purchases of PGP Corporation and GuardianEdge, Juniper’s purchase of SMobile, and VMWare’s purchase of TriCipher. Sourcefire started 2011 with an acquisition of Immunet.

The Effects of Security Vendor AcquisitionsThose of you who have been directly involved in an acquisition on either end of the transaction know that the process can extend for months and be all-consuming. For the teams involved it means blood, sweat, and tears, and celebration when it’s done. But what does it mean for those who aren’t directly involved in the deal but instead on the receiving end, for example the channel and the end user?

Since Forrester estimates that more than 60 percent of technology industry revenues are generated through channel partners, let’s discuss the channel first.

For the channel it all comes down to whether or not the acquirer is a channel-focused organization or wants to be. If the acquiring company has a partnering culture and strong commitment to the channel then the acquisition represents a significant opportunity for partners particularly in the areas of market opportunities, support, and integration.

New Markets: Adding a new solution to the channel’s portfolio can create an opportunity for expansion into new, complementary segments of the IT security market – growing revenue opportunities, increasing the footprint with existing customers, and building the user base. For example Symantec’s acquisition of PGP and GuardianEdge positions the company in the encryption market, HP’s acquisition of ArcSight helps the company move into the SIEM market, and Sourcefire’s acquisition of Immunet expands the company’s market opportunities to include cloud-delivery of security.

Enhanced Support: Partner-friendly companies typically offer robust programs designed for the channel that include marketing resources and channel enablement programs, such as training and certifications. Channel partners of the acquired company, particularly if that company was significantly smaller, can benefit from better resourced programs.

Better Integration: Adding the acquired solution to a broader solution suite can eliminate any concerns customers may have when it comes to integration and support of point solutions, and can shorten sales cycles for the channel. If the solution is a new technology with little awareness in the channel then by bringing it into the fold the acquiring company can bring competitive advantage and a significant differentiator to channel partners.

These same benefits hold true if the acquirer is not channel focused but has a desire to be, and if the acquired company already has a strong channel presence with pre-existing programs and relationships that the acquirer can build upon.

Advertisement. Scroll to continue reading.

However, if the acquirer does not have a culture of partnering, challenges can abound. Channel partners can find themselves being marginalized if the acquiring company has a direct sales model. The investments the channel partner has made in the point solution are all for naught and the partner has to find and invest in a replacement solution for their product offerings. In addition, sometimes with a lack of focus that can come after an acquisition, the product can start to stagnate. In this case, even if the acquiring company is partner-friendly, channel partners find that the solution becomes less and less compelling to their customers and prospects and overtime they must substitute a different technology.

So for the channel, whether or not an acquisition has a positive effect all comes down to the acquiring company’s focus. However, according to Gordon Shevlin, EVP of Vendor Relations at FishNet Security, the largest privately held information security solutions provider in the U.S., the idea of focus cuts both ways. “As a channel partner we stand to benefit from an acquisition when the acquiring company is channel focused. But we also have to remain focused to gain leverage from these acquisitions. We know consolidation is coming. We’re trying to cull the amount of vendors we work with very carefully so that when they acquire we are in a strong position to take advantage of these opportunities.”

So what about the end user? For customers, successful acquisitions can offer better innovation and integration.

Innovation: When an acquiring company finds ‘a diamond in the rough’ end users gain. Typically these new technologies haven’t had the support required to reach the broader market. The acquiring company has the resources to raise awareness for the solution and, either through their channel partners or direct depending on their go-to-market strategy, combine it with a full complement of professional services offerings, customer support, and training programs. In addition, as part of a larger organization with a more robust infrastructure, developers of those new technologies are free to focus more energy on innovation and continue to fill the new product pipeline.

Integration: A plethora of point solutions in the market today adds complexity and cost for IT security departments. Integrating a point solution into the acquiring company’s solution suite and enabling channel partners to integrate it into their offerings can simplify the end users’ management challenge of multiple security touch points and reduce costs. Bringing more capabilities under a unified interface or global command center delivers tremendous value not only reducing management complexity but also reducing training requirements.

Unfortunately, sometimes acquisitions don’t strengthen a company and can dilute the offerings, service, and support. In this case the end user suffers. At worst, current customers are faced with a product that is at the end of its life—with no future enhancements they settle for the status quo in the short term and seek a replacement over time. At best, customers see a deceleration of enhancements, perhaps a change in the product roadmap that is less desirable, and sometimes less proficient service and support due to consolidating departments.

There’s no doubt—consolidation done well and wisely is a win for all. But it is a significant challenge to accomplish. Shevlin suggests, “Whenever companies announce an acquisition they always say ‘business as usual’ but it isn’t that simple. To truly have that positive effect on the channel and the end user and reap the benefits of the acquisition companies need to make a special effort not to lose momentum. It’s so easy to become de-focused during those critical first few months making ‘business as usual’ impossible. From what I’ve seen, having a team focused on integration of the two companies to ensure nothing gets lost in the shuffle is essential. Sure, closing the deal and signing the paperwork is cause for celebration, but it’s just a first step.”

Written By

Marc Solomon is Chief Marketing Officer at ThreatQuotient. He has a strong track record driving growth and building teams for fast growing security companies, resulting in several successful liquidity events. Prior to ThreatQuotient he served as VP of Security Marketing for Cisco following its $2.7 billion acquisition of Sourcefire. While at Sourcefire, Marc served as CMO and SVP of Products. He has also held leadership positions at Fiberlink MaaS360 (acquired by IBM), McAfee (acquired by Intel), Everdream (acquired by Dell), Deloitte Consulting and HP. Marc also serves as an Advisor to a number of technology companies, including Valtix.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

SecurityWeek’s Threat Detection and Incident Response Summit brings together security practitioners from around the world to share war stories on breaches, APT attacks and threat intelligence.


Securityweek’s CISO Forum will address issues and challenges that are top of mind for today’s security leaders and what the future looks like as chief defenders of the enterprise.


Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Management & Strategy

SecurityWeek examines how a layoff-induced influx of experienced professionals into the job seeker market is affecting or might affect, the skills gap and recruitment...

CISO Strategy

SecurityWeek spoke with more than 300 cybersecurity experts to see what is bubbling beneath the surface, and examine how those evolving threats will present...

CISO Conversations

In this issue of CISO Conversations we talk to two CISOs about solving the CISO/CIO conflict by combining the roles under one person.

CISO Strategy

Security professionals understand the need for resilience in their company’s security posture, but often fail to build their own psychological resilience to stress.

Management & Strategy

Industry professionals comment on the recent disruption of the Hive ransomware operation and its hacking by law enforcement.

Management & Strategy

Tens of cybersecurity companies have announced cutting staff over the past year, in some cases significant portions of their global workforce.


Twenty-one cybersecurity-related M&A deals were announced in December 2022.