Staying Afloat on the Sea of M&As

Jan 1, 2008 12:00 PM, BY Donna Ross

Last year, mergers and acquisitions (M&A) activity within the technology industry created a new challenge for chief security officers and other security professionals. While the financial services industry has seen a slowdown in the markets, M&A activities in the security and technology industry continue to rise with no end in sight.

The security practitioner will feel the impact of strategic M&A deals, which entail a purchase made to round out product offerings. A few recent examples are the Oct. 31 announcement by Iron Mountain regarding its plans to acquire Stratify (E-Discovery) for $158 million and the Oct. 30 announcement by EMC of its acquisition of Voyence (network configuration management). Other recent M&A activity has included EMC's acquisitions of RSA Security, Proactivity, Kashya and nLayers; Viisage's acquisition of Iridian; Secure Computing's acquisition of CipherTrust; Cisco and Ironport; IBM and ISS; Lockheed and Savi Technologies; Verint and Mercom; L-3 and TRL Electronics; HID and Fargo. The list could go on and on.

What does this mean to those of us in the trenches? There are several potential advantages to M&A activity:

• More expertise

• Increased convenience

• Greater breadth and depth of sales and distribution channels

• Integration/single user interface/dashboard

• Consolidated reporting

• More customer satisfaction

• Innovations and best-in-breed technology

• More research, development and innovation

• Improved value proposition

However, M&As often come with disadvantages for the practitioner as well. For one, several of the potential advantages listed above have gone unrealized in many of today's bigger mergers and acquisitions. The following drawbacks can also be expected:

• Less influence with the vendor or integrator partner

• Loss of existing relationships

• Discontinued support of existing products and solutions

• Loss of smaller firms' support services, such as post sale and ongoing support

• One-size-fits-all mentality

As security and risk managers, we are under increasing pressure to reduce cost while facing increased scope, ever-evolving and growing threats, and the changing regulatory environment and penalties. Technologies are blurring the functional boundaries between physical and logical security. Security leaders can better navigate the changing security landscape by staying plugged in.

Monitoring trade magazines, trade associations and the Web, and speaking with peers and key partners (vendors and their representatives) can help users stay alert to changes. Existing contracts should include clauses to protect the corporation in case the vendor is acquired.

In the end, it all comes down to strategy and execution. Vendors need to execute on their plan and product offerings, and users need to continue to run security as a business by carefully reviewing their tool sets and determining costs and benefits.

---

Donna Ross is risk and compliance manager for GMAC ResCap, where she has previously served as director of information, director of information security and manager of security and risk. For more information about the Security Executive Council, visit www.SecurityExecutiveCouncil.com/?sourceCode=access.

Want to use this article? Click here for options!
© 2008 Penton Media Inc.

This month in Access Control

• Opening Up About Door Closers
• An Enterprise Approach
• The Framework For Open Systems
• On A Higher Plane
• More from April's issue