Everybody who keeps an eye on the Information Leak Prevention (a.k.a. Data Loss Prevention a.k.a. Outbound Content Compliance a.k.a. Extrusion Prevention a.k.a. …you get the picture) space saw this acquisition coming for what seemed liked an eternity. Since last year, Forrester has been forecasting consolidation frenzy and McAfee (Onigma and SafeBoot), Websense (PortAuthority), RSA/EMC (Tablus), Trend Micro (Provilla), Raytheon (Oakley Networks), and others have delivered. Additionally, IBM/ISS recently announced strong partnership moves <http://www-03.ibm.com/press/us/en/pressrelease/22534.wss> and Cisco is weighing its options. Well, now this deal is out in the open – and this is good news. It is good news for at least 3 reasons:

(1) ILP awareness. It further propels insider threat problems (and the ILP market) into the consciousness of Security and Risk Management professionals. Customers simply cant afford to neglect the challenge of preventing data loss any longer – the IP stakes are getting higher, USB sticks, etc. make loss or theft easier, and regulators are turning up the heat.

(2) Competition and clarity. It will increase competition and will help to clarify the question of “What is ILP and what should it do?” This means that vendors offering “some ILP functionality” will either fall by the wayside or invest/acquire for full blown ILP functionality. The same applies to vendors not being able to capture ILP mind share and – more importantly – generate customer traction.

(3) Integration. When a potent security front runner marries an ILP leader with solid customer traction – customers must and can expect strong, integrated solutions that address their problems.

However, this is also where I see the main challenge for Symantec/Vontu – and for that matter for anybody acquiring or thinking about a more pronounced strategy for data-centric risk based security – SPEED. ILP is hot because customers need to address their insider challenges (or else gamble with their data security) – and they impatiently expect solutions that are accurate, easy to use, and integrated. So integrating ILP – and doing it fast – is what Symantec needs to do to capture the short term opportunities this acquisition holds. Long term, however, they need to at least match EMC/RSA’s security and information management strategy that goes beyond the threat side of the house. Plenty to do for Symantec – but I am confident they can lift this one.

PS: For more information on how Symantec/Vontu and other ILP vendors compare please tune into our ILP Wave Update which will become available in mid-Q1 2008.

Thomas Raschke