April 4, 2011
Today EMC’s security division RSA announced the acquisition of NAV (Network Analysis and Visibility) vendor NetWitness. Some pundits have suggested that this is a direct result of the recent breach of RSA, but Forrester has been aware that this acquisition was in the works long before the breach was known. In fact, the public announcement of the acquisition was delayed by the breach notification. It is fortuitous timing, however, as the RSA attack shows the need for improved situational awareness.
As part of our Zero Trust Model of Information Security, Forrester advocates the inspection and logging of all network traffic — both internal and external. To facilitate this, we have defined a new space, NAV, which helps companies achieve this type of situational awareness in a scalable manner. NetWitness is one of the significant players in the NAV space and the first of the bunch to be gobbled up by one of the major security vendors. We anticipate more consolidation in the marketplace as high profile insider breaches such as the Bradley Manning/Wikileaks story is getting considerable play on executive floors these days. Insiders like Manning are not caught by traditional security controls. The failed Trust but Verify security model facilitates their crimes. Why would you verify someone who is trusted? To catch the Bradley Manning’s of the world, companies must adopt Zero Trust — “Verify but NEVER Trust.” NAV tools, such as NetWitness, make this actionable.
My guess is that VCs and vendors are on their red phones right now and we should see some additional acquisitions soon. What self-respecting security company wants to see their competitor with a new toy in the driveway while theirs is bare? Expect to see a ton of traffic at the NAV dealerships in the near future with M&A teams doing a bunch of tire-kicking and looking-under-the-hooding to decide which model they’ll be driving off the lot.