Continuing its efforts to transform into an enterprise focused software and services organization, Hewlett-Packard (NYSE:HPQ) recently announced a new strategy to boost its presence in the business of supplying IT security to large businesses. [1] HP is currently a small player in the IT security market compared to giants like Symantec (NASDAQ:NYMC), Intel (NASDAQ:INTC) via McAfee and IBM (NYSE:IBM), which has been beefing up its already muscular set of security products and services. (See IBM Sees Big Market in Making Cities Safer with i2 Acquisition)
We estimate that technology services (which include data security services) currently make up 11% of our $41.80 Trefis price estimate for HP, which is well above the market price.
IT Security Faces New Challenges in the Cloud
As the corporate computing environment undergoes two major shifts – cloud computing and scores of worker-selected mobile devices entering the workplace —a lot of new security challenges are arising and security attacks are surging. A study by the Ponemon Institute — sponsored by HP’s subsidiary ArcSight — found that cyber-attacks against group of 50 large companies grew by 44 percent last year versus the prior year. The study also found that the costs to mitigate these attacks went up by 56 percent year-over-year. And while the attackers may be getting better, it’s the recent changes in IT environments that are giving them more surface area from which to launch these attacks. ((HP Makes Enterprise Security Push, allthingsd.com))
HP to Offer Security as a Service
In the wake of the changing IT environment, HP plans to offer security as a service to organizations, rather than selling specific security products, in order to help them better handle the new security troubles that may be arising.
HP has been quietly building up its security portfolio through acquisitions over the past couple of years. Last year it paid $1.5 billion to acquire security intelligent firm ArcSight. Earlier in 2009, HP acquired Tipping Point, a network security outfit that came with the $2.7 billion acquisition of 3Com. It also acquired firms like Fortify and SPI Dynamics both of which specialized in application security. ((HP Makes Enterprise Security Push, allthingsd.com))
HP now plans to mix these security capabilities into its Enterprise services offerings, augmenting whatever security its clients are already using with better information about threats and a new set of tools that will help to them see how their company’s infrastructure is being used not just on-premise, but within cloud-based environments as well.
A Step in the Right Direction?
While definitely sticking to its long-term strategy (one focused on enterprise, software and services) this time around, HP’s new ‘security as a service’ model will have a tough task of faring well in a fast growing security market against well-established players and a standard delivery model.
It is hard to say whether or not HP will be able to transform and subsequently change the face of IT Security with its new model as enterprises world over take to the Cloud. However, the firm must be credited for acknowledging the big changes occurring in the IT industry and taking steps to adapt and even pioneer new solutions while most of the others wait for changes to occur and then play catch up.
Notes:- HP Makes Enterprise Security Push, allthingsd.com [↩]
