StillSecure acquires ProtectPoint, entering the MSSP market - Why?
Today StillSecure announced that we have acquired ProtectPoint Security, a Ft Lauderdale based managed security service provider. In my role as chief strategy officer at StillSecure, I of course was very involved in this acquisition from beginning to end. I have tried very hard to not write about this on the blog (to the point of writing less about security even) or speak about it before official word came out. But now that it is official, I can share some of our thoughts with you all. While so many are running scared in this economy, StillSecure has taken a bold move by acquiring a company. I will tell you that I don’t think we are done acquiring either. I am very bullish on this move and StillSecure’s prospects. Not only that but my wife is really happy too because I now have an office to go to when I am not on the road ;-)
So why did we make this acquisition:
1. Security as a service and managed security is here to stay. Over the last 7 or 8 years we have seen a fundamental change in the security industry. In the past we were primarily trying to defend against mass market, high volume worms and script kiddies who judged their chops by how many machines they could bring down or web sites they could deface. Now we have to defend against organized cybercriminal gangs who are targeting specific vectors to maximize illegal financial gains. We are defending against national cybersecurity threats by terrorist organizations and rogue nations. The threat landscape has grown in complexity and sophistication. As a result the security industry has responded with more sophisticated and complex solutions, that while more effective, are also more specialized. The age of the IT generalist being able to run and manage their own security is over. To wage an effective defense you need security experts. Security expertise is expensive and hard to come by. Therefore it is easier, more cost effective and more secure for many organizations to outsource their security. This is especially true in the mid-market. They don’t have all of the resources of their big brothers in large enterprises, but have many of the same security challenges. For most businesses, security has become a critical component of the business, but not core to their expertise. Those types of functions that are critical, but not core are optimum to outsource. This is and will be the fundamental driver for managed security services.
2. Current economic conditions. I wish we could say that we were smart enough to have seen the current economic reality coming. But truth be told, we did not. The plans for our move into the MSSP market were put into place well before the full extent of the condition of our economy was apparent. That being said, this economy we believe will hasten the move to MSSP. By offering a lower total cost of ownership and less monies up front for best-of-breed security solutions, cost conscious organizations will have to take a long hard look at an MSSP model.
In doing pre-announcement briefings with the press a common question asked was why when things seem to be so bad are we out making acquisitions? My answer was to quote Warren Buffet, who some say actually quoted Ben Graham. “Be fearful when others are greedy. Be greedy when others are fearful." There will be those companies who hunker down and stick their heads in the sand hoping and wishing things get better. We believe that there is a terrific opportunity here. There are winners and losers in every era. StillSecure and I will not sit by and be victims. There are terrific opportunities out there. We will pursue them and capitalize on them to help build our success.
3. Offering the customer more choice. Now we at StillSecure can offer the market a choice of using our solutions as a hardware appliance, software that can run on your own server or often in a virtual environment or as a managed service. At the end of the day, whatever works for the customer, works for us.
We think the fact that we will also be the developers of the solutions we are offering as a managed service will give us a distinct advantage over so many other MSSPs who are just managing a 3rd party vendors products. We know our products better, can customize the development of and generally be more responsive as a result of “rolling our own”.
4. ProtectPoint was a natural fit. There are many MSSPs out there. But ProtectPoint was the right one for StillSecure for many reasons. First, the people and culture. Steve Harris, ProtectPoint CEO and his entire team have built a business around superior customer service. Their customer comes first attitude matches our own. Their technology is built on a similar open standards platform to the StillSecure platform. Our products should find an easy transition onto the ProtectPoint platform. ProtectPoint has built a terrific set of scalable portals and management applications that allow their customers, their over 100 partners and their certified security analysts to have up to the second insight into their customers security. ProtectPoint has lived through the early growth of the MSSP market and in doing so has learned many lessons. They have built a channel with over 100 organizations, including some of the premier data center operators in the nation. They are a SAS-70, Type II certified provider. No matter what else we do in the MSSP market, ProtectPoint’s platform will be the foundation of what we do in this market. ProtectPoint’s channel focus and established customer base are very desirable and serve as the perfect jumping off point to leverage as we build that part of the StillSecure business going forward.
We are very pleased that the entire ProtectPoint will be joining us at StillSecure and welcome them to the family!