Latest News: Technology |  Celebrity |  Movies |  Apple |  Cars |  Business |  Sports |  TV Shows |  Geek


Filed under: News


The Product Management Logic of the FireEye-Mandiant Deal

Jan 3 2014, 12:16pm CST | by

The Product Management Logic of the FireEye-Mandiant Deal

Photo Credit: Forbes

The coverage of FireEye’s acquisition of Mandiant in most business publications (see reports in the New York Times and Wall Street Journal) has focused on the dynamic personalities of the CEOs rather than on the implications for delivering security capabilities. But a closer look at this deal shows that the logic driving the future shape of cyber-security products has changed. The new model is a hybrid product that will be a mix of cloud-based capabilities, analytics, SaaS applications, distributed monitoring, and professional services, deployed in several layers. CIOs and CISOs should study this new model and prepare their organizations to adopt it in a series of stages.

Here’s what’s happening:

Here’s the challenge then: How do you detect and respond to threats? How can a CEO say to his board, “We have done everything that is prudent to protect our company. Our spending is at an adequate level and we are vigilant about expanding our ability to protect ourselves”?

The problem is that very few companies can afford to have the talent found at Mandiant working on staff, but from time to time, almost every company will need such talent to determine if an attack has succeeded and what to do about it.

The product management logic of the FireEye acquisition of Mandiant now becomes clear. Cybersecurity will become a form of technology enabled insurance. You will buy FireEye enhanced by Mandiant to implement a model along the following lines:

  • A monthly fee will cover the license for FireEye, the brain, and any additional eyes and ears that will be needed to protect and monitor your environment.
  • It is likely that FireEye will make recommendations about best practices for products it doesn’t sell such as perimeter security or special scanning technology for file systems and such.
  • Your security operations team will run this environment, keep it up to date, and analyze attacks as they come in. A distilled form of the data from the eyes and ears will be shipped to FireEye’s operations center for further analysis.
  • Another monthly fee will cover automated advanced analysis of your security data and incident response. When your team cannot figure out what’s happening, the pros from Mandiant will be on retainer and come in and save the day. That’s their business now.

With this offer in place, a CEO can rest easy, knowing that in the face of a serious breach, he can rely on the experts from FireEye to explain why his security was adequate. Of course, if the CEO, CIO, and CISO reject recommendations after they have bought this insurance, they will likely be held responsible.

My guess is that cybersecurity companies will start formally using the insurance analogy quite soon. In addition, with such a model in place, insurance companies will then be able to write policies about cybersecurity risk, because the risk can be better understood. This is something that the Department of Homeland Security is seeking to promote, and FireEye may make possible.

This model will put FireEye in a hugely powerful role in the deployment and operations of cybersecurity, which is exactly why FireEye CEO Dave DeWalt acquired Mandiant.

Follow Dan Woods on Twitter:
Follow @danwoodscito/>

Dan Woods is CTO and editor of CITO Research, a publication that seeks to advance the craft of technology leadership. For more stories like this one visit Dan has performed research for FireEye and other cybersecurity companies.

Source: Forbes

iPad Air Giveaway. Win a free iPad Air.

You Might Also Like


Shopping Deals


<a href="/latest_stories/all/all/31" rel="author">Forbes</a>
Forbes is among the most trusted resources for the world's business and investment leaders, providing them the uncompromising commentary, concise analysis, relevant tools and real-time reporting they need to succeed at work, profit from investing and have fun with the rewards of winning.




blog comments powered by Disqus

Latest stories

Giuliana Rancic dishes out the fashion hits and misses at Emmys
Giuliana Rancic dishes out the fashion hits and misses at Emmys
Sarah Hyland seems to have topped the list and the E! host also wished her new colleague Maria Menuonos well
Abigail Breslin and Arnold Schwarzenegger are to Appear in “Maggie”
Abigail Breslin and Arnold Schwarzenegger are to Appear in “Maggie”
The actress Abigail Breslin is to appear with that famous bodybuilder and movie star Arnold Schwarzenegger in a zombie movie soon.
Danica Patrick battles tight car at Bristol
Danica Patrick battles tight car at Bristol
For the fourth time in five career races at the series' second-shortest track, Danica Patrick left Bristol Motor Speedway disappointed.
Charlize Theron answers a Few Questions
Charlize Theron answers a Few Questions
The acclaimed Hollywood actress, Charlize Theron recently sat down for an interview in which she answered a few questions.

About the Geek Mind

The “geek mind” is concerned with more than just the latest iPhone rumors, or which company will win the gaming console wars. I4U is concerned with more than just the latest photo shoot or other celebrity gossip.

The “geek mind” is concerned with life, in all its different forms and facets. The geek mind wants to know about societal and financial issues, both abroad and at home. If a Fortune 500 decides to raise their minimum wage, or any high priority news, the geek mind wants to know. The geek mind wants to know the top teams in the National Football League, or who’s likely to win the NBA Finals this coming year. The geek mind wants to know who the hottest new models are, or whether the newest blockbuster movie is worth seeing. The geek mind wants to know. The geek mind wants—needs—knowledge.

Read more about The Geek Mind.