Content
McAfee, Inc. Announces Security Risk Management Strategy
First to Integrate Security and Compliance, McAfee Leverages Recent Acquisitions to Meet Changing Customers' Needs Builds on Company Strategy by Adding Data Loss Prevention Capabilities
SANTA CLARA, Calif. - October 16, 2006 - McAfee, Inc. (NYSE: MFE) today outlined details of its security risk management strategy, providing enterprises with a more effective way to minimize risks from security threats and non-compliance. This strategy builds on McAfee's core strengths in threat prevention, by adding new compliance management capabilities including remediation, network access control and data loss prevention (See corresponding press release titled, "MCAFEE, INC.ACQUIRES ONIGMA LTD.," October 16). With the acquisition and integration of Preventsys(r) and SiteAdvisor(tm) technology, McAfee, Inc. becomes the first to integrate threat prevention with compliance management, providing enterprises with greater automation, operational efficiency and protection of their investments.
Changing Customer Needs
Growing compliance and regulatory requirements, coupled with changing threat environments, have forced enterprises to re-think how they approach and manage security. McAfee(r) security risk management is a comprehensive approach to controlling risks critical to IT operations, and McAfee is the first to deliver a solution that meet this critical need with existing McAfee ePolicy Orchestrator(r) infrastructure.
"From conversations with our customers, it is clear that enterprises spend an enormous amount of time and money to manage security risks and to demonstrate compliance," said Chris Kenworthy, senior vice president, McAfee, Inc. "Security is more than just a version number, and McAfee is the first and only company to provide a comprehensive approach that encompasses both threat prevention and compliance."
Market Opportunity
"For years, organizations have focused security efforts on external threats posed by the explosive growth of viruses, spam, blended threats and spyware," said Brian Burke, research analyst at IDC. "The situation is now beginning to change, especially in light of new information-intensive government and industry regulations that require organizations to protect the integrity of customer and employee personal information and corporate digital assets. As noncompliance may result in substantial fines and executive liability, organizations are realizing that information leakage by insiders is a threat that can no longer be underestimated."1
According to IDC, the worldwide security compliance and control market was valued at approximately USD $5.79 billion in 2005 and is forecasted to grow to $14.92 billion in 2010. This represents a 20.8 percent compound annual growth rate over the five year forecast period.2
McAfee's Approach
A comprehensive security risk management approach must include threat prevention capabilities such as anti-virus, intrusion prevention, and anti-spyware - all integrated with compliance management capabilities such as policy enforcement, vulnerability remediation, network access control, audit, and data loss prevention.
The McAfee approach to security risk management has three major benefits for businesses:
-
Enables them to turn policy into action by automating
enforcement of IT security policies which ensures protection and compliance -
Allows companies gain operational efficiency with consolidated administration points that streamline processes
-
Helps companies protect their existing investments by adding new capabilities for protection or compliance to the installed McAfee agent that is managed by McAfee ePolicy Orchestrator(r) and without the need for additional infrastructure
McAfee Delivers on Strategy
McAfee's security risk management strategy is bolstered by recent
acquisitions. McAfee has a strong record of integrating its
acquisitions into ePolicy Orchestrator (ePO(tm)), the industry's most popular security management console. With ePO deployed in 31% of enterprises, and on 45 million computers, McAfee is well positioned to execute on its vision of automation and centralized management.
Comprehensive and Integrated
Like Preventsys and SiteAdvisor products, McAfee plans to integrate newly acquired Citadel(tm) products into ePO, eliminating the pain of installing new clients.
-
Citadel(tm) Security will provide McAfee's customers with
leading solutions in security policy compliance and vulnerability remediation -
Preventsys(r) integration now delivers a way for existing ePO
customers to import network and asset data into McAfee Preventsys Compliance Auditor for advanced reporting -
SiteAdvisor(tm) integration now provides enterprise customers with a pioneering Web safety solution that tests and rates nearly every trafficked site on the Internet for spyware, viruses, exploits, online scams and spam
Data Loss Prevention
The acquisition of Onigma Ltd., a privately-held provider of data protection technology, provides a solution that monitors, reports and prevents confidential data from leaving the enterprise. McAfee Data Loss Prevention will monitor and protect proprietary and confidential information, including trade secrets, intellectual property, legal and financial documentations, client communications and personal information. It enables the prevention of transmission of data in accordance with established corporate security policies.
McAfee Network Access Control (NAC)
At the core of McAfee's network access control solution is the new version of McAfee Policy Enforcer 2.0. Network access control is a component of McAfee's overall approach to security risk management.
McAfee NAC leverages existing IT investments, and supports heterogeneous network and system environments. The McAfee solution has both protection and compliance components, which deliver system policy control and network enforcement. The McAfee NAC solution is part of McAfee Total Protection for Enterprise-Advanced, which offers a single agent and is integrated into McAfee's single management console.
Power of M Campaign
The security risk management strategy will be supported by a new brand marketing campaign, the "Power of M(tm)" which is designed to communicate how the company has evolved from its beginnings as a provider of anti-virus software, to becoming a global leader in comprehensive security, to a current leadership position in security risk management. The campaign emphasizes that McAfee's security risk management approach offers customers "exponentially better" security and compliance.
About McAfee, Inc.
McAfee Inc., headquartered in Santa Clara, California and the global leader in intrusion prevention and security risk management, delivers proactive and proven solutions and services that secure systems and networks around the world. With its unmatched security expertise and commitment to innovation, McAfee empowers home users, businesses, the public sector, and service providers with the ability to block attacks, prevent disruptions, and continuously track and improve their security.
http://www.mcafee.com.
###
NOTE: McAfee, Preventsys, SiteAdvisor, Citadel, ePolicy Orchestrator, ePO, and Power of M are registered trademarks or trademarks of McAfee, Inc. and/or its affiliates in the US and/or other countries. McAfee Red in connection with security is distinctive of McAfee brand products.
All other registered and unregistered trademarks herein are the sole property of their respective owners. (c) 2006 McAfee, Inc. All rights reserved.
IDC, Worldwide Outbound Content Compliance
2005-2009 Forecast and Analysis: IT Security Turns Inside Out, Doc #34260, November 2005)
2 IDC, "Worldwide Security Compliance and Control 2006 - 2010 Forecast and Analysis: Going Beyond Compliance to Proactive Risk Management,"
September 2006, #203350
