Rook Consulting

Why the Intel McAfee Deal Forces Re-Evaluation of Business Strategy

elhollister — Fri, 20 Aug 2010 17:24:45 +0000

Intel raised eyebrows today by announcing that they intend to purchase PC-security giant McAfee in a $7.68B deal, paying a 60% premium over McAfee’s 8/18 closing price. What I find interesting about this move is that it is an aggressive move to integrate security in the way a major device maker does business.

Intel President and Chief Executive Paul Otellini said, “In the past, energy-efficient performance and connectivity have defined computing requirements. Looking forward, security will join those as a third pillar of what people demand from all computing experiences.”

David DeWalt, McAfee’s CEO said, “The current cybersecurity model isn’t extensible across the proliferating spectrum of devices — providing protection to a heterogeneous world of connected devices requires a fundamentally new approach to security. Frankly, the industry needed a paradigm shift — incremental improvements simply couldn’t bridge the opportunity gap.”

Renee James, Intel’s Software and Services Chief said, “As we look at the businesses we’re in, we see that security is the No. 1 purchase consideration. We believe that we can enhance security with hardware and come up with a better solution.”

At Rook, we frequently talk about providing IT Risk Based Decision Support and we have been told that we focus on “delivering what matters”. To earn that tagline, we focus on business needs by designing solutions that are in synch with business enablement, and measurable, repeatable, sustainable architecture, controls, and processes. Rook Consulting’s CEO, J.J. Thompson believes that “Intel purchasing McAfee is an indicator that big business is almost ready to integrate security and compliance programs, instead of bolting them on as an afterthought.”

“We challenge our clients to focus on doing what is right for the business, and less on filling the compliance checkboxes that have become the ‘safe’ way to go in IT risk management.” Is this the start of a movement? The Rook team hopes so.

To help businesses get ahead of this new trend, Rook encourages clients to ask 3 tough questions:
(1) Do you have a leading data security, privacy, & compliance program?
(2) Is your program enabling the business or is it simply there because “it has to be done”?
(3) What can be done in the next 90 days to leverage your program to gain competitive advantage?

Ask these questions at various levels within the organization. The answers, while varied, will provide a reality check to your company’s ability to be in lock-step with the trend that is starting with the Intel McAfee deal. According to Thompson, “If a market maker like Intel is going all-in on security integration, with the backing of Goldman Sachs, maybe its time to re-evaluate your strategy?”

Contact Eric Hollister by email eric@rookconsulting.com

No related posts.

Renaissance Security IT Risk Management Professional

elhollister — Thu, 22 Jul 2010 13:00:18 +0000

Modern technologies, cultural norms and new business practices create an exponentially different set of challenges than our industry has experienced even a decade ago. The speaker packs a semester’s worth of information and insights into a single session, packaging interdisciplinary (psychology, finance, security, and social media) skills to help attendees become “renaissance” security professionals. These skills have helped public and private industry professionals maintain a competitive advantage while addressing the emerging threat vectors (such as social engineering combined with bot-net distributed payloads) that have created challenges for maintaining effective privacy, compliance and security programs.

For your convenience, the presentation is broken down into 5 separate parts for easy viewing. In a few weeks, we will also provide the entire video in a format that you can download to your iPhone or other mobile device. We hope you will find this useful.

Part 1

Part 2

Part 3

Part 4

Part 5

Whiteboard Ad – Data Loss Prevention

elhollister — Wed, 21 Jul 2010 13:40:25 +0000

Continuing our Ad Spoof series, Rook wanted to focus on a threat that most businesses face on a daily basis, Data Loss Prevention. With cell phones, laptops, and wi-fi capabilities, a company’s sensitive data is always at risk. A Rook solution can identify those threats and make sure your company’s information stays safely within the confines of your infrastructure, whether physical or virtual.

Top Challenge in Security Architecture

elhollister — Thu, 01 Jul 2010 13:00:33 +0000

The top challenge can often be incredibly difficult to wrap your arms around. In this week’s Insight feature, JJ Thompson discusses Zones, and how you can deal with them.

Top Overlooked Area of IT Risk

elhollister — Thu, 24 Jun 2010 13:00:14 +0000

Do you know where all your IT threats are coming from? Many businesses spend a lot of time and money identifying and protecting themselves against the risks that they face. However, one particular threat might exist from a source that you may have overlooked. This week, JJ Thompson discusses one of the most overlooked areas of IT Risk, and what you can do to handle it.

Getting Management Buy-In

elhollister — Thu, 17 Jun 2010 13:00:15 +0000

Once you have done your homework in interviewing firms to conduct IT Security assessments, and have identified your choice, you must get the final vote of approval from management. In this week’s Weekly Insight video, JJ Thompson discusses how you can help get management buy-in to conduct the security processes that must be done for your organization.

Getting the Most Value from a 3rd Party Assessment

elhollister — Thu, 10 Jun 2010 13:00:43 +0000

Whenever you conduct a 3rd party security assessment, your business will benefit when you know exactly what you should be looking for. On this week’s Insight segment, JJ Thompson discusses the components that should be in any assessment.

Washington DC ISC2 Secure Americas

elhollister — Thu, 03 Jun 2010 20:34:29 +0000

What is a Renaissance Security Professional? In case you missed it the 2010 ISC2 Secure Americas Conference in Washington, DC, Rook’s Thompson presented on The tools and knowledge utilized by the visionaries in our industry to help us overcome major IT Security & (human factor) challenges.

What do you think of this statement: Most CISOs have invalidated their influence and business acumen as seen through the eyes of peers in the C-Suite and, perhaps more importantly, the Board of Directors? Agree? Disagree? How many “C”ISOs do you know who report to the CEO? Why is that? How’d we get here? What are we missing? What are the Marketing, Finance, and Psychology KSAs that we need to be more effective inside our organizations?

Take a look at the deck here (Rook Renaissance Security Professional)… and then sign up (only have to enter your email) to the Insight* Updates so you can have access to the screen cast of the presentation when its posted. The screen cast will contain the slides, audio, and even some video.

ISC2 SecureIndianapolis

What Are the Components of a 3rd Party Assessment?

elhollister — Thu, 03 Jun 2010 13:00:49 +0000

Last week, we discussed the factors you should examine internally to determine whether or not a 3rd party assessment is needed. Continuing our Weekly Insight video series, JJ Thompson discusses the components at 3rd party assessment should cover.

How Do I Know If I Need a 3rd Party Assessment?

elhollister — Thu, 27 May 2010 18:57:15 +0000

There are various factors involved with determining whether or not you should look into a 3rd Party IT Security assessment. While some of those may be legally based, others are grounded in the natural process of your business. In the first of our Weekly Insight video series, Rook CEO, JJ Thompson explains the drivers you should be aware of.