Zen 2.0

Earlier we mentioned that EMC is buying Network Intelligence, well, there’s a bunch of analyst/editor comments out now.

EMC and Network Intelligence: What it Means.

In the last few months, Novell bought e-Security and IBM got GuardedNet through its acquisition of Micromuse. Cisco grabbed Protego about and year ago and rumor has it that Oracle is about to buy either NetForensics or Intellitactics. It’s likely that HP, McAfee, and BMC are looking at other leaders like LogLogics as well as network behavior specialists like Mazu and Q1.

Building The New EMC, One Acquisition At A Time

Interesting comments from Dennis Hoffman, vice president of information security at EMC

Network Intelligence plays in three areas of the security industry, he said. The first is log management, a space where the leader is another company, LogLogic, San Jose, Calif., Hoffman said.

The second is event management, or the real-time processing of data for security purposes. “ArcSight is the leader,” Hoffman said. “There are lots of others in this space, too. Names you’ve never heard of.”

The third is security information management, which includes the reporting and forensic analysis of where security problems occur. Network Intelligence is the leader here, Hoffman said.

On a side note, here’s an article about ArcSight.

Ray Lane buys dinner - Who buys ArcSight?

One of ArcSight’s board members told me the company is hitting close to the $75m revenue number, that’s getting close to the magic $80m to $100m level that could initiate an IPO–except that the IPO market is in the doldrums.

Rumor has it that EMC is buying the SIEM vendor Network Intelligence for between $150 to $175 million. NI’s revenue is said to be around $20 to $25 mil. That’s 7x revenue, which is not bad at all.

[Update: Announcement was made today on the NI acquisition by EMC. Interesting how the NI story is hidden inside a much bigger story. Does that indicate what's to come? That NI is going to just be a small piece of the EMC security story? The PR doesn't even mention the price. However, Reuters' piece mentions the $175m figure.]

Finally got a chance to read the 2006 CSI/FBI Computer Crime and Security Survey.

It’s definitely worth scanning through. There are some interesting findings:

• Regulatory compliance related to information security is among the most critical security issues customers face.
• Virus attacks continue to be the source of the greatest financial losses. ($15.7 mil)
• Unauthorized access continues to be second-greatest source of financial losses. (10.6 mil)

It’s also interesting that e-mail and web activity are used by over 50% of the organizations as effective security techniques. (page 17)

Not surprisingly, data protection is cited as the most critical security issue for the companies for the next two years. (page 24)

With its 1.3 billion people and 13.65 trillion yuan (approximately $1.65 trillion U.S.) in 2004 GDP, it is no wonder every U.S. company wants to get into the Chinese market. Although most companies are entering China to utilize its cheap labor for high-tech development, such as software development or electronic manufacturing, many companies are also trying to sell into the Chinese companies.

There are many obvious advantages in selling into the Chinese software market; however, for companies who are considering that route, there are many factors to consider before making the dive.

Quanxi

Quanxi, Quanxi, Quanxi. It is undoubtedly the most important factor in doing business in China. Tomes have been written on the subject of Quangxi, or relationship in Chinese. The right guanxi can make or break your venture in China. With the right guanxi, you have much better chances in getting into opportunities or closing the deals.

It doesn’t matter how good or inexpensive your product is, if you don’t have the right guanxi, you will not be getting in at all. However, if you have the right guanxi, sometimes it doesn’t matter how bad or expensive your product is, you will still be able to get into many opportunities.

Software Market Size

According to CEO & CIO China, a premier technology magazine in China, China’s 2004 software market was approximately U.S. $25 billion, or 2.6% of the worldwide software spending. However, due to the fact that most Chinese companies report system cost and professional services as part of software cost, the actually software sales is only around 50 percent of the total market. In contrast, the U.S. software market is approximately 40% of worldwide software market.

According to IDC, the Chinese software market grew 24% in 2003, and it’s expected to be growing at similar rates for the next few years. This is definitely not a figure to ignore, which is why most ISVs are trying to secure a landing spot early.

Enterprise IT Infrastructure

In general, Chinese companies lag behind in the application of leading-edge technologies in large-scale enterprise infrastructures. Many Chinese companies are just now deploying ERP and CRM applications that have long been part of the U.S. companies’ infrastructure. When it comes to high-availability and fully redundancy infrastructures, most Chinese companies are still in its infancy.

Chinese IT workers are also relatively inexperienced in the design and maintenance of large-scale infrastructures. Many of them have limited exposure to advanced technologies and training that’s required to design a high-availability infrastructure.

If a U.S. software maker is planning to enter the Chinese market with a brand new product, be prepared to invest in the education of Chinese companies and IT workers.

Product Discounts

Q: What’s the difference between buying a silk scarf at a street shop and a technology product in China?

A: Technology products are discounted more. A lot more!

Chinese companies are used to getting huge discounts, sometimes to the tune of 80 to 90%, on their technology investments. In contrast, ISVs in the U.S. are used to offering much lower discounts, such as 20 to 30%.

Companies going into the Chinese market with this mind set will be in a world of hurt when they start their negotiation process. This is one reason why some companies are going in with prices that are four times the U.S. prices.

Customization and Professional Services

In addition to the huge expected discounts, Chinese companies also expect that ISVs heavily customize the products specifically for them. To compete in the software market, many Chinese ISVs are using the ability to do heavy customization at a low cost, or free, as a way to attract large customers. So the cost of the customization generally falls on the shoulders of the ISVs, instead of the customers.

In the U.S., companies generally charge customers $2,000 to $2,500 per day for professional services to provide customization. Sometimes due to the complexity of the products, cost of professional services may even be higher than the product cost.

The cheap cost of labor in China has direct impacts on the cost of professional services. Most ISVs are finding that Chinese companies are unwilling to pay the U.S. price level for professional services. Companies are paying approximately U.S. $300 to $400 per day for professional services in China. For some of the largest banks and telecom companies, they will most likely negotiate for free professional services.

Another area of impact for the ISVs, due to the cheap cost of labor, is support cost. Chinese companies expect immediate support response, most likely on-site, when problems arise.

Intellectual Property and Software Piracy

No ISV should enter China’s software market without the consideration of software piracy issues. According to International Intellectual Property Alliance (IIPA), China’s piracy rate is approximately 96% of all software sold; only 4% is legitimately bought.

This is not only a problem for packaged software ISVs; it is also a problem for enterprise software ISVs as well.

Due to the fact that China has virtually no trade secret laws, intellectual property leakage is more prevalent if ISVs don’t take precautions in protecting their IP.

—

As more and more ISVs are considering China’s software market as the next landing spot for expansion, these factors are extremely important to consider and cannot be ignored. By understanding these factors and establishing plans as well as strategies to work through them, companies can ensure a much more successful business venture in China.

The SANS Institute Analyst White Paper:

The Log Management Industry - An Untapped Market

The SANS Institute uncovers and defines the growing importance of proper log management, including real-world issues facing the IT community around best practices of log management, traditional approaches vs. new high-performance commercial solutions and the capturing of all log data messages including informational-levels.

This is for you stats buffs who are doing market research.

23% of US banks are planning major updates to infrastructure

About 23% of all US banks are planning major initiatives related to core banking systems, according to Gartner. US banks lag behind financial institutions in other parts of the world such as Europe, where banks are pressed to change by new European Union rules.

Hospital IT spending to increase 6-10% in 2005

Hospitals are expected to increase their capital expenditures on health IT for 2005 by 6-10%. The operating budget is expected to swell to 3.5%, from 2.5% in 2004, according to Cap Gemini.

Security spending in UK and Ireland to more than double

IDC says British and Irish enterprises will more than double spending on IT security solutions in 2005.

Stats provided by IT Facts.

I had a question a while back on why hasn’t the buy out begun in the log management market, and here’s Cisco’s answer.

Cisco Systems, Inc., today announced a definitive agreement to acquire privately-held Protego Networks, Inc. of Sunnyvale, CA, ….. Under the terms of the agreement, Cisco will pay approximately $65 million in cash for Protego.

A couple of interesting and relevant articles from CSO Magazine.

• Trends 2005: Risk And Compliance Management by Michael Rasmussen.
• Clearing Up the Muddled Security Management Market by Andrew Braunberg

Yankee Group had an estimate of the SIM/SEM market in 2003 and showed that the SEM market is $180 million this year and $270 million next year.

To put that in perspective, the US information security industry is $8.7 billion.

The Business Intelligence market is on a growth path that should result in a $7.8 billion market by 2005.

The worldwide software revenue increased 5.1% to $178 bln in 2003 and is projected to rise to $189 bln in 2004.

And according to itfacts.biz,

The Semiconductor Industry Association predicted semiconductor sales to rise 28.5% to a record $213.8 bln in 2004 but remain essentially flat in 2005, as the excess inventory problems many chip companies are now reporting make their impact felt. The forecast projects sales will grow by 6.3% to $227.2 bln in 2006 and by 14.2% to $259.4 bln in 2007.

Comparatively, the SEM/SIM market is peanuts!!

So I got a question for everyone. Why hasn’t the SIM or log analysis market consolidated?

The SIM market is about 5 years old now. There are many players in this field, both pure SIM players and players expanding into the SIM space.

Some of the pure players include

• ArcSight
• netForensics
• Open Service
• e-Security
• GuardedNet
• Network Intelligence
• TriGeo
• Protego
• LogLogic
• Consul Risk Management
• High Tower Software
• SenSage

Other non-pure players that are either getting into or already in the SIM space include

• Aelita (acquired by Quest Software)
• Symantec (acquired Riptech, Mountain Wave and Recourse)
• MicroMuse
• Computer Associates eTrust

I was expecting the wave of buyouts to begin when Symantec acquired the 3 companies, but nothing has happened.

I can think of a couple reasons

1. SIM vendors haven’t proved their value. There’s a lot of good technologies out there, but most of them are very high priced. I think the SIM vendors have a tough time justifying the ROI.
2. Most SIM vendors have gotten several rounds of funding now, probably anywhere from $15 to $60 million. Most companies don’t want to spend a whole lot of money buying these vendors. Symantec bought Mountain Wave for $20 million, Riptech for $145 million and Recourse for $135. Both Riptech and Recourse brought more than just log analysis products.

What do you think? I would love to hear your thoughts on this issue.