FireEye’s acquisition of Mandiant this month stunned many. Some believed two bottles of Kool-Aid merged, while others see the formation of a potential challenger to established security players. Yet others believe this to be the acquisition of an overpriced toy by a newly affluent purchaser. At NSS Labs, we see the move as a huge crossroads for FireEye.
On one hand is opportunity: The combined entity can reinvigorate the product foresight of FireEye. Mandiant’s consultants, knee-deep in the trenches of major breaches, can keep FireEye updated on the latest threats and methods used by criminals and nation-states. A combined threat feed can add both sector depth (from Mandiant) and breadth (from FireEye). Mandiant still relies a great deal on personnel-heavy services: As a result of this acquisition, Mandiant will likely rapidly productize its institutional knowledge, allowing better quality incident response for all FireEye customers. FireEye has gained a huge brand for incident response with an impressive Rolodex.
But on the other hand is severe risk: Mandiant is at heart a services company comprised of talented individuals. The loss of these individuals is a huge risk for FireEye, particularly in the first 6 months, before their knowledge has been productized. Previous similar acquisitions (@stake by Symantec and Foundstone by McAfee) signaled significant and rapid exits by top talent. If the hemorrhaging begins, it may be difficult to control. There is always a risk of culture clash when an acquisition occurs, particularly when one company is clearly perceived as the conqueror and the other as the conquered. Here we have a product company that has acquired a services company with highly paid and well-respected talent. Time will bring stabilization, but there may be high-profile departures from both FireEye and Mandiant as this new post-IPO giant reaches equilibrium. Already, there has been a departure in FireEye’s executive ranks. More departures may be forthcoming.
Speed is everything with this acquisition. If Mandiant’s talent cannot improve existing FireEye products within 6 months, and if it cannot drive new products within 9-12 months, this will be a waste of a billion dollars.
My advice to FireEye: Focus, start climbing and don’t look down.
For more on the acquisition, read the recent NSS analyst brief, FireEye Acquires Mandiant for USD $1 Billion.
Follow me on Twitter @baylorsecurity to keep informed as new research is released.
Follow us on Twitter (@NSSLabs) to keep informed as new research is released.