Comment: Intel and McAfee – What Next for Security?

Ferguson says security needs to be embedded into internet-connected devices, but not at a hardware/chip level
Ferguson says security needs to be embedded into internet-connected devices, but not at a hardware/chip level
Rik Ferguson, Trend Micro
Rik Ferguson, Trend Micro

Well, we didn’t see that one coming. After all the tech merger and acquisition activity already this year, who knew that the world’s largest chip maker would decide it wanted a piece of the security market?

Intel’s proposed $7.7bn all cash purchase of McAfee is the biggest in the chip giant’s 40-odd-year history, so why now, and what is the security industry likely to make of it?

It’s fair to say Intel took everyone by surprise when it told the world of its plans a few weeks ago. Offering a staggering 60% premium on McAfee’s share price, you can be sure that it means business. But what have the two firms got in common, apart from their respective Santa Clara headquarters? Not much, would be the simple answer, although they do claim to have been working in partnership on new technologies over the past few months.

Anyone looking for more detail on exactly what the acquisition means for them may be left a little disappointed. Peel back the marketing speak and textbook post-M&A platitudes on both sides and you’d be forgiven for thinking that there is no product roadmap to speak of yet.

What we can say, however, is that key Intel players, from supreme Paul Otellini all the way down, have been quick to push the party line: “security is more effective when enabled in hardware”. To this end, Otellini says he wants to have McAfee technology deeply integrated into Intel products, while both sides have been quick to talk about the massive opportunities they have in addressing the explosive growth in internet-connected devices.

Taking the first point, adding security functionality into Intel’s chip offerings may well seem like an attractive option to offer enterprise buyers. But is pushing security into silicon really the way vendors should be thinking as they look to neutralize the increasingly sophisticated and dynamic threats from cyber crime?

Analysts think not. Forrester’s Andrew Jacquith argues convincingly that enterprise IT managers tend to take a least-common denominator approach to managing their hardware platforms, due to a great extent because they tend to stick around longer and are harder to upgrade than software-based ones. Just as comparatively few have invested in the chips Intel has tried to differentiate within the market, like vPro, few will be interested in buying chips with added security built in, or so the argument goes.

To be fair to Intel and McAfee though, there are elements of security that could be significantly enhanced if chips were designed in a more sympathetic way. Deep packet inspection, encryption processing and file scanning could all be made more efficient, ultimately enabling better security for the same resource allocation.

However, there are huge numbers of other elements that could never be practically embedded on a chip. Just thinking about signature file updates and patches: these are elements that change in real-time and need the flexibility of a cloud-based automatic update system. If too much security is pushed down to the hardware/chip level it will become an onerous and impossible task to refresh the hardware stack as often as would be required.

Then there is the issue of standardization. Does Intel believe enterprises are prepared to sacrifice their entire hardware estate to standardize on an Intel McAfee platform? Sadly, enterprises will never be that homogenous. There are too many different processes running on too many different machines – they have grown up organically and in most cases are the product of huge amounts of investment that cannot easily be pulled up to start again.

On the second point, undoubtedly there is a great opportunity to secure the huge numbers of internet-connected devices coming online every day, as both Intel and McAfee have eagerly mentioned. But is Intel in danger of taking security down the hardware path at exactly the moment when most others are beginning to see the benefits of the cloud?

As I have mentioned, security tasks can be quite resource intensive – on a mobile device you want to move the processing power as much as possible off the device and into the cloud. Yes, security needs to be embedded into internet-connected devices, but not at a hardware/chip level.

Security in the 21st century is about being dynamic, responding to the ever-changing threat landscape in real-time, which you can do with a cloud-based system powered by a network of threat intelligence sensors and reputation-based technologies that stop threats before they even hit the device. Pushing security down to the hardware level makes it very difficult to be reactive, agile or fundamentally secure.

Assuming that a strategy of pushing security into the silicon does not draw the ire of regulators – not a given considering the chip maker’s past dealings with the EU and the FTC – then the next few months will be an interesting time as we see what plans Intel has for its newest acquisition. The only thing I can guarantee is that there are a lot of nervous McAfee customers at the moment.

Rik Ferguson brings more than fifteen years of security and information technology experience to his role as senior security advisor at Trend Micro. In this position, Ferguson is actively engaged in threat research, with a particular focus on social networking attacks. Prior to assuming his current role, Ferguson was a solutions architect at Trend Micro, having also previously served as security infrastructure specialist at EDS and as a senior product engineer at McAfee. Ferguson holds BA from the University of Wales and is CISSP-ISSAP in good standing.

What’s hot on Infosecurity Magazine?