It is no secret that software companies claiming to be security guardians of your PC have the same agenda as the people making malicious software – to make money. But of course that is not the full picture. In terms of the network security company FireEye, for example, we should take a closer look at its successes, failures and impacts on society before we come to conclusions about its merit or worth.
SUCCESS AND IMPACT
In 2012 Forbes magazine published an interesting comment on internet security companies. “[They] won’t get far trying to drive looking in the rearview mirror”, it said. The implied critique is that security companies only offer protection from existing malicious software, providing a whole host of expensive defense products that cyber-criminals can outsmart in a heartbeat. However this is not the case for FireEye. The company has secured a firm position as the industry leader and that is due to two compelling reasons: 1. FireEye’s products detect and prevent attacks that have never happened before At the core of FireEye’s success are its proprietary technology and patents. It is the only company in the internet security space that can simultaneously pre-empt and wipe out next generation threats like Zero-Day Attacks and APTs on web, email, file and mobile. Consequently – in the words of founder Ashar Aziz himself, there is no real competitor for FireEye. While this might be excellent news to another company, this particular industry is different. When FireEye’s security system launched in 2009, early adoption was low and first-stage reception lukewarm. Users were essentially hesitant to believe in a product of such premium quality. In response to society’s initial disbelief, FireEye proved its products’ efficacy to the market. The test was to install the FireEye product behind the clients’ own firewalls to see whether existing security products were letting through any threats to the enterprise infrastructure. 99% of the time FireEye’s system passed the test with flying colors – the average number of attacks missed by existing security and detected by FireEye’s security came to ~450/week. This was a huge turning point in FireEye’s business. Once convinced of the products’ reliability, FireEye’s client base grew at triple-digit rates within half a year. To date its 1,000 institutional users include >150 Fortune500 companies and a large number of government agencies as well. The positive affects of FireEye’s technologies are manifold. For household users, less worry about fraud or identity theft means you can feel free to upload more personal information onto websites. With the advent of big data you will also experience a better, more customized browsing/shopping experience on these sites. Your consumption patterns will change. You can afford to spend more time at home – family values will change and societal harmony will increase as a whole. For corporate users FireEye’s technologies will dramatically increase efficiency. Investment bankers, for example, can discuss top-secret deals over email on their Blackberrys instead of flying cross-country to meet each other. Work life balance will become more attainable and morale will surely become better. Lastly, for government users the economic deadweight loss will decrease as less crime takes place.
2. FireEye has a compelling business model with cross-selling opportunities across its ecosystem FireEye has a wildly successful monetization strategy. First the company sells a packaged security solution for US$15,000 – US$120,000. Then to lock in users, the company sells a mandatory support and maintenance contract priced at between 18% and 20% of the cost of the system. Finally on a subscription basis, FireEye also sells access to its Malware Protection Cloud that keeps all its customers up-to-date on the “malware metadata” of the latest attacks that the company uncovers....