SAN FRANCISCO — When HP announced last September its intent to acquire SIM leaders ArcSight, it was a pretty startling $1.5B deal. Not only had another security company fallen off the map into the hands of a tech giant, but interesting questions started to arise about how HP would make ArcSight fit into its overall IT service and application management strategy. ArcSight wasn’t the only security company in HP’s crosshairs; Fortify had already been scooped in August to go along with the acquisition of TippingPoint as part of the Nov. 2009 3Com deal.
This under-construction security ecosystem being put together by HP is starting to take shape, and now executive VP of HP software and solutions Bill Veghte is spreading the word. Shortly before his keynote today at RSA Conference 2011, Vegthte explained how HP wants to build a platform that combines data sets from IT operations and security to provide security managers with more business context to help them make decisions. Leveraging the ArcSight platform with service and application management views provided by HP OpenView, he says, will build a risk platform CISOs can use to enhance their mission.
The question, however, becomes twofold: Is HP slowly shifting security responsibilities away from the CISO by moving operations and security data into the same bucket; and as SIMs are historically complex tools that require significant human capital investments to adequately implement and analyze, how does adding more data to that equation not exponentially increase that complexity?
Veghte fights that notion, adding that ArcSight’s ability to handle tens of millions of events and its ubiquity with large enterprise and government installations helps lessen the complexity issue. “This has to be about security first. We see this as an opportunity to enable the CISO to make better risk decisions with more context,” he said. “If you’re a large financial services organization, and you’re seeing a performance degradation in a trading application, is it a hardware failure, a load issue, or are you under attack? If we can aggregate all of that data, put it in context, and visualize it, that’s an enormous opportunity.”