Can Dell IPO to Cyber Security Dominance?

Dell’s pending acquisition of RSA (via EMC) and the IPO of SecureWorks, coupled with some strong moves within Dell itself, could position it as a market leader in both security and digital trust.  To do this, it must retain its core strengths and focus on efforts to demonstrate comprehensive enterprise value.

Dell has officially confirmed that SecureWorks, its 2011 managed security acquisition, will “conduct a registered initial public offering” in 2016. As a singular move, this makes solid sense for SecureWorks, which has remained semi-autonomous within Dell even as it was recently named a High Performer in our HfS Trust-as-a-Service Blueprint for its long term vision for security and alignment with the HfS Digital Trust Framework (see “Provider, provider on the wall, who’s delivering Trust for Digital?”). But when the IPO is considered alongside other recent news, the path to leadership becomes a bit cloudier.

Dell’s Security Position

The recent HfS Blueprint assessment of Dell’s SecureWorks team was very positive. But SecureWorks is not the only security play within Dell, which has elements of cyber security and digital trust woven throughout the organization, including:

• Dell SonicWALL: (acquired in 2012), providing hardware-level security for remote access, firewall, phishing, malware, etc.,
• Dell Security Solutions: providing software-level security including anti-virus, encryption, endpoint and Identity and Access Management (via the 2012 acquisition of Quest, for IT management tools).
• Dell Services: providing an increasing level of application and IT (outsourced, consulting & integration) services that weave security technologies into the enterprise security fabric (an emerging “security services” extension of the 2009 Perot Systems acquisition).

Additionally, Dell has been active in announcing new cyber security technology and services deals that considerably enhance the overall security value proposition:

• Cylance Partnership: for the integration of an advanced AI-based threat detection and endpoint cleansing tool which will initially be bundled with Dell’s PC hardware packages, though we expect much more to come from this deal (note: Cylance is a Silicon Valley unicorn in which Dell Ventures is an investment partner),
• Dell AEGIS: an enterprise software tool (offered by Dell Services) for identifying mission-critical application-level security vulnerabilities,
• Emergency Cyber Incident Response (ECIR): a new on-demand Dell SecureWorks service offering for the Amazon Web Services (AWS) platform
• RSA: which brings a billion-dollar-plus software and services security business to the Dell security family pending completion of the EMC acquisition.

Dell’s Deal Dilemma

Dell is a vast provider that has largely grown its impressive security practice through acquisition. When you add up Dell’s past performance with the announced offerings, pending acquisitions, and pending IPO potential, we believe Dell could rapidly become one of only a few true leaders in the security market.

But Dell is also working through a period of transformation after its late-2013 move to become a privately held firm (see Dell Arrives at its “Crossroads” – Which Direction is Next?). What can be acquired can also be divested, and that is where uncertainty in this leadership vision arises, notably:

• SecureWorks IPO: Will generate significant cash for the continued expansion of its Managed Security Services (likely through acquisitions), but may lead to SecureWorks having increased autonomy (read “becoming non-core”) within Dell.
• RSA is an unknown: It is likely to retain significant autonomy from other Dell security offerings.
• The EMC acquisition is costly: Speculation is rising within the analyst community regarding the potential divestment of Dell properties (such as Quest, SonicWALL, or Services), in an effort to lessen the estimated $49b debt the firm will carry post-closing on EMC.

The Enterprise Solution

HfS believes it possible that Dell may divest a portion of its security and services businesses to facilitate the EMC acquisition. We further believe it likely that SecureWorks and RSA will remain somewhat autonomous moving forward. While we would like to see an increased level of coordination and integration between Dell’s security efforts, we do not believe any such integration can be reliably anticipated until well after the EMC and SecureWorks efforts have been completed.

We remain very positive on the individual security offerings within Dell and recommend enterprises focus product & services evaluations on discrete requirements against individual value propositions, and not on a broader context until the full impact of Dell’s present activities become clear and we can determine what Dell will be when it grows up.