Security companies battle viruses, spyware -- and now Microsoft

Competitive landscape could be changing

Tuesday, February 15, 2005


SAN FRANCISCO -- McAfee Inc.'s chief executive was appearing at a
conference last week to discuss the security-software company's business
strategy. But the strategy of a different company was first on his agenda.

"Today's announcement by Microsoft was a little astonishing to us, based
on the reaction in our stock price," George Samenuk began. "Let's set the
record straight right from the beginning."

Samenuk went on to stress the minimal effect that he said Microsoft's
planned acquisition of a New York-based anti-virus company, announced that
morning, would have on McAfee's business. He questioned the resulting dip
in McAfee's stock.

But the scene illustrated the potential impact of the Redmond software
giant's broader move into security software. Microsoft's entrance promises
to change the competitive landscape for companies specializing in software
to clean up and protect computers from viruses, spyware and other online

More information about the company's plans could emerge today in San
Francisco at the RSA Conference, the nation's largest annual
computer-security convention. Bill Gates is scheduled to deliver a keynote
address at the conference this morning.

It's the Microsoft chairman's second consecutive appearance at the event,
which has grown in size and significance in recent years, reflecting the
general proliferation of computer security problems. Companies in
attendance include such Microsoft competitors as Sun Microsystems, IBM
Corp. and Linux vendor Red Hat Inc.

Microsoft has so far kept key elements of its security-software plans
under wraps. The company acknowledges it will offer its own anti-spyware
and anti-virus products, based on technology acquired during the past two
years. But executives have remained quiet on such issues as pricing,
packaging and timing.

Those are potentially critical details for McAfee, Symantec, Trend Micro
and other companies already established in the security-software industry.
One major question: whether Microsoft will offer its security software
strictly on a standalone basis or also integrate it with the Windows
operating system.

Microsoft executives say their goal isn't to elbow out the existing
players but rather to address broader concerns about security. Customers
have made it clear that they expect Microsoft to help solve the problem,
said Mike Nash, corporate vice president in Microsoft's Security Business
and Technology Unit.

"Some customers want Microsoft, and some customers want a third-party
vendor," Nash said. "If you're going to buy it from Microsoft, you're
going to have what I hope will be a fantastic offering to choose."

However, he added, "If you decide you don't want a Microsoft solution,
there will be a healthy ecosystem of third parties that have those

Microsoft plans to charge for the server-based anti-virus technology it
will receive through its planned acquisition of New York-based Sybari
Software, announced last week. The company hasn't been specific about its
pricing plans for the anti-virus and anti-spyware software it expects to
offer for desktop computers.

But analysts say the company's primary motivation in getting into the
security-software business doesn't appear to be revenue -- at least not

Many of the problems encountered by personal-computer users result from
the exploitation of vulnerabilities in Windows and other Microsoft
programs, such as Internet Explorer. The company last year released a
massive collection of security fixes and adjustments, known as Service
Pack 2, for Windows XP.

But for a more fundamental security overhaul, Windows users must wait for
the next version of the operating system, due sometime in 2006. Code-named
Longhorn, it will be the first version of Windows developed entirely under
Microsoft's 3-year-old Trustworthy Computing initiative.

Yesterday's initial presentations at the RSA Conference demonstrated how
much work the company has to do if it wants to recast itself as security
savior. Mentions of Microsoft during sessions on security fundamentals
focused not on its push into the anti-virus and anti-spyware business but
rather on vulnerabilities in its software.

Nearly every anecdote during a session on "Intrusion Detection and
Prevention," for example, dealt with security problems in Microsoft

Those problems don't help the company's efforts to battle open-source
programs such as the Linux operating system and the surging Mozilla
Firefox Web browser. Analysts say such competition is one motivation
behind Microsoft's decision to offer its own security software.

"One thing they're looking at is lots of people saying, 'Hey, I'm on Linux
-- I don't get any viruses. I don't get hit by spyware,' " said industry
analyst John Pescatore, vice president for Internet security at the
Gartner Inc. research group. "They have a big incentive on Windows to
create as high a probability as possible that everybody's got anti-viral,
and it's up to date."

Pescatore said he expects Microsoft to charge for its desktop security
software. That would avoid the potential antitrust problems that would
come from bundling or giving it away for free along with the dominant
Windows operating system.

One possible clue about Microsoft's plans comes from a feature it unveiled
at RSA last year and later rolled out as part of Windows Service Pack 2.
Dubbed the Windows Security Center, it's a central place for monitoring
the status of a computer's security, including the status of anti-virus
protection from third-party vendors such as McAfee and Symantec.


Rick Sherlund of Goldman Sachs and other analysts say the company might
use the Windows Security Center to help connect its desktop anti-virus and
anti-spyware offerings. Even in that case, the Windows Security Center
would still be expected to work with security software from other
companies, as well.

But because Microsoft isn't looking to its anti-spyware or anti-virus
software as a major revenue source, Gartner's Pescatore said, he expects
the company to price its security programs at least 20 percent less than
the cost of comparable software.

Analysts say that type of potential long-term impact is one of the factors
causing the share prices of McAfee and Symantec to dip as Microsoft begins
to step into the security-software industry.

"I think the market is expecting Microsoft to come in, and to come in with
much fanfare," said Rob Owens, an analyst at Pacific Crest Securities in
Portland who covers McAfee and Symantec.

But Owens said the stock market thus far seems to be overreacting to the
potential short-run threat posed by Microsoft. Among other things, he
said, it's likely to take more than one version before the Redmond company
gains widespread adoption of its security software, particularly among

Microsoft is also at a disadvantage because, unlike many of the existing
players in the market, it doesn't yet have a comprehensive package of
security software to offer companies. In the long run, however, that could

"There has always been a risk of Microsoft entering this space," Owens
said. "Both companies have been awaiting the day when they would do battle
with Microsoft, and that day seems to be nearing at this point."

RSA Conference organizers expect record attendance of more than 11,000
people this week. In addition to Gates, speakers include Secret Service
Director Ralph Basham, 9/11 Commissioner Jamie Gorelick, Cisco Systems
Chief Executive John Chambers, Symantec Chief Executive John Thompson and
Frank Abagnale, the real-life figure behind the "Catch Me If You Can" book
and movie. RSA 2005

Follow the news from the RSA computer security conference in San Francisco
this week in the Seattle Post-Intelligencer and on the P-I's Microsoft

P-I reporter Todd Bishop can be reached at 206-448-8221 or

© 1998-2008 Seattle Post-Intelligencer

-- - Interesting Stuff - Leadership Development in Free Software

So many immigrant groups have swept through our town that Brooklyn, like Atlantis, reaches mythological proportions in the mind of the world - RI Safir 1998 DRM is THEFT - We are the STAKEHOLDERS - RI Safir 2002

"Yeah - I write Free SUE ME"

"The tremendous problem we face is that we are becoming sharecroppers to our own cultural heritage -- we need the ability to participate in our own society."

"> I'm an engineer. I choose the best tool for the job, politics be damned.<
You must be a stupid engineer then, because politcs and technology have been attached at the hip since the 1st dynasty in Ancient Egypt. I guess you missed that one."

© Copyright for the Digital Millennium