Making Sense of Websense’s Acquisitions Strategy
When Websense (NASDAQ: WBSN) announced a couple of weeks ago it had acquired Defensio, a Canadian spam filtering Web service, I realized the San Diego software developer had morphed into something bigger and more robust than I remembered.
“A lot has changed in the last three or four years,” David Meizlik, a Websense product marketing manager, told me yesterday when I stopped by to catch up on the company. Meizlik attributes part of the change to the arrival of former McAfee president Gene Hodges, who was named CEO three years ago. Shifting customer requirements also prompted changes, Meizlik explained, as their info security needs expanded from defending a network like a fortress, with firewalls and intruder alarms, to an approach focused more specifically on content—on the potential threats on web sites and in e-mail traffic.
When it was founded in 1994, Websense specialized in providing software that companies used to block their employees from using their desktop computer to view Internet porn, visit online gambling dens, and idly surf the Web. When Websense went public in 2000, its filtering software was generating $8.6 million in sales a year.
The change in direction became more apparent after Hodges was hired in January 2006 to succeed John Carrington, who had served as Websense CEO for seven years. At McAfee, Hodges had overseen technology development and strategy, as well as sales and marketing, for McAfee’s worldwide business. By then, Websense was already expanding the scope of its content filtering capabilities to identify and block computer viruses and malicious software code, but since Hodges’ arrival Meizlik says Websense has made four key acquisitions:
—In 2006, Websense purchased non-exclusive rights to Inktomi Traffic Server, technology that enabled Websense to create a proxy gateway, an intermediary server between browsers and content servers, for filtering Web traffic.
—In late 2006, Websense paid $90 million to acquire PortAuthority, which had developed content filtering software designed to prevent sensitive or confidential data from being sent out of a corporate network. Meizlik says the technology was an ideal fit for the company’s customer base. “About 90 percent of all data leaks are the result of an accident, or employee error, or broke business practices” Meizlik says. Websense now can prevent an employee from e-mailing confidential data, posting it to a Web site or downloading it to a USB memory stick.
—In 2007, Websense acquired its biggest competitor, SurfControl, a UK-based content-filtering software developer that effectively doubled Websense from 25,000 to 50,000 corporate customers, and from 700 to approximately 1,200 employees. Websense executives told IT security analysts at the time the combination of two companies with similar content-filtering capabilities would enable them to compete more closely with larger rivals such as Symantec, McAfee, and Trend Micro. The acquisition also allowed Websense to gain a foothold in the emerging market for hosted security, or Software as a Service (SaaS).
—Websense’s acquisition of Defensio last month made the company’s shift into Web 2.0 and hosted security software more evident. In an announcement earlier this week, Websense unveiled its expanding capabilities in providing hosted e-mail security and hosted Web security. The approach enables Websense to identify and block spam or an e-mail containing malicious software or link to a malicious Web site before it reaches its destination.
Websense now says it provides protection for more than 42 million employees at more than 50,000 organizations worldwide, with software and hosted security applications that help customers block malicious code, prevent the loss of confidential information, and enforce Internet use and security policies.