What Mandiant-FireEye merger means for the federal market

When network security company FireEye announced Jan. 2 that it acquired cybersecurity firm Mandiant, it signaled a union of two of the biggest names in next-generation IT and network security. But it also raised a lot of questions about what the merger means for the broader cybersecurity market and for the federal government, which routinely contracts both companies to protect and respond to threats on U.S. networks.

Less than a week after the announcement, it's not entirely clear what will happen in the rapidly growing cybersecurity market, but it is a safe bet that competitors will be watching closely and customers – including executives in both the public and private sectors – will be assessing how to move forward with their own security measures.

"In Mandiant's case, there is some risk in moving away from the investigative post-breach response services they're known for. Those services are still needed at government agencies; so the message will be less clear on who you call when you have a breach. For a number of years Mandiant has been at the top of the list," said cybersecurity expert Richard Stiennon, chief research analyst at IT-Harvest.

While Mandiant is not likely to completely leave its incident-response services behind, it does open the market to other companies to step in, insiders said, particularly as FireEye looks to take the business more global.

"FireEye is also betting that it can capitalize on Mandiant’s relationships with government agencies and federal integrators to grab its share of future cybersecurity spending inside the Beltway,” tech blogger Jon Oltsik noted in a Jan. 3 post. “On the flip side, FireEye hopes to give Mandiant something it never had – an enterprise-savvy sales and marketing team who can translate Mandiant federal security geek-speak into CISO value."

Currently, Mandiant's customer base is largely  composed of U.S. companies. But that's likely to change, despite growing suspicions in the wake of leaks revealing that many major American tech firms complied with National Security Agency surveillance activities.

"The conversation around Microsoft and the NSA, or others who had relationships with them, is only creating more opportunities for companies like us," said David DeWalt, FireEye chairman and CEO, according to the Washington Post.

The NSA scandal also is creating opportunities for network security firms focused on what Stiennon said is currently the biggest driver in the market, and not something typically handled by Mandiant or FireEye: network counter-surveillance.

"Mandiant has never released anything indicating that they know anything about the NSA, and I think that role will fall to the next Mandiant and next FireEye; we'll start seeing influential reports coming from the Kasperskys of the world," Stiennon said. "And U.S. tech companies are going to fall behind the curve unless they start moving today. A lot of vendors have been implicated as having vulnerabilities . . . and all of those vendors have to respond in a positive, strong way. Not with a press release or a statement, but by helping customers determine if they've been breached, which in this case is by the federal government."