IMG_0816Last week, ACG members were fortunate enough to host FireEye’s Chief Technology Officer, David Merkel, as the featured speaker of the October monthly meeting. David is an expert in the Cybersecurity field with years of experience and insight to tap into.

David took the time to give members some additional background on FireEye and its acquisition of Mandiant, and more importantly, why it made sense.

Mandiant was founded by Kevin Mandia in 2004. The company was focused around Cybersecurity services, “which seems to be more common on the East Coast.”

“Kevin called me in 2005 with an interesting proposition. Mandiant was mostly focused on digital forensics and incident response – the kind of stuff you do when everything goes wrong. In the process of doing that, Kevin thought of some great products he could potentially develop.”

David started the product business in 2006, “in the basement of a townhouse in Old Town Alexandria, and I was employee number 11.”

According to David, the process of trying to build a product company on the East Coast has a unique set of challenges. “Talent exists, but it’s perhaps not as readily available as it is on the West Coast. Flow of talent is a little different here. In California, you don’t have to deal with things like non-competes or things of that nature. On the East Coast, you do, so that’s a bit challenging.”

Although it can be “a lot easier to find more experienced software engineers with some background in building solutions,” a lot of times they’re entrenched, meaning they have jobs that they’re currently happy with, “so the flow of talent isn’t always there; you have to look and pick them off the tree.”

Mandiant was acquired by FireEye in December of 2013 for just north of one billion dollars. FireEye was founded in 2004 by Ashar Aziz. It was a traditional product company that was growing and scaling faster than Mandiant.

David explained that, in order to grow to the next level and really expand sales, FireEye needed “a more complete portfolio.” The company started with small acquisitions, and they “finally put the big bet down in December of 2013 when they acquired Mandiant.”

But why did this acquisition make sense?

“Both Mandiant and FireEye are trying to solve different ends of the same problem. There’s a spectrum of activity between detection and response from once the attack starts until the time you know you have a problem, and you’re trying to drive down the time that the attacker is in your environment to days, hours, minutes, or preferably, seconds.” By combining resources, both Mandiant and FireEye are in a better position to succeed.

Also, acquiring Mandiant means that FireEye can stay close to the breach once it happens, close to whatever’s happening next in the attacker space. FireEye didn’t have a services capability outside of product services, so “we avoided any overlap.”

Finally, Mandiant’s intelligence played a big factor in making it a sensible acquisition. While most of FireEye’s intelligence focused on detection, Mandiant offered more strategic intel, with more insight into who the attackers are and their motives.

While David and other Mandiant folks have had to make some adjustments following the acquisition, there’s certainly excitement for the future: “As Mandiant people, we’ve had to scale our thinking and understanding of what the real market opportunity is, and to train ourselves to get in the mindset of, yeah, we can take on some of the titans of our industry.”

For a full list of upcoming ACG National Capital events, and to register online, click HERE