HP is buying cloud encryption specialist Voltage Security, and plans to merge the Voltage products into its Atalla security range.

The two companies announced the agreement this week, but gave no details of the price; they expect the deal to close in the first half of fiscal year 2015.

Cupertino, Calif.-based Voltage provides encryption and tokenization software to protect data stored in the cloud, in data centers, and on mobile devices.

Voltage surge?

“With Voltage, HP plans to offer customers unparalleled data protection capabilities built to close the gaps that exist in traditional encryption and tokenization approaches. This is particularly important for enterprises that interact with financial payments systems, manage workloads in the cloud, or whose sensitive data flows into Hadoop for analytics – making them attractive targets for cyber-attackers”, according to a blog post by Art Gilliland, HP’s senior VP and GM of enterprise security products.

In addition to highlighting Voltage’s value to Atalla’s card payment security business, the HP executive said the purchase will bring his company solutions that “allow enterprises to use protected data in applications without having to re-architect their applications or adopt fragmented frameworks. This capability extends from the data center to cloud and Hadoop environments, all under a single framework.”

HP has an acquisition track record that mirrors other hardware goliaths. Back in 2010 the firm purchased application security specialist Fortify, along with Stratavia and 3Par. In that same year, HP spent $1.5bn on SIEM (security information and event management) specialist ArcSight, which was also courted by Dell during a bidding war.

Another One Bites the Dust

HP’s planned purchase of Voltage Security is just another in a long line of acquisitions within the information security sector. In August 2010, chip maker Intel purchased McAfee in a $7.68bn deal that left Symantec as the only mega player among dedicated information security companies. Intel followed that up with the purchase of database security firm Sentrigo (2012) and firewall specialist Stonesoft (2013). By 2014, Intel announced it would shed the McAfee name altogether, perhaps more in effort to distance itself from the company’s eccentric founder, John McAfee.

Since 2010, Dell has snapped up several security startups, including SecureWorks, (network and managed security services), AppAssure, SonicWall (network and data security), and Credant Technologies (endpoint security, encryption). 

Cisco has been active in the market as well, buying virtualization security specialist Virtuata in 2012. It followed this up with a $2.7bn purchase of Sourcefire in 2013, a security firm that began as an intrusion detection/prevention specialist but quickly branched out to next-gen firewalls, advanced malware protection, cloud security, and mobile security.

Perhaps no company has been more active in security acquisitions than IBM. Big Blue started its buying binge in 2006, and by the time it bought patch management provider BigFix in 2010, the company had added the technology from 11 security firms to its software portfolio. The trend continued with the purchases of Q1 Labs (SIEM), Trusteer (malware, anti-fraud), and GreenHat (cloud testing). Add this to the 2013 purchase of cloud-based hosting service SoftLayer for $2bn, and companies like IBM are looking to integrate the security offerings of innovative start-ups and niche providers into the hardware and infrastructure level.

Industry analysts disagree on whether M&A activity in the security market benefits customers or shareholders. On the one hand you have the incorporation of innovative technologies, provided in a more economical package as the part of security suites known as unified threat management (UTM) platforms; or embedded into the hardware or infrastructure services sold by some of these tech industry giants. On the other hand, the purchase of these start-ups and specialist providers can be a death knell for the innovative research and development that made them such an attractive acquisition target in the first place.