We can’t have enough security products
In recent years I’ve taken the opposite view from the analysts and vendors who have been continually predicting the death of standalone security products. I believe the future will be even more security solutions. And that’s a good thing. We should encourage more innovation, variety and competition.



From forensic cyber to encryption: InfoSec17
Security technologist Bruce Schneier’s insights and warnings around the regulation of IoT security and forensic cyber psychologist Mary Aiken’s comments around the tensions between encryption and state security were the top highlights of the keynote presentations at Infosecurity Europe 2017 in London.
By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.
You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.
I can understand why big vendors prefer to imagine a future free from single point solutions. But I find it sad and strange to hear customers complain about the number of security products available for them to buy. Bruce Schneier drew attention to that in his report of this year’s RSA Conference. His observations were correct, though I disagree with his forecast of the death of end user attendance at large exhibitions. In my view these events will go from strength to strength, as products proliferate and security becomes even more fashionable. 12,500 visitors are reported to have attended Infosecurity Europe. Next year’s event will be even bigger.
There are several reasons for the frustration of users. The market is immature and inefficient. Products are improving but marketing is still weak. I know that because I advise many start-up companies and venture capitalists. But inefficient markets present business opportunities. And networks are a powerful tool for improving searches and communications. That will all get fixed over time.
It’s also becoming much easier for customers to deploy new products when offered as Software as a Service. That at least overcomes the complaints of operations staff about the number of different boxes they have to install in their equipment racks.
I’ve pointed out before that acquisition of smaller products by bigger vendors will not reduce the number of standalone security products. The problem space is huge and growing. The solution space is tiny by comparison. What we’re really lacking is imagination. There is plenty of existing academic research to underpin dozens of new security product concepts that would deliver value to customers. I can think of several that are easy to build and that customers would buy. But we keep seeing variations of the same solution. A lack of creative product development is the real Achilles’ heel of the security market.
Join the conversation
4 comments