|
Marcus Ranum
Point
You did your research and comparisons, and convinced your boss you'd found the right product to suit your company's needs. You invested hours in evaluation and testing before making the purchase, not to mention the days spent fielding it, learning its intricacies, and configuring and tuning it. Then comes the email informing you of an announcement that your chosen product/vendor had just been acquired by an industry giant and the product was going to be offered bundled with the giant's "complete, enterprise solution." You'd be happy except for the fact that most of the other products in the bundle are lousy, and the industry giant has had a history of discontinuing good products, apparently at random, or putting them in maintenance-only mode so they quickly become obsolete also-rans.
Sound familiar? Welcome to the downside of consolidation! It's living proof that bigger is not always better and that capitalism exist...
To continue reading for free, register below or login
To read more you must become a member of SearchSecurity.com
s to serve businesses' profit margins, not the customer. Practically every one of us who works in the security industry has had this experience--for the simple reason that only about 25 percent of security products last longer than five or six years without some major life-threatening event. Most of us have had a product suddenly go extinct--to be followed shortly by a sales call from the vendor that fired the fatal shot--in spite of the fact that we depended on it and paid 20 percent annual maintenance.
I'm not saying consolidation is always bad; sometimes you'll see a good match between a standalone technology and a large vendor that can sell, support and maintain it better. But the sad truth about our industry is that there are too many products vying for the available niches. Each time some new technology becomes the hot topic, there's a brief flurry of Darwinian activity, one or two really good products rise to the top, and then the scavengers move in to gobble up the weak and stupid. Here's the problem--there's just no room in any given security product niche for 10 venture-backed startups chasing the same group of customers. Now that venture capitalists are less interested in security (we're back to being a backwater!), the number and size of new niches is shrinking.
The reality is that the IT security industry exists to serve itself--not the customer. Whenever we forget that, we're bound to be frustrated by our experience. Consolidation is an inevitable result of what happens when you have big players that cannot innovate, and too many startups innovating on a tight venture-fueled schedule. If you look at it from the industry perspective (or the venture capitalist's), it makes perfect sense that the industry will go through this boom-and-bust cycle.
What does it mean for customers? To me, it's the best argument for do-it-yourself or integrating open source technologies into your product choices. Remember: the big argument that's levied against open source is "Who is going to maintain it?" That argument stacks up pretty neatly against, "Is this product going to exist tomorrow?"
|
 |
|
