Menu
INSIGHT: RSA 2015… Rise of Chaos

INSIGHT: RSA 2015… Rise of Chaos

Here is my traditional RSA (#RSAC) reflection post for RSA 2015 Conference – all my personal opinions/impressions/thoughts, of course.

MUSINGS ON FUZZY PRODUCT CATEGORIES

In the past at RSA, you easily noticed that there were “SIEM vendors”, “DLP vendors”, “TI providers”, “anti-virus vendors”, etc. There were also larger vendors that sold product of several categories.

But at least there WERE categories. My experience at RSA 2015 show floor really ruined this world view!

First I thought that it was about marketing (like a booth that says “security intelligence” really just sells SIEM or a booth that says “breach prevention” and really just sells …eh… eh… dumb marketing?), but deeper conversations with many vendors – big and small – lead me to believe that the product category walls in security are becoming very fuzzy indeed.

“DLP that may also catch malware”, “an agent that can stop risky user action, and also collect forensics data”, “a network forensics tool that also does some malware analysis”, “a SIEM that collects packets and TI”, “an analytic tool that detects lateral movements and excessive account privileges”, etc, etc.

So, what is going on here? Presumably the markets should settle to more firm product category boundaries … but maybe changes in threat landscape prevent that? Is security truly as unique as some say – a set of markets that will never mature? (in another space, it would be considered market devolution, not maturation).

Thus, will we eternally live in The Long Tail World, where the choices are plentiful and rapidly changing – but few people use each choice? How do you do security architecture in such a world?

After all, “place a firewall here, a NIDS over there” 1990s thinking likely won’t work when there is a dozen types of network threat detection products, with a lot of overlap in features and unknown (sometimes unknowable!) effectiveness in their detection approaches.

Why is this happening? One explanation is that vendors “go broad” and try to take over some adjacent niches – sometimes at the cost of losing their excellence in the core market. So, is this innovation or confusion?

Or, maybe vendors decided that sporks and foons sell better than spoons and forks? But while sporks may solve a real problem (less weight to carry on a hike? less utensil types to stock?), most people use spoons and forks on a daily basis (spork is a mediocre spoon and a worse fork, IMHO).

Another reason maybe that there is a lot of VC money in infosec / cyber today and any type of a hybrid product have a right – and money!- to exist, however narrow its niche?

Or maybe vendor flee what some see as discredited categories, like SIEM and DLP, and make up funky new ones to appear new and innovative?

Thus, if I am even close to being correct in this assessment, we will live in a very, very different world of “cyber.” A fun world – but a risky one, with A LOT more uncertainty! So, go ahead, let’s discuss!

P.S. Does it make you want to be an analyst?

By Anton Chuvakin - Research Analyst, Gartner


Follow Us

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags Gartnermalwarersa

Featured

Slideshows

Reseller News Platinum Club celebrates leading partners in 2019

Reseller News Platinum Club celebrates leading partners in 2019

The leading players of the New Zealand channel came together to celebrate a year of achievement at the annual Reseller News Platinum Club lunch in Auckland. Following the Reseller News Innovation Awards, Platinum Club provides a platform to showcase the top performing partners and start-ups of the past 12 months.

Reseller News Platinum Club celebrates leading partners in 2019
Reseller News hosts alumnae breakfast for Women in ICT Awards

Reseller News hosts alumnae breakfast for Women in ICT Awards

Reseller News hosted its second annual alumnae breakfast for the Women in ICT Awards in New Zealand, designed to showcase the leading female leaders in the industry. Held at The Cordis in Auckland, attendees came together to hear inspiring keynotes and panel discussions, alongside high-level networking among peers. Photos by Gino Demeer.

Reseller News hosts alumnae breakfast for Women in ICT Awards
Reseller News Innovation Awards 2019: meet the winners

Reseller News Innovation Awards 2019: meet the winners

Reseller News honoured the standout players of the New Zealand channel in front of more than 480 technology leaders in Auckland on 23 October, recognising the achievements of top partners, emerging entrants and innovative start-ups.

Reseller News Innovation Awards 2019: meet the winners
Show Comments