Thursday, July 20, 2006

On Security Industry Evolution

Here is an unusually good piece from an "SC Magazine" (I guess they fired some of the assclowns they used to have) Some insightful quotes of note follow!

This one is a response to the whiners who say that in a few years security will get absorbed in the infrastructure:

"'In the real world, information security is there to make up for shortfalls and mistakes made by the infrastructure side,' says John Pescatore, a Gartner analyst. 'If everybody configured their servers correctly, you wouldn't need security [companies]. However, we know people make mistakes. Things get misconfigured. If the only security we have is built into the infrastructure, we're dead.'"

A fun VC quote:

"Security is like any other space people are investing in," he says. "There are some bad ideas out there being funded, there are some nice-to-have ideas being funded, and then there are a handful of game-changing ideas beings funded."

A dumb quote from a vendor who is desperate to be bought:

"I think innovation has crossed over to the point where the small company is no longer the organization the customer looks to to provide a product..."

And a final conclusion from this Cybertrust guy:

"I personally believe IT security will not disappear," Becker of Cybertrust says. "I think it's distinct enough from the routine stuff. I believe it will remain a standalone industry."

It feels good to know that what we do is "distinct enough from the routine stuff"!

Dr Anton Chuvakin