Is security vendor lock-in harming the industry?

Powered by SC Magazine
 

Schneier: Vendors in a race to the bottom.

The information security industry is losing out from a war between vendors, according to Bruce Schneier.

BT’s chief security officer, also a renowned cryptographer and security commentator, said expensive and well-designed security products were being killed off by dud “lemon” copycat technologies.

Others had revenue sapped by “parasites” that produce initially inferior but much cheaper products.

In this war of vendors, customers were being forced into lock-in environments in which the cost of switching to a competitor was designed to be exorbitant.

“If you drink a Coke today, you can drink a Pepsi tomorrow - the cost [of switching] is zero,” Schneier said, adding that by comparison swapping security solutions can be expensive.

Citing a US economist, he said the “net present value of an IT company equals its switching costs”.

He added that the “higher your switching cost is, the less you need to care about customers”.

Tenable Security chief security officer Marcus Ranum said he would love to get rid of his Windows machines but can’t justify replacing about $3000 worth of kit invested in the platform, including 8TB of photos stored on a Windows formatted drive.

He said switching costs will become onerous in cloud computing if customers need to buy additional services and later choose to move to another provider.

“Organisations are doing incredibly dumb things – they are moving all of their stuff out to Amazon and then firing the guy in house who manages the RAID array.”

Meanwhile US Government agencies had lost their most “technically savvy staff” to lucrative contract work.

“The people left in the US Government just know how to run PowerPoint and write proposals for contractors,” Ranum said. “How do you come back from that?”

Ranum takes an all-in approach to cloud computing: Organisations willing to commit can make savings and gain leverage if they outsource sales, human resources and the IT shop.

But those that “think they will continue business using cloud computing as they do it now will find they still have the burden of an IT department – but one that will suck”, he told SC.

Copyright © SC Magazine, Australia


Is security vendor lock-in harming the industry?
Flickr
 
 
 
Top Stories
Meet FABACUS, Westpac's first computer
GE225 operators celebrate gold anniversary.
 
NSW Govt gets ready to throw out the floppy disks
[Opinion] Dominic Perrottet says its time for government to catch up.
 
iiNet facing new copyright battle with Hollywood
Fighting to protect customer details.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest Comments
Polls
In which area is your IT shop hiring the most staff?




   |   View results
IT security and risk
  26%
 
Sourcing and strategy
  12%
 
IT infrastructure (servers, storage, networking)
  22%
 
End user computing (desktops, mobiles, apps)
  15%
 
Software development
  26%
TOTAL VOTES: 333

Vote
Would your InfoSec team be prepared to share threat data with the Australian Government?

   |   View results
Yes
  57%
 
No
  43%
TOTAL VOTES: 138

Vote