The group, which started off with a crowd of mainly British security types pondering the future of information security, has managed to grow into an influential body with lots of international members and a good chance of carrying some clout with the vendors.
As the group prepares to open its doors to vendors – having confined membership until now to user organisations – it has established a position of strength that will enable it to steer the development of new products to its wishes.
Underlying the Jericho project is the idea of 'de-perimeterisation' – the idea that security has to be applied differently in a connected world. It is a concept that has taken some time to find acceptance, especially from some vendors who felt threatened by it.
De-perimeterisation was probably a misnomer, in the short term at least, because no-one seriously advocates the immediate dismantlement of the outside perimeter. It is more a question of building more layers of security – which is all good news for vendors.
The price they will have to pay for the extra business, however, is the adoption of open standards that will allow purchasers to mix and match system components.
And with a good scattering of members in the US and elsewhere in the world, the group seems to have grabbed the attention of big suppliers. It should make good sense for everyone. The purchasers explain what they need, the suppliers supply, and the purchasers buy. QED.
My reference to the flag stems from relief rather than jingoism. I've seen so many well-meaning but quixotic British groups of IT boffins come up with clever ideas over the years that I hardly dared believe Jericho stood a chance. It is probably still too early to cry victory, but the Jericho founders have succeeded so far because they grasped the need to get the message out, in the US especially, and to win American friends to the cause early on.
If they can pull it off, it will build on some other good work that started off the UK, such as the BS7799 security standard, which appears finally to winning friends and influencing people on the international stage under the guise of ISO17799.
One other innovation is worthy of mention – the still embryonic Institute for Information Security Professionals. This also springs from a group of committed UK security practitioners, and is chaired by Professor Fred Piper, who pioneered information security teaching at Royal Holloway College. It aims to put information security on a par with established professions such as the law and medicine. Let's hope they follow Jericho's lead and take an international view.
Ron Condon is editor-in-chief of SC Magazine