Monday, 23 April 2007

The 4-year Itch

InfoSec tomorrow, and I have to admit to a slight feeling of excitement. Maybe it's because I haven't been to one for a couple of years, maybe it's because I'm on one of the bigger stands this year, or maybe it's because I've got a lot of talking to do.

I'm fascinated to hear what all the buzz will be about this year, because as far as I'm concerned, the security industry in the UK has got a bit lost recently. When I was in distribution there was little interest in any of the really important security breakthroughs, but the load balancers and SEM/SIEMs were flying off the shelves. NAC was also just getting popular. Anyone in the US reading this will be scratching their heads now - I will repeat one of my many moans here - the UK is consistently around 4 years behind the US in terms of security, more in some areas.

I worked in encryption, with Ingrian for a few years, and for Vormetric for a year in the UK. There was a limited market for it, hence my move to distribution. There I again worked with Ingrian, and am delighted to report some uptake at last, but not without work. In the US, both of these companies are doing great things, and deservedly so. Vormetric in particular is an astoundingly good piece of technology which deserves to be much more widely used than it is. Maybe in 4 years time we will see a large take up in the UK?

Curiously enough some things seem to be working in parallel. There is a big buzz around UTM, but I don't think anyone really understands it, they just see it as a way to cut costs. And there's the rub. The difference in the 2 markets is that in the US they will install "belt and braces" security before the horse bolts bceause they will get sued if they don't and because they can. In the UK, we wait until it's well and truly broken, if we can't fix it for free, we try to do it on the cheap. And what's the average lifecycle of a piece of technology before it is superceded or needs a complete upgrade...? Around 4 years.

No comments: