RSA chief: Stand-alone security vendors nearing extinction
The value of such security vendors is 'over,' says Art Coviello
Computerworld - SAN FRANCISCO -- Stand-alone security vendors are going the way of dinosaurs.
That was the assessment offered today by Art Coviello, president of RSA Security Inc., at the company's annual security conference, which is being held here this week. RSA is EMC Corp.'s security division.
Delivering a keynote address this morning, Coviello said the trend by vendors such as Microsoft Corp., Oracle Corp., Cisco Systems Inc. and EMC to integrate security functions into their core technologies is diminishing the need for add-on products from pure-play security vendors. RSA itself was one such stand-alone vendor until it was acquired by EMC last year.
"Our industry is ripe for a transformation" Coveillo said. "The transformation I am talking about will bring an end to the stand-alone security industry within two to three years." With the exception of two or three vendors, the value of stand-alone security vendor is "over," he added.
Factors driving the trend include the continually changing nature of threats and regulations that require companies to demonstrate better controls and hold them accountable for data losses, he said. "The reality is that we have not implemented information security at all," Coviello said. "We focused on the perimeter around the information but rarely protected the information itself."
In the near future, companies will need to implement more "information-centric" security models focused on mitigating business risk and financial losses rather than on "perfect security," he said.
"The pursuit of 'perfect security' is a waste of time and resources," Coviello contended. "I am not advocating products with holes. What I am saying is that the digital world brings with it inherent risks. We need security that aligns with the value of the information we need to protect."
Such a transformation won't happen if we continue using security products that are bolted on top of the infrastructure, he said. Instead, "integrating security into products and making them more secure is becoming the norm for IT infrastructure vendors," Coviello said. "The pace is only going to accelerate" in the next few years.
Coviello's comments came even as the number of stand-alone security vendors exhibiting products at the RSA conference crossed the 300 mark this year -- 100 more than in 2006. A "vast majority" of the companies, however, are "information infrastructure companies" -- not pure play security vendors, Coviello said.
"You will see fewer and fewer stand-alone vendors," in the future, he said. "If I am proven wrong in the timing, I will not be proven wrong in the need for security to be woven into the fabric of the network," he said.
Scott Crawford, an analyst at Boulder, Colo.-based Enterprise Management Associates, said it remains to be seen how extensive any industry consolidation could be over the next few years. But it does seem unlikely that the security industry will see many large pure-play security vendors in the future.
Read more about Security in Computerworld's Security Topic Center.
- Silicon Valley's 19 Coolest Places to Work
- Is Windows 8 Development Worth the Trouble?
- 8 Books Every IT Leader Should Read This Year
- 10 Hot Hadoop Startups to Watch
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- Audit Ready and Asset Optimized: The Solid Promise of an Intelligent Software Asset Management Solution In this paper Frost & Sullivan examines the benefits of enterprise-grade Software Asset Management solutions, and how these solutions serve as the convergence...
- Pragmatic Endpoint Management: Empowering an SMB Workforce in the Age of Mobility Lacking the time for proper training and education, SMB administrators often resort to taking shortcuts to keep their environment running.This paper discusses the...
- Infographic: Converged Infrastructure Benefits This Infographic quantifies the savings organizations are realizing from increased deployment speed, higher availability, and lower annual costs.
- CIOs Deliver Productivity Breakthroughs with Intelligent Digital Signage Retailers have long recognized the influence that digital signage provides over a shopper's point-of-purchase decision making process.
- Top 4 Digital Signage Fails Join RMG Networks for a look at four of the most common reasons digital signage fails in corporate businesses. Learn about strategies to...
- Building Tomorrow's Infrastructure Listen to this podcast to discover how Crider Foods worked with PC Connection to update their IT infrastructure, while maintaining compliance and control. All Endpoint Security White Papers | Webcasts