The End Of The Security Industry Not So Unrealistic
from the gone-tomorrow dept
Last week, security expert Bruce Schneier caused a bit of a stir when he said that there shouldn’t be a security industry. While his comment engendered a lot of debate, it really wasn’t a particularly radical statement. As he’s made clear in his latest Wired column, all he meant was that IT vendors should be building security directly into their products, rather than requiring customers to purchase security products and services separately. However, even this isn’t a particularly strong stance, because it reflects what is already happening in the industry. Microsoft has received a lot of attention for its aggressive security push, while companies like Cisco, IBM and EMC have made a number of security-related purchases. Few expect this trend to abate, as many see a dour future for standalone security firms. Still, there will always be a need for specialized work in areas like malware and intrusion detection, so it’s not clear that the tangible effects of this shift will be that significant.