Security Experts:

What Romeo and Juliet Can Teach Us About Security Market Confusion

Recently, I was reminded of the well known quote from William Shakespeare’s play “Romeo and Juliet”: "A rose by any other name would smell as sweet".  What exactly was I doing that reminded me of this quote?  I was reviewing the different markets in the security space. How exactly does this bring this famous quote from “Romeo and Juliet” to mind?  Allow me to elaborate.

After reviewing the different security markets, there were four main observations that I made:

Number of Markets:  I knew there were a lot of markets.  But I didn’t understand the magnitude of the chaos until I took the time to comb through it all in detail.  Independent of the various different players, just the sheer number of security markets alone is staggering.

Overlap and Redundancy: You can’t really appreciate how much confusion and overlap there is between security markets until you take the time to review them thoroughly.  In many instances, the line between two or more markets is blurring, or even disappearing entirely.  Additionally, the number of products that claim to play in three, four, or even more markets is eye opening.

Name Game: In some instances, products are simply named after the market they most closely align with at the moment they are released..  That is all well and good, but as markets merge, blend, or otherwise move around, this just adds to the confusion.  Additionally, in some markets, there may be 10 or more vendors with the exact same product name.

Copy Room: Nearly every vendor uses just about the same marketing and messaging, right down to the buzz words.  On the vendor side, it has become nearly impossible to differentiate and stand out from the crowd.  On the customer side, it has become nearly impossible to understand which solution or solutions may be the best fit for the organization and its specific needs.

The above observations certainly complicate the vendor-customer relationship enough.  But there is another acute issue that I have observed repeatedly. Vendors and customers are increasingly speaking different languages, and the level of comprehension and understanding between the two sides has been falling for years.  This results in increasing frustration and distrust felt by both sides, but it also winds up leaving many problems unsolved.

The language of customers speaks of problems, challenges, and issues.  It focuses on strategic, operational, and tactical goals.  It identifies gaps and sets priorities to fill those gaps.  It orients itself towards obtaining results and measuring success around improving the organization’s security posture.

The language of vendors speaks of products and technology.  It focuses on capabilities and features.  It identifies shortcomings and focuses on beating the competition.  It orients itself towards results and measuring success around revenue and market share.

Of course, each of these languages has its purpose, but there is a disconnect between the two sides that I’ve seen manifest itself over and over again.  There are people who understand how to bridge the disconnect, but they are, unfortunately, relatively few and far between.

To help illustrate this point, allow me to share from some of my experiences.  Over the last few years, I’ve had the opportunity to speak with many different vendors.  I also spent many years on the customer side, which allows me to understand both perspectives.

After I give vendors a few minutes to present themselves and pitch their idea, I typically ask a very simple question: What problem do you solve?  Despite the fact that I am asking a fairly logical question, sometimes I get stunned silence as a response.  Other times, I get a long-winded response rattling off buzzwords, markets, technologies, and features, with no mention of which customer problem is solved and how.  Almost never do I get an answer in the customer’s language.  Often, I find myself quite confused after the initial discussion.  And I’m sure I’m not the only one.

And thus we come back to the famous Shakespeare quote: "A rose by any other name would smell as sweet".  To understand why this quote is so particularly poignant, let’s take a look at things from both the vendor and the customer perspective.

On the vendor side, each vendor certainly knows where they are stronger and weaker, as well as how they stack up against their competition.  Every vendor spends time creating materials to help its sales and marketing teams differentiate themselves.  What they may not realize, however, is that how they differentiate themselves from the competition is most likely oriented entirely around technology, features, performance, user interface, etc.  Those are all very important things of course, but they don’t help customers understand how a vendor will solve the particular problems they are looking to solve.  In other words, customers ask questions in one language and in response, receive a stream of data in a language they aren’t fluent in.

On the customer side, “a rose by any other name would smell as sweet”.  In other words, for a given problem I am looking to solve, there may be 10, 20, 30, or even 40 vendors that claim to be able to play in that space.  And guess what?  They all use the same buzzwords, push the same marketing materials, and make the same claims.  So at some point, all vendors begin to look like a “Romeo”, whether from the family “Montague” or elsewhere.  The mapping between the customer’s operational needs and the vendor’s solution is essentially non-existent.

So if you were to ask me what excites me now, I would tell you that bridging this language barrier between customers and vendors is a big part of it.  I want to work the problem from both sides.  On one side, helping customers understand where they have gaps and how they can address their challenges.  And on the other side, helping vendors better understand which customer problems they are the best fit for solving.  Thus begins a long journey.

view counter
Joshua Goldfarb (Twitter: @ananalytical) is an experienced information security leader with broad experience building and running Security Operations Centers (SOCs). Josh is currently Co-Founder and Chief Product Officer at IDRRA. Prior to joining IDRRA, Josh served as VP, CTO - Emerging Technologies at FireEye and as Chief Security Officer for nPulse Technologies until its acquisition by FireEye. Prior to joining nPulse, Josh worked as an independent consultant, applying his analytical methodology to help enterprises build and enhance their network traffic analysis, security operations, and incident response capabilities to improve their information security postures. He has consulted and advised numerous clients in both the public and private sectors at strategic and tactical levels. Earlier in his career, Josh served as the Chief of Analysis for the United States Computer Emergency Readiness Team (US-CERT) where he built from the ground up and subsequently ran the network, endpoint, and malware analysis/forensics capabilities for US-CERT.