Connect with us

Hi, what are you looking for?


Management & Strategy

What Romeo and Juliet Can Teach Us About Security Market Confusion

Recently, I was reminded of the well known quote from William Shakespeare’s play “Romeo and Juliet”: “A rose by any other name would smell as sweet”.  What exactly was I doing that reminded me of this quote?  I was reviewing the different markets in the security space. How exactly does this bring this famous quote from “Romeo and Juliet” to mind?  Allow me to elaborate.

Recently, I was reminded of the well known quote from William Shakespeare’s play “Romeo and Juliet”: “A rose by any other name would smell as sweet”.  What exactly was I doing that reminded me of this quote?  I was reviewing the different markets in the security space. How exactly does this bring this famous quote from “Romeo and Juliet” to mind?  Allow me to elaborate.

After reviewing the different security markets, there were four main observations that I made:

Number of Markets:  I knew there were a lot of markets.  But I didn’t understand the magnitude of the chaos until I took the time to comb through it all in detail.  Independent of the various different players, just the sheer number of security markets alone is staggering.

Overlap and Redundancy: You can’t really appreciate how much confusion and overlap there is between security markets until you take the time to review them thoroughly.  In many instances, the line between two or more markets is blurring, or even disappearing entirely.  Additionally, the number of products that claim to play in three, four, or even more markets is eye opening.

Name Game: In some instances, products are simply named after the market they most closely align with at the moment they are released..  That is all well and good, but as markets merge, blend, or otherwise move around, this just adds to the confusion.  Additionally, in some markets, there may be 10 or more vendors with the exact same product name.

Copy Room: Nearly every vendor uses just about the same marketing and messaging, right down to the buzz words.  On the vendor side, it has become nearly impossible to differentiate and stand out from the crowd.  On the customer side, it has become nearly impossible to understand which solution or solutions may be the best fit for the organization and its specific needs.

The above observations certainly complicate the vendor-customer relationship enough.  But there is another acute issue that I have observed repeatedly. Vendors and customers are increasingly speaking different languages, and the level of comprehension and understanding between the two sides has been falling for years.  This results in increasing frustration and distrust felt by both sides, but it also winds up leaving many problems unsolved.

Advertisement. Scroll to continue reading.

The language of customers speaks of problems, challenges, and issues.  It focuses on strategic, operational, and tactical goals.  It identifies gaps and sets priorities to fill those gaps.  It orients itself towards obtaining results and measuring success around improving the organization’s security posture.

The language of vendors speaks of products and technology.  It focuses on capabilities and features.  It identifies shortcomings and focuses on beating the competition.  It orients itself towards results and measuring success around revenue and market share.

Of course, each of these languages has its purpose, but there is a disconnect between the two sides that I’ve seen manifest itself over and over again.  There are people who understand how to bridge the disconnect, but they are, unfortunately, relatively few and far between.

To help illustrate this point, allow me to share from some of my experiences.  Over the last few years, I’ve had the opportunity to speak with many different vendors.  I also spent many years on the customer side, which allows me to understand both perspectives.

After I give vendors a few minutes to present themselves and pitch their idea, I typically ask a very simple question: What problem do you solve?  Despite the fact that I am asking a fairly logical question, sometimes I get stunned silence as a response.  Other times, I get a long-winded response rattling off buzzwords, markets, technologies, and features, with no mention of which customer problem is solved and how.  Almost never do I get an answer in the customer’s language.  Often, I find myself quite confused after the initial discussion.  And I’m sure I’m not the only one.

And thus we come back to the famous Shakespeare quote: “A rose by any other name would smell as sweet”.  To understand why this quote is so particularly poignant, let’s take a look at things from both the vendor and the customer perspective.

On the vendor side, each vendor certainly knows where they are stronger and weaker, as well as how they stack up against their competition.  Every vendor spends time creating materials to help its sales and marketing teams differentiate themselves.  What they may not realize, however, is that how they differentiate themselves from the competition is most likely oriented entirely around technology, features, performance, user interface, etc.  Those are all very important things of course, but they don’t help customers understand how a vendor will solve the particular problems they are looking to solve.  In other words, customers ask questions in one language and in response, receive a stream of data in a language they aren’t fluent in.

On the customer side, “a rose by any other name would smell as sweet”.  In other words, for a given problem I am looking to solve, there may be 10, 20, 30, or even 40 vendors that claim to be able to play in that space.  And guess what?  They all use the same buzzwords, push the same marketing materials, and make the same claims.  So at some point, all vendors begin to look like a “Romeo”, whether from the family “Montague” or elsewhere.  The mapping between the customer’s operational needs and the vendor’s solution is essentially non-existent.

So if you were to ask me what excites me now, I would tell you that bridging this language barrier between customers and vendors is a big part of it.  I want to work the problem from both sides.  On one side, helping customers understand where they have gaps and how they can address their challenges.  And on the other side, helping vendors better understand which customer problems they are the best fit for solving.  Thus begins a long journey.

Written By

Joshua Goldfarb (Twitter: @ananalytical) is currently a Fraud Solutions Architect - EMEA and APCJ at F5. Previously, Josh served as VP, CTO - Emerging Technologies at FireEye and as Chief Security Officer for nPulse Technologies until its acquisition by FireEye. Prior to joining nPulse, Josh worked as an independent consultant, applying his analytical methodology to help enterprises build and enhance their network traffic analysis, security operations, and incident response capabilities to improve their information security postures. He has consulted and advised numerous clients in both the public and private sectors at strategic and tactical levels. Earlier in his career, Josh served as the Chief of Analysis for the United States Computer Emergency Readiness Team (US-CERT) where he built from the ground up and subsequently ran the network, endpoint, and malware analysis/forensics capabilities for US-CERT.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join security experts as they discuss ZTNA’s untapped potential to both reduce cyber risk and empower the business.


Join Microsoft and Finite State for a webinar that will introduce a new strategy for securing the software supply chain.


Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

CISO Strategy

SecurityWeek spoke with more than 300 cybersecurity experts to see what is bubbling beneath the surface, and examine how those evolving threats will present...

CISO Conversations

Joanna Burkey, CISO at HP, and Kevin Cross, CISO at Dell, discuss how the role of a CISO is different for a multinational corporation...

CISO Conversations

In this issue of CISO Conversations we talk to two CISOs about solving the CISO/CIO conflict by combining the roles under one person.

CISO Strategy

Security professionals understand the need for resilience in their company’s security posture, but often fail to build their own psychological resilience to stress.

Management & Strategy

SecurityWeek examines how a layoff-induced influx of experienced professionals into the job seeker market is affecting or might affect, the skills gap and recruitment...

Cybersecurity Funding

2022 Cybersecurity Year in Review: Top news headlines and trends that impacted the security ecosystem

Endpoint Security

Today, on January 10, 2023, Windows 7 Extended Security Updates (ESU) and Windows 8.1 have reached their end of support dates.