WASHINGTON, D.C. -- It’s time organizations consider switching from best of breed to “best of need” products when it comes
to security, as vendors realize their offerings are becoming commoditized and start pricing them accordingly.
Such was the assessment of Neil MacDonald, vice president and distinguished analyst with Gartner, who spoke at the opening
panel of the Gartner’s IT Security Summit here Monday. The summit, which is becoming known as a platform for Gartner analysts
to make bold proclamations about the security industry, attracted 2,000 IT professionals and over 100 exhibiting vendors.
“It’s time the security industry grew up and acted like the rest of the information technology industry,” MacDonald told the
audience. For example, if he buys a laptop for $1,500 this year and does the same next year, he expects to get more for the
same amount of money, thanks to Moore’s Law that says computing power doubles every 18 months even as costs decline. However,
an antivirus vendor will sell the same product year over year, but expect customers to pay more. “The security industry shouldn’t
be immune from Moore’s Law,” MacDonald says.
Often an emerging security threat, phishing for example, will grab headlines and create some panic, resulting in a new breed
of offerings to protect companies. But that won’t necessarily be the case going forward, as vendors realize they can leverage
much of their existing threat-protection technology to ward off new concerns. By 2010, Gartner predicts that only 10 % of
emerging security threats will require deployment of tactical, best of breed offerings, down drastically from the 80% of threats
that required such products in 2005, MacDonald says.
