Deducing Poe's RSA MysteryBy Lawrence Walsh | Posted 2009-04-20 Email Print
Edgar Allen Poe was a master of deception and deduction, and provides the perfect parable for this year's RSA security conference. Solution providers should embrace the mystery and solve Poe's RSA puzzle.
Edgar Allen Poe, the first American master of the macabre, provides the theme of this year’s RSA Conference—the largest gathering of security vendors, resellers and professionals—which opens today in San Francisco.
What does a writer who plied stories about ghouls and madness have to do with security? His classic poem "The Raven" is hardly a parable for computer threats or network security (although you could make the case that it may reflect the madness and futility often felt by security professionals).
Poe is the perfect icon for information security, since he had a gift for obscurity and an uncanny ability to perfectly piece together tiles to a puzzle long before Sir Arthur Conan Doyle conjured Sherlock Holmes. Simply put, he was a master of both deception and deduction.
While my personal Poe favorite is "The Cast of the Amontillado," his "The Purloined Letter" is a more apt story for the RSA Conference. Not to ruin the story, "The Purloined Letter" has a wonderful subtext about not looking too closely for clues for fear of missing the big picture. I say this is a more apt reflection of security because the RSA Conference is replete with vendors hocking wares that are often smaller details in the fabric of security.
At last year’s RSA Conference, people wandering in and around the Moscone Center asked what I thought was hot and what the buzz was. There was a painfully obvious attempt to generate buzz around data loss prevention and the then-contrived term "governance and regulatory compliance," or GRC. As I walked the cavernous exhibit floor, I was struck by the number of companies that had singular purposes, the number of small vendors that I had seen at my first RSA Conference in 2001, and the number of companies that had features but no real product.
From a financial analyst and venture capitalist perspective, the RSA Conference was dominated by small companies that seemed desperate for an acquisition parent. From an end-user—particularly enterprise—perspective, the exhibit floor was full of vendors that had some interesting capabilities but represented risk, high integration costs and low long-term ROI.
But from a solution provider perspective, the RSA Conference is "The Purloined Letter." I suspect that this year’s conference will be no different from last year’s, and there will be numerous vendors that have offerings that are more like features than products. That’s not good news for enterprise customers, but it’s wonderful news for security integrators and solution providers. By piecing together these disparate pieces of technology and features, solution providers can leverage the best of small vendors’ innovation to create holistic solutions that provide real value to end users.
Solution providers should take a hard look at the technologies being showcased at RSA this year. While there’s always talk about consolidation in the security industry and melding of security technologies, that process often takes years to accomplish and then years more to see a meaningful product emerge. Solution providers should look for innovative, standards-based technologies to use as building blocks to unique, custom and holistic products under their brand.
Of course, dealing with smaller security vendors comes at a risk. The RSA Conference is a feeding pool for large vendors looking to expand their portfolios. Solution providers may prefer working with a smaller vendor to avoid over-distribution of product or swimming in an overcrowded channel. However, if the vendor’s technology is really good, they may eagerly sell to a large vendor and defeat the utility of their product as a building block.
If you take a step back and look at the RSA Conference much the way the detective in "The Purloined Letter" looked at the puzzle before him, you’ll see that wondrous breadth of technologies and innovations in the security industry. The RSA Conference is a chance to create and solve a puzzle that resolves to a picture of value. That’s the opportunity for solution providers.
Lawrence M. Walsh is vice president and group publisher of Channel Insider.