Report Card: 2006 "Predications"

One of the things I didn’t talk too much about throughout 2006 was my predictions, which I believed were things that would absolutely happen in 2006. Why? They sucked. Pure and simple, my predictions were terrible. If I was picking stocks, you should have shorted pretty much all of them. Maybe even bought put options and you would have cleaned up.

And anyone out there that thinks I was too easy in grading myself for the 2006 Incites (and I know you're out there) - fahgeddaboutit! There is no breathing my own exhaust here, as pleasant as that is.

So I’m getting out of the predictions game. It annoys the hell out of my wife, but I tend not to play games I don’t have a decent chance of winning. Yes, I hate losing that much. But I also don’t run away when I am wrong. I hope you enjoy it as I take my harsh medicine. Kind of tastes like hemlock. Yummy.

2006 Predictions

1. M&A continues, with small deals to acquire innovative technology being most prevalent. No blockbuster security deals (> $500 million) will happen in 2006.
   
   GRADE: F (maybe a triple F, if that’s possible)
   
   EMC/RSA - $2.1 BILLION. IBM/ISS - $1.4 BILLION. Need I say more?
   
   
2. Vendors relying on licensing OEM technology find a world of hurt, as important intellectual property is acquired and licensing terms become increasingly unattractive. The UTM blade architecture makes intellectual property valuable real estate and those with strong IP positions see higher value exits.
   
   GRADE: D
   
   Not too good on this one either. Seems that Crossbeam and IronPort did OK in 2006 and lots of service providers (especially in the anti-spam space) don’t seem to have problems relying on OEM technology. IronPort did roll out their own anti-spam technology, but they license lots of other stuff.
   
   
3. Microsoft has limited positive impact on security in 2006 (despite the introduction of OneCare), but the AV market is living on borrowed time. Integrated security and endpoint presence for enforcement provides a visible hook for MSFT to catch up to Google.
   
   GRADE: C
   
   Microsoft did bring OneCare to market and their rebranded Forefront offerings are in beta. Are Symantec and McAfee taking on water yet? Nope. But it’s clear that stand-alone AV is dead and all of these desktop offerings are evolving into more endpoint security oriented suites. In terms of the Google hook, what the hell was I thinking? Microsoft continues to chase Google, but security isn’t the way they plan to catch up.
   
   
4. Increasingly bigger VARs start flexing their muscles and make or break a number of vendors in 2006. Those “made” vendors get big M&A outcomes in 2006.
   
   GRADE: F
   
   There was a decent amount of consolidation in the VAR community (FishNet bought SiegeWorks and True North), but it would be a stretch to think that these folks had any influence on making or breaking vendors. Clearly many of the new security start-ups are going 100% channel by design as the introduce their first product, but it’s more to eliminate the pain of transitioning later rather than trying to get a big VAR to make their business.
   
   
5. Continued vulnerabilities in AV and spyware products attract the attention of tort lawyers who target AV companies after the resurgence of a well-known attack renders most SMBs defenseless. Larger enterprises with multiple layers of defense escape unharmed and point to the criticality of a layered defense strategy.
   
   GRADE: F
   
   This didn’t happen, though there were plenty of problems with AV software. I guess the tort lawyers were too busy suing high tech companies over stock option grants. That being said, this is still a big exposure and it’s just a matter of time before we see this actually happen.
   
   
6. Open source security stumbles in 2006, and the changing business models and decreasing effectiveness of Nessus, Snort, and MailAssassin are not well received. Service providers make significant investments to drive a future renaissance in open source UTM software, SIM, web filtering and encryption to dramatically reduce their cost to deliver MSS offerings.
   
   GRADE: D
   
   This one is tough because there are folks that are questioning the value of open source in security circles. But this happened more from the standpoint of open source applications (like PHP), which was plagued with vulnerabilities and no one to fix them. Nessus and Snort remain “good enough” for the technical users.
   
   Another thing we didn’t see much of was the service providers doing much of anything relative to security, except maybe buy something. Again, I do think this is something that will happen – but it’s a fools errand to try to pinpoint when.

So there you have it. I guess I'm much better at picking apart other folks predictions than doing my own. But we'll see if I fare better with my 2007 Incite (appearing January 10).