Home > Jackassery > Say It Ain’t So, Mama! Economic Uncertainty May Lead To Reduced Security Budgets!?

Say It Ain’t So, Mama! Economic Uncertainty May Lead To Reduced Security Budgets!?

In the immortal words of David Byrne:

"Same as it ever was. Same as it ever was."

Look, I love my brother from a different mother, and as entertaining as I find Amrit's latest blog on the end of the world due to the world economic malaise, I can't help but remember the last time this happened at the end of the dot-com bubble. 

You might say that it's never been this bad.  You might be right.  However, we've all weathered storms before and while things certainly change — and not always for the best — security will survive.  It may look a little different, however.  Meh.

As I have both said and experienced previously, situations such as this will deliver new regulations and oversight, more compliance requirements, stretched/reduced budgets and a streamlining in role, process, function and technology.  It's the flatlining function in the pulse before the CPR kicks in.

Amrit's predictions are interesting, but all of these things were happening well BEFORE the financial crisis hit as part of the normal cycle of punctuated equilibrium.  Seriously, we've seen this behavior for the last four years already.*  To paraphrase Amrit's "predictions:"

  • Innovation will come to a grinding halt
  • Coming regulations will add to compliance madness
  • Enterprises will instantiate process/capability maturity and efficiency models
  • Companies will move more functions/services to outsourced partners and grapple with SLA, ownership and portability issues.
  • Vendors will quickly grasp at the latest buzzword in order to maintain relevance such as virtualization, SaaS, Cloud, etc.

So again, which of these weren't already happening?

Times are tough.  So are we. 

See you Monday.


P.S.  Buried in the comments is the most profound point I have to make in response to Amrit:

You know how I know this isn't the end of the [security] world? You [Amrit] and I — people who make a career by squawking on blogs — still have jobs

* To make it clear, because I've obviously done a poor job understanding Amrit's points, I'm not suggesting that the impacts of the last few months aren't taking a toll.  I'm suggesting, however, that the crisis(es) are acting as an accelerant delivering more quickly the outcomes of things already in motion.  Further, as I mentioned in the comments, while innovation is certainly delivered from the tech. startup community, it's also driven from corporations when necessity pushes for innovation and innovative solutions even due to reasons like cost control…

Categories: Jackassery Tags:
  1. October 18th, 2008 at 19:11 | #1

    If anything.. the current economic situation (in my state that is a mouthful) will hopefully kill off the BS vendors and let those that actually have an offering that truly helps solve problems stick around and help pick up the pieces.
    But what do I know?

  2. October 18th, 2008 at 19:17 | #2

    That's really the takeaway of Amrit's post.
    There's 1000+ security vendors. Don't hold your breath.

  3. October 18th, 2008 at 19:58 | #3

    If this only affected companies that had a poor offering that really wouldn't be an issue, but a lot of innovative companies that weren't quite "there" yet will also crumble, and by not quite there it could be everything from poor marketing, to a crazed sales leader, to a distracted management team – a company offering a solution that truly solves problems has only a small part to play in sticking around.
    Large companies don't give a crap about innovation, they just market it without actually doing anything about it.

  4. October 18th, 2008 at 20:10 | #4

    …and? Again, this has been occurring for the last four years (at least.)
    Certainly the prevailing economic conditions make it worse, but it's an amplification effect, not a catalytic one.
    My point: keep the big picture in mind, not just the suck that is now.

  5. October 18th, 2008 at 21:06 | #5

    Your point about keeping the big picture in mind is one that everyone would agree with, but that doesn't make the suck not worth discussing, nor is it advisable to simply brush it off as "yet another, oh here we go again, moment."
    As for your other observations, I think you are wrong. It IS novel from a macro-perspective, very much so, the situation is the very definition of MACRO. As for a catalytic effect, it depends on at which point you draw the point of origin. The point of origin for the current economic condition isn't the last couple of weeks or months, what we are going through right now is the result of what originated years ago. When we started seeing the housing market affected over 3+ years ago there was a decrease in IPO's and more rigorous review of VC funding – was there a direct correlation? maybe not one that was immediately visible at the time, but no doubt with so much of the banking and financial services industry ass-deep in bad mortgages it was a factor.
    When was the last time the credit markets were frozen?
    When was the last time the US proposed $700b in money to rescue the economy, while suggesting that the Treasury Secretary should have complete freedom to use the monies at his discretion without oversight?
    When was the last time several European countries proposed the same thing?
    When was the last time an entire country filed for Bankruptcy?
    When was the last time we experienced the currently volatility of world markets?
    and on and on and on…
    When was the last time all of this happened at the same time?
    Is it the end of the world? of course not, does it spell the demise of the security industry? nope, no one ever said it would, is IT as we know irrevocably damaged? far from it. Will there be a material and significant impact on VC funding, IT budgets, and the credit markets that many rely on? Yes and it will require organizations to pay particular attention to capital management and preservation, over investment and R&D – at least until there are signs that the economic condition is not prolonged. What about that is controversial? And regardless of what you say about the last 4 years, many companies were in full investment and R&D mode.

  6. October 19th, 2008 at 05:21 | #6

    …yup, yup, all scary stuff. All very real. All very true.
    However. I'm not arguing that it's not an incredible turn of events. I'm also not arguing that the socio-economic implications aren't huge.
    What I *am* arguing is that the RESPONSE to this crisis by the companies you describe is predictable (to the points you make above) AND of COURSE companies are going to tighten their belts in times like these.
    So to your last two sentences:
    (1) It's *NOT* controversial, but the way you wrote about it, you described a rational response that you seem on one hand to intimate is world-ending for security and then suggest that it isn't.
    (2) Many companies in the last 4 years were in "…full investment and R&D mode?" Are you referring to vendors or customers (or both.)
    Either way, I'm simply saying that your haunting by the ghosts of 1929, the seventies and the dot-com bubble days sounds like a Little Chicken I know.
    This too, shall pass.
    You know how I know this isn't the end of the world? You and I — people who make a career of squawking on blogs — still have jobs.
    'nuff said.

  7. October 19th, 2008 at 09:52 | #7

    My comments weren't chicken little, they were a little tongue-in-cheek. I never said that the security industry was over, and I certainly never said it was the end of the world. I simply stated that we are in a different time than we have been over the last 4 years and many companies are not going to make it – that is a fact.
    Some numbers for your readers:
    There was over $14b in investment/VC funding across 3800 companies pumped into IT (software, IT services, telecom, networking equipment, etc) in 2007. In the second quarter of 2008 there were 0, yes 0 VC-backed exits. In Q1/08 there were 5 that raised ~$280m. In the 1H/07 there were 43 VC-backed IPOs valued at $6.3b. VC funding was up 12% from 06-07' and has steadily increased since 2002, there was a decline in 2001, but there was investment and innovation over the past 4 years. This all means that the last 4 years has not been marked by stagnation, a halt in innovation or a lack of funding.

  8. Christofer Hoff
    October 19th, 2008 at 10:26 | #8

    So I found the way in which you intertwined the Corporate response with that of the security startup confusing. They are, of course, related but I think I missed some context switch in the argument.
    However, you appear to anchor both the definition and metric for innovation on VC funding alone which is completely bewildering to me. I'll tell you that from an integrator's perspective, the demand for innovation and innovative solutions has never been higher than in the last 3 months!
    Desperate times call for innovative measures, whether that's predicated by financial pressures or not. This is why I have trouble with your combinatorial generalization and declaration of the death of innovation.
    On the Corp. side, we'll see increased innovation as we're forced to do more with less. On the startup side, we'll see (as I agree) some retool, some succeed, some combine and some die.
    However, this is an acceleration of the way of things.

  9. October 19th, 2008 at 11:06 | #9

    It is only one measure that I was using to respond to your claim that this was the sames as it had been for the last 4 years – which is completely ridiculous.

  10. October 19th, 2008 at 12:08 | #10

    Your posts/comments (at least the way I'm reading them) suggest that innovation within corporations is wholly dependent upon tech. startups.
    Again, we've already agreed that within the security/tech. startups community, the economy will drastically affect them. However, to suggest that Corporations can't/won't/aren't interested in "innovation" because your definition is narrow is goofy.
    Certainly the global economy is putting pressure on everyone, but I again maintain that the demand for innovation and innovative solutions to problems are in even higher demand. It just doesn't necessarily mean a new widget.
    Of course the vendor corporate world is interconnected, and the latter often times relies on the former for solutions that are innovative, but your definition (to prove a point) of innovation which implies you can't have innovation without startups is myopic and self-serving.
    Again, even with the unprecedented activities of late, it will get bad and then it will get "good" again.
    Same as it always has. Same as it always will.

  11. October 20th, 2008 at 04:20 | #11

    Actually (read Krugman, Marginal Revolution blog, etc…) these sorts of things happen frequently. It's just that this time, it's not only South America, Africa, Asia, or Europe, it's North America *and* Europe (AUS & NZ being hit b/c of cultural ties).
    That said, it's going to be a recession, and unfortunately, we won't know how nasty until either we're over it (extreme optimist) or deep in it (extreme pessimist).

  12. October 20th, 2008 at 07:57 | #12

    That's like saying that things like hitting head my resulting in a large gaping head wound, catching a cold, breaking my arm, food poisoning, chicken pox, appendicitis, and hair loss happen all the time in a single family home – but all at the same time in the same home?
    It is hard not to read or watch Krugman, he is on TV 24/7. He just commented that "the real economy is still rushing downhill"
    Although we can all agree that markets are cyclical, this situation, as you mention, affects the global economy – not sure what, if any, impact this would have on the IT industry if it was isolated to Africa.

  13. October 20th, 2008 at 09:07 | #13

    I learned during my Gartner days not to try to associate *every* world event with security, especially if I am not an expert on the subject. Remember SARS? A bunch of Gartner analysts jumped all over "How will a pandemic effect your IT operations?" I just did not think it was relevant compared to the real threats out there. And, other than stories from my grandfather who was a family doctor during the great influenza pandemic, I really could not contribute to the discussion.
    Now, while I have been following the markets avidly for 37 years, and I have an uneasy feeling about the global economy I really can't contribute any prognostications on the topic. The only observation I can make is that the threats are blind to the economy and the need for countering them will not diminish.
    One of your best posts ever Chris. Short and to the point! 🙂

  14. janeen c
    October 20th, 2008 at 09:21 | #14

    wow…fantastic discussion. amrit i completely agree. i'm part of a group that follows exactly that and we definitely tie investment by VCs in this sector with the likelihood of seeing innovative ideas make it to market. check out there is a discussion right now about even what the size of the market actually is.. .www.GlobalSecurityChallenge.com.

  1. No trackbacks yet.