Who is Innovating the Innovators?
[I’d like to welcome Liz Safran as my first guest author here on SecurityDreamer]
Tech is booming again, or so the experts say. In December 2006, Dow Jones VentureOne and Ernst & Young reported that venture capital investors were on track to invest more than $32 billion in 2006 — the most VC capital invested since 2001.
Despite the overall increase in spending, investments in information security have actually gone down. After reading several VC blogs that explore the subject, my take away was they didn’t find it is that all that exciting or profitable to invest in a company where the end result is to add a one-off point product to some large vendor’s suite.
But I think there are also some cultural issues at play. The start-up scene (especially in Silicon Valley) is extremely interconnected. When you whittle it down to information security start-ups, everyone is (pretty much) one degree of separation apart – which can be both a good thing and a bad thing.
On the pro side, if you’re part of a company that had a successful exit, you often find opportunities to work with people you like, trust, and have had prior success with. On the con side, too much time is spent on repeating exactly what worked last time – which can lead to tunnel vision and missed opportunities.
The lack of IT security start-up interest in physical and IT security convergence is a perfect case in point. Despite any claims of working towards an IPO, the trend with security start-ups has been to build a sustainable business and, as soon as possible, sell the company to a big name tech company.
Even though they know convergence is happening, can’t see beyond the typical VC flip model. The IT security startups in the access management space (which is hot right now thanks to a few recent regulations) are so busy competing against or trying to hop into bed with their 800 lb. counterparts that they are missing the gravy train.
Note the irony here – the very folks who are selling innovation to the status quo are missing the opportunity to practice what they preach and innovate themselves. What’s even more ironic is that the big guys get convergence, and have hopped on the bandwagon – big time.
Take Cisco for example.
With its acquisition of SyPixx Networks in March 2006, Cisco placed its bet on video surveillance as the banner app to drive converged systems and has a decent amount of easy-to-find content on its site to support its growing IP video surveillance product and services portfolio.
With walls (that need to be watched by numerous people in numerous places from numerous devices) going up in Mexico and Israel, not to mention all the new services that can be built on top of watching people do just about everything, it doesn’t take a rocket scientist to see why Cisco’s all over convergence. And the big software guys are right behind them…
As far as the start-ups are concerned, talk about looking a gift horse in the mouth – there’s going to be a lot of folks kicking themselves in the Valley over the next couple of years…
Analysts, like 4A, predict that in 2007 the Physical Security & IT Convergence market will command global revenues of over $6 billion and by exceed $22 billion by 2010. It will unfold around two mature applications — identity management and event management – and addresses clear, well documented set of business pains, the main one being that physical security technology is archaic and does not sufficiently meet customer needs.
So why aren’t valley start-ups culling what appears to be a lucrative, untapped market? Some say timing. No one seems to be disagreeing that convergence will and should happen, but some – including a well known investment banker focused on IT security that I had a drink with on Friday, seem to think it’s still a few years out.
I think it’s happening now, or at least could be happening now if more start-ups would make due diligence on the convergence market a priority. Of course they can leave that to bigger companies that might buy them eventually anyway, but in doing that they could lose out on high multiples, the opportunity to lock in long term, strategic relationships, and the host of other business advantages that come with being at the right place just before the right time hits.
If the start-up wonks would only pull their heads out of the sand long enough to drink some of their own Kool-Aid. Hell, I’d join ‘em….
Liz Safran is a PR consultant that specializes in working with Information Security start-ups. she can be reached at email@example.com