Internet security companies are the Jiffy Lubes of the auto industry, they require constant innovation to keep up with the changing product stack they attempt to optimize, but not own. Some companies achieve innovation through non-organic growth (Symantec), others build a set of urgently needed technologies that becomes bigger as customer requirements grow (Trend Micro, McAfee). But keeping up is a challenge, and I expect security companies and the stack owners to aggressively pursue acquisition strategies to round out and secure their own future. Stack owners (Microsoft, Oracle, IBM, Cisco) will become fierce competitors to security companies, if partnerships are not appropriate. Today's Security leaders need to change and look into new business strategies.

Looking at the security marketplace from a fresh perspective, I give the current marketplace a 1.2 grade on the following evolution scale.

Security 1.0: the internet is not secure by any stretch of the imagination, but neither is the conventional world. So, get over it. Security is also not an absolute science. Spam, Viruses, Exploits, Worms, Cross-site scripting etc. deliver a vast amount of opportunities to security companies that provide band-aids to the multitude and severity of security gaps. 83 Enterprise AntiSpam companies battle it out every day. Leaving it up to customers filled with fear, uncertainty and doubt to wade through a plethora of point products to select which one is best, and when. It's a jungle out there.

Security 2.0: a secure enterprise, shielded from some of the garbage on the internet, needs protection in the same way you secure your house. Depending on personal preferences that define the vigor and quality of security, securing the doors without securing the windows doesn't make a whole lot of sense. Security is really a risk management issue, a delicate balance in which no single piece of security, data type or communication channel prevails; the equilibrium of security techniques (AntiSpam, AntiVirus, AntiSpyware, Web Application Security etc.) needs to provides sufficient shelter and trust. Leading security companies need to move towards marketing that equilibrium and scope.

Security 3.0: while internal threats are becoming a force to be reckoned with, many security companies are developing a Security 2.0 strategy that incorporates content compliance and other technologies to protect company assets against the employees themselves. I believe security companies should focus on aggressively protecting against outside threats, yet stimulate and enable the internal exchange of information. Content compliance should be checked but not enforced. The integrity of your business lies in the hearts and minds of people, not technology. Moving on, Security 3.0 is a platform strategy consisting of a framework in which a multitude of vendors can provide plugins that separate threat detection from distribution. It will be a free-market in which the best technology will plug into a framework that allows this technology to be used on any type of information, in motion or at rest. I believe many stack owners and security behemoths will play a pivotal role in defining the key components of this security platform and new security specialists will define the new, and highly specialized, security threat detection capabilities.

Bottom line: plenty of acquisition opportunities continue to exist for emerging security companies as the incumbents and stack owners battle to own a large part of the security framework that is essential to instill trust with customers.

The size of after-market providers like Jiffy-Lube, AutoZone is larger than the market size of the car manufacturers, proving that after-markets will exist for quite some time. Security is still the after-market of the technology industry and I see no vendor changing that paradigm significantly today. New security vendors will continue to reap rewards and the incumbents will slowly move towards owning something they've never had, a technology (or platform) stack.

Tags: Security, Spam, Exploits, Jiffy-Lube, AutoZone

Tags: Apple, Photography, Intel

Apple's latest Aperture software personifies how the technology industry fuels its own growth by creating new software that drives new incremental hardware requirements. Managing an increasing library of 16,000 photographs is what I do when I am not working or playing with my family. And when Apple's Aperture came out late last year, I jumped on the promise to manage those assets (or liabilities in some cases) more effectively. While I had the bottom-of-the-barrel of Aperture's hardware requirements, a not so shabby 1.5Ghz Powerbook, the expansion with 2Gbytes of memory and a 160Gbytes replacement hard-disk seemed a foregone conclusion. But not so fast, Aperture's performance that is. Even this configuration leaves you yearning for a large flat-panel, so the windows and photographs can be displayed in sizable fashion and with the clarity they deserve. An Intel Dual-Core wouldn't hurt either.

The bottom-line is, a two year old, top-of-the-line Powerbook is suddenly on its last leg. I can only wonder what upcoming updates of Microsoft Office, Adobe CS3, Dreamweaver and others will do to my geriatric Powerbook. Desktop software is still an important catalyst, fueling new hardware replacements in a slowing PC market. Software and services will live alongside each other for quite some time, in the interest of PC manufacturers and admittedly, end-users.

Tips for Aperture enthusiasts:
Two tips that will smooth a transition and took me two months to figure out: 1/ Remove all videos from the iPhoto library, Aperture will abort, in my case after 14 hours, if you don't. 2/ De-fragment your hard-drive after a successful import, or simply copy the main Aperture library to a backup disk, remove the original and copy it back. The Aperture import process fragments the library dramatically; I ended up with a Library of over 6,000 file fragments, absolutely killing performance.

Tags: Blackberry, Design, Microsoft, Apple

Recently I was asked to think about how to improve the phone features and functionality in an ever commoditizing "Terminal market" (an Ericsson acronym). There is a lot at stake here; lots of people buying phones, 2.2B of them to be exact, not enough of them buying the associated internet service.

Improve the specs and make it look good is the easy answer to that question. That is, if you are building a phone not a PDA. In a PDA you can pull technology, services and memory into a bulky enclosure and rely on nerdocrats to buy them; not a large market. So how do you build a phone that is just as smart and fits in the enclosure of a RAZR? Or smaller? Research shows that people buy cool looking phones, rather than bulky ones stuffed with functionality.

The answer in my view is services. Just as the power of the iPod stems from the iTunes library on your desktop connected to the iTunes store, phones should become re-play devices to services provided on the backend. The phone should be an iPod geared towards managing and replaying service data; contacts, calendar items, music, news are pushed out to it automatically, pictures are taken, stored and uploaded automatically to your section of the "store", ready to be shared and, yes, sold. Enabling free market principles to the content distributed by these services, completes the value chain and drives growth of the platform, regardless of phone.

Phone manufacturers need to learn how to build a value chain, not just a phone. Business innovation is just getting started.

Tags: Ericsson, Motorola, ITunes, IPod, Innovation