All security innovations come from startups
By Martin Roesch
Back in person at the RSA Conference earlier this month, I was reminded of a great addition introduced a few years ago to shine a spotlight on startups: the Early Stage Expo. The conference organizers call it a “Space for Innovation” and this year 35 companies attended.
The Early Stage Expo highlights the fact that innovation in the security industry comes from startups, and for good reason. In the life of a startup, the focus is on product creation and innovation to the exclusion of everything else, and if the product ends up being world-class, you will be acquired or made public. People are passionate about technology and how it can change the world and they want to be part of that change again and again.
Innovation at the service of commercial efficiency
In contrast, large, decades-old corporations are locked into a model focused on maximizing business efficiency, and they have many smart business people dedicated to this mission. Their solution portfolios consist of products from all of the startups they’ve acquired, and they focus their resources on trying to glue those teams and those products together. As a result, their security offerings generally sound like “20 startups in a trench coat”. They are not driven to innovate unless there is a forcing function to make it happen, such as competitive pressures or new customer demands. In this case, they usually find it more efficient to buy another startup.
Eventually, they end up with a collection of different products in their security group, all with different user interfaces and management platforms built by the startup teams they acquired, different backend architectures and front-end architectures, and little or no synergies between them. . Although interoperability and integration has gotten a little easier now that we’re in the age of the API, it’s not without its challenges. And once they get over that hump, there remains the problem of creating a seamless user experience. A security operator’s day-to-day experience is the management platform, not the security appliance or sensor infrastructure, and management platform interoperability is notoriously difficult. Creating a large-scale, integrated, and extensible platform to provide visibility and control over interdependent and disparate solutions remains a huge problem, and the acquisition-driven business model does not lend itself to cracking that nut.
Deep and disruptive innovation is very rarely possible from these large integrated organizations, because even when they acquire modern businesses and technologies, they continue to devote most of their resources to their aging approaches, such as architectures based on devices and relying on deep packet inspection (DPI) because they always drive revenue. It is therefore difficult to allocate more resources to new projects for continuous innovation. Over time, they find themselves in a maintenance cycle and the concepts around driving innovative product improvements that don’t necessarily result in an immediate and tangible drop in business efficiency. Mainly focused on how the world has worked for years, big companies inevitably end up chasing the markets.
Where Bold Thinking Happens
For these reasons, the bold ideas and innovations that will change the face of the industry will continue to come from startups. We embrace this at Netography, and it’s reflected in what we’re doing by recognizing the global enterprise transition to the atomized network and dedicating ourselves to securing this environment where applications and data are scattered across a complex environment of multi-cloud, on-premises and existing infrastructure, accessed by increasingly mobile and remote workers. It’s a radical departure from traditional enterprise networks that have exposed gaps in security architectures and offerings and added layers of complexity.
When you have a highly distributed network with no defined perimeter, appliance-based architectures are a dead end. Zero Trust and the ubiquitous use of encryption from increasingly indiscriminate DPI approaches. And secure multi-cloud environments with a patchwork of tools that providing disparate levels of visibility and control in specific cloud environments introduces scalability, cost, and manageability challenges.
Because we’re not limited by old ideas, we’ve designed a universal SaaS-based platform that outpaces all of these challenges to provide complete network visibility across your entire cloud-scale network infrastructure. Through a single portal and using a stream-based system that is unaffected by encryption, you get a unified view of your data, normalized, aggregated, and enriched with business and threat intelligence. Everything we build is API-driven, so you can supplement existing tools with real-time and retrospective attack detection capabilities you’ve never had before and manage it all through one platform. And we do it without hardware, without software, without installing anything, which leads to an incredibly fast return on investment.
At Netography, we recognize the world for what it is, not what we’ve known, and we build for that world. This is the startup life and where innovation happens.