CHANGE #2: Customers of the same security service, and other vested groups, will cooperate and evolve into communities.
Every company will find commonalities among their customers – the problems they’re trying to solve by coming to you, their wants and needs – and would reap great benefit from an open dialogue among customers, partners and other members of their ecosystem. But in the security industry, where privacy is so closely guarded and trust models don’t easily scale, there’s rarely communication that happens among these groups (what could constitute a “community.”) Not having this community and its resulting communication channel open, however, makes companies less efficient at meeting their customers’ needs, and customers less efficient at using security products and services to their maximum potential.
Communities do exist in security today, and while an integral part of research, sample sharing and data sharing, they’re very different from what I describe above. Usually these communities are very small groups of trusted individuals or consortiums of members. They conduct research that ultimately helps shape security products and define the need the products are addressing. Security companies first, and ultimately their customers, are the benefactor of these communities because they see the resulting improvements in products – detection and coverage of threats. But the communication model is unidirectional – from small research community to company – and it excludes both perspective and contributed data from actual customers, who might have an entirely different need than research is suggesting the product address.
Imagine how much more advancement could happen if that unidirectional communication model evolved into a multidirectional one that involved the company, research groups, partners and multiple customers that are actually using the service.
We believe that communication in security needs to shift from the traditional, unidirectional company-to-client relationship, to a multidirectional community model. Of course the need for trust remains, however it has to evolve from today’s operandi. Companies that can create and foster communities across customers, prospects, partners, and other important entities can disrupt today’s world by offering faster response, more accurate classification and coverage, and better intelligence.
To those individuals tasked with managing security for your company: What are your thoughts? Can you see the benefit of what’s proposed above? Would you be interested in an open, ongoing dialogue about the security services you run on your network with other vested individuals?
Next up: Collect and React —> Realtime Adapt