- Dell clearly believes that security is an important strategic capability.
- There is no standard model for how large technology companies become leading security vendors.
Dell’s acquisition this week of SonicWALL got me thinking again about market consolidation and the geography of the security industry. What does it say (if anything) about the current state of the security industry that Dell feels the need to be a serious security player? That question leads to other important questions. How important is it for large IT technology vendors to have security expertise? Moreover, if they have that expertise, where should it live organizationally?
The meta-question here is: what do large IT technology vendors need to do well and what can they rely on partners to do well? All of that brings up Dell again. I hope no one is under the impression that Dell needed to own a security portfolio in order for it to be able to continue to sell into the mid-market. This was an enterprise play. It was also a converged data center play. Dell sees security as an important component to add to its bundle of servers, storage, and networking capabilities. One has to imagine that when Dell has looked at Cisco, IBM, and HP, it felt wanting in the security department. However, those three vendors have taken very different approaches to security. It would be hard to argue that there is a standard model here for dealing with customer security requirements. Perhaps the only common thread among those three Dell competitors from a security perspective is that they have all three made their share of mistakes over the years. (These sins include poorly advised or executed acquisitions, missed acquisitions, and poorly entering and exiting market segments.) I think the question of how much security large IT technology vendors need to do internally is still an open one. With the right management and event tracking framework in place, surely a best-of-breed approach is viable. Even though these vendors have attempted to take on a lot of security capabilities internally, it is still surprising that none of them have been particularly good at building out security technology partner ecosystems. Large IT technology vendors need to do a better job of creating solutions that third-party security products or services can easily plug into and help to drive more innovation in the security industry.