Long-term business success comes not just from knowing your industry, but also from being an active participant in shaping that industry’s future. This allows you to create opportunities for future success in your security program, which lowers your business risks. The alternative is to simply make do with whatever the industry brings, which heightens your business risks—especially in an industry that is undergoing significant change, like the security industry.
Coopetition Breeds Benefits
In the 1980s, Novell founder Ray Noorda began asserting that networking industry companies should adopt a new strategy: cooperating with the competition. In Noorda’s words, “You have to compete and cooperate at the same time.” He coined the word “coopetition” to refer to this principle. Noorda’s attitude was that the network computing industry was huge and there were profit dollars available for all. He believed that if vendors cooperated on open standards and protocols, there would be more total profit than if companies tried to force their customers to choose sides in protocol wars.
The essence of “coopetition” is that you cooperate with others to increase the size of the pie, and then compete in cutting it up. This idea was brought to mainstream business by authors Barry J. Nalebuff and Adam Brandenburger in their 1997 book Co-opetition. Cooperation that helps build a larger overall market benefits everyone. Standards development is one such form of cooperation. It benefits security users as well as product and service providers.
Rich Anderson is president of Phare Consulting, a leading industry consulting group with a practice in convergence. Anderson, who has long been a proponent of open standards, explained, “The key end user benefit is the freedom to build the best solution possible for your situation using whatever manufacturer’s components make sense. You are not trapped buying obsolete add-ons from a vendor that does not offer today’s best answers. You also won’t be forced to ‘forklift’ a relatively new proprietary sub-system such as a DVR, just because you can’t get it to talk to the new integrated system you want to buy. Just as importantly, a standards-based solution takes much of the risk and expense out of integrating security systems to the rest of a company’s IT infrastructure. Not only is the task easier, but specifying standards that the IT department already understands makes project approval much less painful.”
Security end users can reach for these benefits by taking action to encourage open standards in our industry.
Refusing To Be Locked In
It is easy for any technology industry to become too strongly focused on products and too weakly focused on customers. One sign that our industry’s companies have fallen away from a value-based view is their reliance upon proprietary lock-in as a success strategy. Security programs of all types and sizes have fallen prey to this strategy for years, but it succeeds only for the short term. Sooner or later, users buy themselves out of locked-in situations, even if it only means getting locked into something better. And large organizations with big security programs sometimes simply refuse to be locked in.
Witness the U.S. government’s development of smart card interoperability standards, after repeated requests for them to the card industry fell on deaf ears. Once they’d developed the standards, the government refused to purchase non-complying products and systems. Security users have begun a revolt, sending the message that proprietary lock-in is out of hand.
The lack of security interoperability is being felt even more now, due to the trend towards enterprise-wide ID management for organizations that have a number of premises with employees in different locations, both nationally and globally. The incompatibility of systems in each company location can require employees and regular visitors to be re-identified and re-badged whenever they visit different premises. With multiple systems from multiple vendors, it can also be difficult and expensive for an organization to incorporate any new security technology, such as biometrics or digital video, across the enterprise.