Previous Blogs

April 3, 2018
Making AI Real

March 27, 2018
Will IBM Apple Deal Let Watson Replace Siri For Business Apps?

March 20, 2018
Edge Servers Will Redefine the Cloud

March 13, 2018
Is it Too Late for Data Privacy?

March 6, 2018
The Hidden Technology Behind Modern Smartphones

February 27, 2018
The Surprising Highlight of MWC: Audio

February 20, 2018
The Blurring Lines for 5G

February 13, 2018
The Modern State of WiFi

February 6, 2018
Wearables to Benefit from Simplicity

January 30, 2018
Smartphone Market Challenges Raise Major Questions

January 23, 2018
Hardware-Based AI

January 16, 2018
The Tech Industry Needs Functional Safety

January 9, 2018
Will AI Power Too Many Smart Home Devices?

January 2, 2018
Top Tech Predictions for 2018

2017 Blogs

2016 Blogs

2015 Blogs

2014 Blogs

2013 Blogs

TECHnalysis Research Blog

April 10, 2018
The New Security Reality

By Bob O'Donnell

On the eve of next week’s RSA conference, it’s worthwhile to take a step back to reconsider what security means in today’s tech world. While the show has traditionally concentrated on cybersecurity threats, in an age of YouTube campus shootings, autonomous automobile-related deaths, and nation-state-driven, influence-peddling social media campaigns, the conversations at this year’s show are likely to be much more wide-ranging.

Admittedly, it’s not realistic to think that all the major issues driving these new kinds of threats can be addressed in a single conference. Nevertheless, the reality of these threats dramatically highlights both the depth of influence that technology now has regarding all forms of security, and just how far the tech world has reached into more traditional physical and political notions of security. Tech-related security issues now affect everything and everyone in some way or other.

In light of this new perspective, it’s also important to rethink how tech-related security challenges get addressed. While individual company efforts will clearly continue to be important, it’s also clear now that the only way to effectively tackle these kinds of big issues is through cooperation among many players.

In the past, many companies have been reluctant to share the security issues impacting them for fear of being seen as naïve or unprepared. With large scale brand trust concerns at stake, as well as the egos and reputations of many proud security professionals, perhaps it wasn’t surprising to see these kinds of reactions.

Today, however, the simple fact is that every company of any size is getting digitally attacked on a daily basis in some form or another, and a huge percentage of companies have had at least some type of security compromise impact them—whether they’ve admitted it or not.

Given this troubling, but realistic, landscape, it’s time for companies to more aggressively seek to partner with others to address the enormous tech-related security challenges we all face. In some cases, that might be via sharing critical, or even potentially sensitive, data to ensure that others can learn from the challenges that have already occurred. For example, companies involved in testing autonomous cars ought to be sharing their results with others in the industry, instead of hording them and treating these results as a proprietary resource. For other situations, cooperation might take the form of a more open, willing, and proactive attitude towards sharing experiences and learning best practices from one another.

Regardless of the approach, it’s going to take some strength of corporate character and some new ways of thinking to effectively address these issues.

Interestingly, one of the better and more recent examples of this proactivity that I’ve witnessed is the effort that Intel made to contact and engage with some of its key competitors in the semiconductor space—AMD and ARM—when they learned about the Spectre and Meltdown bugs that plagued many modern CPUs.

In case you need a quick refresh, the Spectre and Meltdown issues essentially involve manipulating a characteristic of modern CPU design called speculative execution that’s been common in processors from these and many other companies for roughly two decades. As the story played out, Intel took the vast majority of the heat, despite the fact that many other large companies, including Apple and Google, had to deal with most of the same issues.

Part of the focus was (and still is) undoubtedly due to the fact that Intel is the largest semiconductor manufacturer in the world and traditionally known as the major CPU provider to many computing devices. But another reason is that Intel took the lead in publicizing the challenges and continually provided updates on remedies for them. In fact, the company helped coordinate one of the more impressive briefings I’ve been on in nearly 20 years as an analyst by pulling together Intel, AMD and ARM people on the same call to explain the news shortly before it was made public.

At the time, it was a bit shocking to have these competitors come together to discuss the issue, but in retrospect, I realize it was exactly the kind of effort that the tech industry is going to need moving forward to address the kind of big security issues we all will likely continue facing.

Instead of benefitting from taking a more proactive approach to these issues, Intel took a great deal of criticism in both the tech and general press, much of it unfairly from my perspective. The company has followed up with a series of commitments to security—including, notably a very public “security first” pledge from CEO Bryan Krzanich—and is using the challenges that the exploits created as a catalyst for building a full complement of better security solutions moving forward.

The process clearly isn’t an easy one, but given the harsh new security realities that we’re facing, it’s the kind of effort we’re going to need other tech companies to make as well.

Here's a link to the column:

Bob O’Donnell is the president and chief analyst of TECHnalysis Research, LLC a market research firm that provides strategic consulting and market research services to the technology industry and professional financial community. You can follow him on Twitter @bobodtech.

Leveraging more than 10 years of award-winning, professional radio experience, TECHnalysis Research participates in a video-based podcast called Everything Technology.
  Research Offerings
TECHnalysis Research offers a wide range of research deliverables that you can read about here.