By Robert Hackett
February 4, 2017

When I waded into the cyber-security world last year, the first thing that struck me was, my god, so many companies. We’re talking about hundreds and hundreds of vendors—and every one of them is quick to assure you they’re indispensable for preventing a looming cyber disaster.

An average business customer, however, lacks the time and money to sort the saviors from the snake oil. That’s why, in cyber, there’s a strong case for faith in big companies: They have the resources to protect your business and, if a new security bell or whistle emerges, they will know about it. Meanwhile, customers won’t waste their time with flash-in-the-pan products.

One believer in big is Amit Yoran, the new CEO of Tenable, which sells software that looks into all nooks of a network to spot potential threats. Yoran, a veteran of Dell, told me there are around 1,500 cyber-security companies, but that 97% of them are minnows with less than $20 million in revenue—and many lack a compelling business case.

“There’s a lot of features masquerading as products and products masquerading as companies,” he said, echoing a refrain you’ve heard if you’ve spent any time in Silicon Valley. He’s got a point and, if he’s right, a lot of these “companies” will be out of cash and blow away by the end of the year.

But there’s another side to the story, which is that minnows produce a lot of innovation. In my years covering tech, I’ve learned some big companies are only really good at one thing: being big. Pre-occupied with public relations and customer lock-in, they can overlook good ideas all around them.

This big versus little debate occurs in any industry, of course, but in cyber it matters more since security is at stake. Thoughts? Robert and I will be at RSA in San Francisco this month, and we’ll be glad to hear them—from Big Cyber and small startups alike.

Jeff John Roberts

@jeffjohnroberts

jeff.roberts@fortune.com

Welcome to the Cyber Saturday edition of Data Sheet, Fortune’s daily tech newsletter. You can reach Robert Hackett via Twitter, Cryptocat, Jabber (see OTR fingerprint on my about.me), PGP encrypted email (see public key on my Keybase.io), Wickr, Signal, or however you (securely) prefer. Feedback welcome.

SPONSORED FINANCIAL CONTENT

You May Like