As the print and binding date for Security Yearbook 2023 approaches (Thursday!), I am thinking about how it has evolved. In addition to the history of our industry from the perspective of one industry analyst, it has become a collection of the personal stories of the men and women pioneers who had outized impacts on its development.
Because of an early print date the official book launch for SY2023 will be at BlackHat. Drop by Cymulate’s booth (#2934) Wednesday the 9th of August at 2:30 where I will be signing free copies.
I am going to sign all the preorderd books this week too. Remember, this is the last edition to be published by IT-Harvest Press. Next year the series continues as a Wiley book.
Let’s talk about those pioneers, starting with Gil Shwed who founded Check Point Software along with Marius Nacht and Shlomo Kramer. Nacht and Kramer are still active investors and entrepreneurs. Gil is still CEO of Check Point—a thirty year run! His story formed the anchor to the 2020 edition. These three founders created the market for commercial firewalls and along the way built the security channel that exists today.
Another founding pioneer is Eva Chen. She relates that she was considering a career in sports writing in 1988 when her sister, Jenny, and brother-in-law Steve Chang, asked her to open the Taiwan office for their Los Angelas startup, Trend Micro. Eva became CEO in 2005 and still leads the last of the Big Three AV companies left standing. Under her leadership Trend Micro has evolved and grown through innovation, a path abandened by Symantec and McAfee which grew by acquisition.
QuickHeal too has evolved since Kailash Katkar started a computer repair business in India. As more computer issues arose from viruses he joined forces with his brother with one of the first AV products in 1995.
When I first announced on Linkedin that I was writing a history of the IT security industry the most frequent suggestion was “Tell the story of RACF!” because many people felt nostalgic for the time of mainframes and a postive security model based on identity. I tracked down Barry Schrager to capture his story.
Schrager was working within a university IT department and attending the SHARE user group meetings for mainframe computers. He put together a presentation of his ideas meant to address a looming problem of students and staff messing with each other’s files. Shortly after, IBM introduced RACF (Resource Access Control Facility) for their systems. But Schrager felt RACF did not even come close to implementing the controls he envisioned, so he commercialized his ideas with ACF2 (Access Control Facility2). He saw rapid adoption by the US government, starting with the CIA, and General Motors. But then CA began giving away its product, Top Secret, bundled with its other software. While ACF2 and later versions of RACF were resource- centric (based on who can access each file or service), Top Secret was user-centric (based on what resources a user can access). Schrager describes it as two approaches with the same result. He eventually sold ACF2 to a small company that was immediately snapped up by CA.
To fill out the chapter on Identity this year we added the story of Venkat Raghavan who had a succesful career at IBM and is an invester and entreprenuer. Today he is CEO of Stack Identity.
Marty Roesch, CEO of Netography, was kind enough to provide his story of the creation of SNORT and Sourcefire. He may have pulled his punches when referring to a certain Gartner analyst. :-)
Also hear from:
Chris Blask about the early days of Borderware and the invention of NAT.
Debbie Taylor Moore on her experience at IBM, Microsoft, and Netsec.
Sandra Toms on here years of shepharding the RSA Conference into the powerhouse it is today.
David Cowan on the creation of Verisign.
Ron Moritz on his times at CA, Finjan, and Symantec.
Renaud Deraison on the creation of Nessus.
And Amit Yoran, founder of Riptech, one of the first MSSPs.
The Yearbook project continues. This year I will be interviewing more pioneers for inclusing in SY2024. Who would you like to see?
Good stuff Richard! Great topic for inclusion. You’d be remiss in not including friends in the L0pht, who were also former colleagues of mine a bit later.
This is great work, really a model for many other market segments too!