From the standpoint of selecting Innovators, this group is a tough one. The notion of security infrastructure is undergoing significant updating and we are not certain that the process is complete, let alone mature. The evaporation of the perimeter has made the idea of an infrastructure a bit fuzzy and, certainly, the notion of a surety infrastructure is an equally gray area. We did a quick Google search on the term and found that even experts could not agree on a definition. So with that crystal clear discussion – as kids would say, “not” – we're off to the races.
The evaporation of the perimeter has made the idea of an infrastructure a bit fuzzy...
What we decided to use as a benchmark was the notion that a security infrastructure comprises those things that impart security in the classic sense – confidentiality, integrity and availability – to the enterprise. We really don't care what the enterprise model is – it could be cloud-based, software data center, hardware data center, whatever – it still needs that good old C-I-A to make it secure. The systems that overlay the enterprise and enforce these functions in accordance with the enterprise security policy make up the security architecture. Feel free to disagree, of course...as there are so many definitions.
The two Innovators we have selected for this rather fuzzy designation approach security infrastructure differently but they follow our rule: One allows segmentation of a hybrid network – business and such functions as industrial control systems – into a secure whole. The other is a watchdog that ensures that the network does not change without the administrator knowing about it, and permits ongoing testing to make certain that effective controls and configurations are in place.
While the second Innovator may challenge our definition a bit, we must remember that part of the security process is assurance. Without assurance we have no confidence that the rest of the security architecture is behaving as expected. So, while the choice may seem to stretch a point, we are confident that the incumbent is a completely appropriate choice for this category. Besides, it's our definition, so we can apply it as we think appropriate. We do think that you'll agree, though.